> As you can see it isn’t trivial. I guess you refer to the overlapping cidrs. I am afraid that some responsibility here will have to lay with the domain admin(s). If we limit inter vpc networks to one domain we can enforce the ip ranges not to overlap.
the routing problem is tackled by a next hop field near the cidr. I am sure I am missing some other non trivial challenges. On Fri, May 23, 2014 at 7:23 PM, Chiradeep Vittal <chiradeep.vit...@citrix.com> wrote: > I guess the ‘proper’ way to have done this would be to have a > ‘createPrivateGateway’ API that is independent of the vpc and a > attachPrivateGateway that attaches it to the vpc. > > Re: next hop, I’d like to see an FS for this feature. It seems to me that it > is very similar to VPC peering (http://goo.gl/Y7tNkM). > As you can see it isn’t trivial. > > From: Daan Hoogland <daan.hoogl...@gmail.com> > Date: Friday, May 23, 2014 at 2:06 AM > To: Chiradeep Vittal <chiradeep.vit...@citrix.com>, Alena Prokharchyk > <alena.prokharc...@citrix.com>, Sheng Yang <sheng.y...@citrix.com>, Alex > Huang <alex.hu...@citrix.com> > Cc: "dev@cloudstack.apache.org" <dev@cloudstack.apache.org> > Subject: [DISCUSS] vpc gateway networks are guestnetworks > > Hi, > > please considder this ugly peace of my work I am now compiling into > cloudstack master VpcManagerImpl.createVpcPrivateGateway(..) that will > fix a bug: > > { // experimental block, this is a hack > // set vpc id in network to null > // might be needed for all types of broadcast domains > // the ugly hack is that vpc gateway nets are created as > guest network > // while they are not. > // A more permanent solution would be to define a type of > 'gatewaynetwork' > // so that handling code is not mixed between the two > NetworkVO gatewaynet = _ntwkDao.findById(privateNtwk.getId()); > gatewaynet.setVpcId(vpcId); > _ntwkDao.persist(gatewaynet); > } > > the problem I want to solve is that vpc routers, when restarting > assign the ip of the gateway to their gw-interface [1]. this is a ip > conflict and it has bitten us. My first take was to create the network > without passing the vpc id but that lead to all kinds of errors so I > reverted. It seemed cleaner then this solution I am scheming for now. > If this doesn't lead to obvious errors in my environment I will commit > and be happy to again revert when integration tests fail. It is in any > case not a permanent solution. > > Question: should the network for gateways be a special type that is > handled almost the same as guest network (except for in this case) or > is more refactoring needed? > in any case I think this is something that will have to be dealt with soon. > > One consideration on the side: I want to add a next-hop field to the > cidrs on the gateway so that it is possible to create a network with > more vpcs that direct traffic to each other. The use case for this is > a vpc for a customers mangement network connected to one for > production and one for acceptance and one .... > > please flame, criticize or pose your questions > > [1] https://issues.apache.org/jira/browse/CLOUDSTACK-6485 > > -- > Daan > -- Daan
