← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #16050

[Bug 1312467] Re: On external networks with multiple subnets, routers need onlink routes for all subnets

  Thread PreviousDate PreviousThread Next 
** Changed in: neutron
       Status: Fix Committed => Fix Released

** Changed in: neutron
    Milestone: None => juno-1

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1312467

Title:
  On external networks with multiple subnets, routers need onlink routes
  for all subnets

Status in OpenStack Neutron (virtual network service):
  Fix Released

Bug description:
  This subject came up on IRC here [1]. It relates to the blueprint
  about pluggable external network connections and so I jumped in.

  There are two reasons that using multiple external networks to allow multiple floating ip subnets [2] is not optimal.
  - Extra L2 infrastructure needed.
  - A neutron router cannot have a gateway connection to more than one external network. So, floating IPs wouldn't be able to float as freely as we'd like them to.

  I cracked open devstack and started playing with it. I tried this
  first just to add a second subnet full of floating IPs.

  neutron subnet-create ext-net 10.224.24.0/24 --disable-dhcp

  In devstack, I needed to add a "gateway router". I did this by adding
  an IP to the br-ex interface. In a real cloud, we'd need to configure
  the upstream router as a gateway on the second subnet.

  sudo ip addr add 10.224.24.1/24 dev br-ex

  At this point, I was able to get a router to host floating IPs on both
  subnets! Pretty cool! I was very surprised it worked so easily.

  There is one bug which this bug report addresses! Traffic between
  floating IPs on the second subnet went up to the router and then back
  down. The upstream router sent ICMP redirect packets periodically back
  to the Neutron router sourcing the traffic. These did the router no
  good because what it really needed to know was that the IP was on link
  but the upstream router couldn't tell it that.  Some upstream routers
  may not be configured to send redirects or route back through the port
  of origin.

  The answer to this is to add an on-link route for each subnet on the
  external network to each router's gateway interface. This will require
  an L3 agent change but should not be very difficult.

  [1] http://eavesdrop.openstack.org/irclogs/%23openstack-neutron/%23openstack-neutron.2014-04-08.log starting at 2014-04-08T23:23:51 (near the bottom)
  [2] http://docs.openstack.org/admin-guide-cloud/content/adv_cfg_l3_agent_multi_extnet.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1312467/+subscriptions

References

  Thread PreviousDate PreviousThread Next