← Back to team overview

openstack team mailing list archive

Re: Floating IP is wasting IP resources

 

I agree with you. I'd be interested to know if anyone else has run into
this issue and their solution.

Here's what I'll be trying to implement to get around this:

I have an incoming trunk connection that carries two vlans: a public IP
subnet and private subnet. I have them configured as two bridges in OVS:
br-nat (the private subnet) and br-floating (the public subnet).

Right now I have one L3 service working with br-nat. Users can create
routers, set a default gateway, and get outgoing nat'd access to the
internet. Since the subnet is private, I can easily configure this L3
service with a large allocation pool.

Yet to be implemented: the br-floating L3 service. This will be a smaller
pool that will be restricted via quotas. Users will have to be more
conservative with access to this service (maybe by creating an instance
which will act as a port-forwarding firewall to an internal subnet).

This places more work on the user compared to the nova-network vlanmanager
workflow. However, I feel the ability to create multiple internal
per-project subnets is a decent tradeoff.

If this doesn't work out or if this ends up being to complicated for users,
I'll probably go with the "Provider Router with Private Networks" use case (
http://docs.openstack.org/grizzly/openstack-network/admin/content/use_cases_single_router.html
).



On Thu, May 2, 2013 at 4:06 AM, 陈雷 <raid.chan@xxxxxxxxx> wrote:

> Recently I'm test floating IP on version Grizzly, I found the mechanism of
> floating IP is a little of wasting public IP addresses.
>
> In some circumstance, like public cloud environment. there is only one
> user in one project (tenant). If the user want to using floating IP,  he
> has to create an router and set a gateway for it, this process  will occupy
> one additional public IP address. So the whole process of floating IP will
> use 2 public address at least.
>
> So my question is, are there any ways to avoid this?
>
> Thanks
> Ray
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
>
>


-- 
Joe Topjian
Systems Administrator
Cybera Inc.

www.cybera.ca

Cybera is a not-for-profit organization that works to spur and support
innovation, for the economic benefit of Alberta, through the use
of cyberinfrastructure.

Follow ups

References