openstack team mailing list archive

Thread
Date

Re: Create Route to physical net

To: "openstack@xxxxxxxxxxxxxxxxxxx" <openstack@xxxxxxxxxxxxxxxxxxx>
From: Robert van Leeuwen <Robert.vanLeeuwen@xxxxxxxxxxxxx>
Date: Thu, 11 Apr 2013 13:19:08 +0000
Accept-language: en-US, nl-NL
In-reply-to: <5166B1F5.8070407@honeybutcher.de>
Thread-index: AQHONrN8/rolwr9SSki0KYN7pQGoHJjQ+eo0
Thread-topic: [Openstack] Create Route to physical net

> i'm running OpenStack grizzly with quantum and all stuff. All is running
> fine but i'm trying to get a connection from each fixed_network
> (namespaced) to a physical network.
>
> My problem is to get a connection between a router (namespace) and the
> physical interface.

Did you setup a quantum l3-router?
http://docs.openstack.org/folsom/openstack-network/admin/content/use_cases.html
http://docs.openstack.org/folsom/openstack-network/admin/content/l3_router_and_nat.html


There are some options described to get connectivity, basically use SNAT or Floating IP pools to get access.
We are running in a more adventurous mode  ( I have not seen any documentation on this but it works) without NAT.
We do this because it is an private cloud and we just want to allow employees to access their cloud virtuals without any further configuration.
Our physical router/firewall is setup to forward all traffic for our private networks segments (we defined a range for this) to the quantum-l3-router.
The l3-router has an interface in all networks that needs this connectivity.
We setup some Policy Based Routing rules to make everything works and not allow traffic between tenants without going through our firewall.
Maybe not the most elegant solution but it works.

Cheers,
Robert van Leeuwen

References

Create Route to physical net
From: Heiko Krämer, 2013-04-11