yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #73589
[Bug 1766380] Re: [RFE] Create host-routes for routed networks (segments)
Reviewed: https://review.openstack.org/573897
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=8361b8b5aebad4df3c1012952d9a87b936fef326
Submitter: Zuul
Branch: master
commit 8361b8b5aebad4df3c1012952d9a87b936fef326
Author: Harald Jensås <hjensas@xxxxxxxxxx>
Date: Sat Jun 9 02:46:56 2018 +0200
Routed Networks - peer-subnet/segment host-routes (2/2)
Ensure that host routes are maintained for each subnet within
a network. Subnets associated with different segments on the
same network get host_routes entries added/removed as subnets
are created, deleted or updated.
This change handle the host_routes for the peer subnets on the
same network when a subnet is created or deleted.
Also adds a shim api extension.
APIImpact: Host routes are now calculated for routed networks.
Closes-Bug: #1766380
Change-Id: Iafbabe6352283e7f1a535a7b147bd81fb32f0ed1
** Changed in: neutron
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1766380
Title:
[RFE] Create host-routes for routed networks (segments)
Status in neutron:
Fix Released
Bug description:
When using routed networks[1] on an instance connected to multiple
networks the traffic from a segment_a to segment_b within a L3 network
might be routed via a different network if the default router/gateway
is not on the interface connecting to the routed network.
It would be good to (at-least have an option to) automatically
configure host_routes on the subnets in a routed L3 network. In such a
way that traffic with a destination on a different segment within the
same L3 network is routed via the instance interface connecting to the
same L3 network.
Example:
instance_a:
- port_a: some_net, segmentX, some_net_subnet <-- default gateway
- port_b: net1, segmentA, subnetA
instance_b:
- port_a: other_net, segmentY, other_net_subnet <-- default gateway
- port_b: net1, segmentB, subnetB
Unless a host-route is in place, traffic from instance_a to instance_b
will use some/other-net, not net1 which both is connected to.
This RFE is to have the host_routes property on the subnets withing
net1 populated, so that clients are aware of neighbour L3 networks.
An example configuration:
-------------------------
First Create some_net and other_net:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
$ openstack network create \
--provider-network-type flat \
--provider-physical-network some_phys_net some_net
$ openstack network create \
--provider-network-type flat \
--provider-physical-network other_phys_net other_net
$ SOME_NET_SEGMENT_ID=$(openstack network segment list \
--network some_net -f value -c ID)
$ OTHER_NET_SEGMENT_ID=$(openstack network segment list \
--network other_net -f value -c ID)
$ openstack subnet create \
--network-segment $SOME_NET_SEGMENT_ID \
--network some_net \
--ip-version 4 \
--subnet-range 192.168.20.0/24 \
--dhcp \
--gateway 192.168.20.1 \
some_net_subnet
$ openstack subnet create \
--network-segment $OTHER_NET_SEGMENT_ID \
--network other_net \
--ip-version 4 \
--subnet-range 192.168.30.0/24 \
--dhcp \
--gateway 192.168.30.1 \
other_net_subnet
Create net1, with two segment (segmentA and segmentB):
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
$ openstack network create \
--provider-network-type flat \
--provider-physical-network net1_segmentA \
net1
$ NET1_SEGMENTA_ID=$(openstack network segment list \
--network net1 -f value -c ID)
$ openstack network segment set --name net1_segmentA $NET1_SEGMENTA_ID
$ openstack network segment create \
--network-type flat \
--physical-network net1_segmentB \
--network net1 \
net1_segmentB
Create two subnets associated with different segments on net1:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
$ openstack subnet create \
--network-segment net1_segmentA \
--network net1 \
--ip-version 4 \
--subnet-range 192.168.100.0/25 \
--dhcp \
subnetA
$ openstack subnet create \
--network-segment net1_segmentB \
--network net1 \
--ip-version 4 \
--subnet-range 192.168.100.128/25 \
--dhcp \
subnetB
<pseudo-command> $ openstack server create \
--network some_network \
--netowork net1 \
instance_a
<pseudo-command> $ openstack server create \
--network other_network \
--netowork net1 \
instance_b
NOTE: Assume instance_a is scheduled on a compute with bridge mapping
to physical network net1_segmentA, and instance_b is scheduled to a
compute with bridge mapping to physical network net1_segmentB.
What we end up with is traffic within net1 (the routed network) is
routed via the default gateway on some_net/other_net.
The cloud user most likely does not know that net1 is a routed
network, and expect traffic within net1 _not to be_ routed via some
/other-net.
To solve this problem neutron should do the equivalent of:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
$ openstack subnet set \
--host-route destination=192.168.100.128/25,gateway=192.168.100.1 \
subnetA
$ openstack subnet set \
--host-route destination=192.168.100.0/25,gateway=192.168.100.129 \
subnetB
^^ Would make DHCP agents advertise the routes within net1 to clients,
making traffic destined for other segments on net1 take a path via a
route within net1 (within the routed network).
I believe it would make sense to automate this, so that when
additional subnets on additional segments are added the new
destination is appended to the host routes.
[1] https://docs.openstack.org/neutron/latest/admin/config-routed-
networks.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1766380/+subscriptions
References
