On Mon, Feb 15, 2016 at 2:02 PM, Russell Bryant <russ...@ovn.org> wrote: > On 02/01/2016 01:19 PM, Amitabha Biswas wrote: >> This is a proposal regarding how Floating IP will be supported in >> OpenStack using OVN. >> >> The complete proposal can also be found at >> https://review.openstack.org/#/c/274274/. >> >> The additions proposed to the OVN Northbound Schema and Southbound Flows >> are outlined here as well. The proposal assumes the availability of >> conntrack NAT support in kernel. >> >> OVN Floating IP Design and Setup >> ================================ >> >> OpenStack/Neutron provides support for "Floating IP" where a VM/container >> can be accessed from the external network using that "Floating IP" >> assigned >> to the VM. Neutron provides a 1-1 mapping between the "Fixed IP" assigned >> to >> the VM and the "Floating IP". >> >> Floating IP support for OVN is provided by utilizing the NAT capabilities >> provided by OVS. Inbound traffic is DNATed (Floating IP --> Fixed IP) and >> outbound traffic is SNATed (Fixed IP --> Floating IP). >> >> In the example below Fixed IP=10.1.1.5 is mapped to FloatingIP=172.16.0.5 >> >> OVN Bridge Setup >> ---------------- >> >> ------------ ------------ >> | VM | |FloatingIP| >> | 10.1.1.5 | |172.16.0.5| >> | MAC[VM] | | MAC[FIP] | >> ------|----- -----|----- >> | [UP] [UP] | >> ----------|----------------------------------------------------|-------- >> | ---------------- | | >> | | LSwitch | (BR-INT) | | >> | | 10.1.1.X | | | >> | | | | | >> | |L2 Flow Tables| | | >> | ---------------- | | >> | \ | | >> | lRouterPort \ lRouterPortExt | | >> | 10.1.1.1 \ --------------------- | 172.16.0.2 | | >> | MAC[PrvtRtr] \ { } | MAC[ExtRtr] | | >> | \| LRouter | | | | >> | | | | ------------------ | >> | | Flow Tables | \ / | LSwitch | | >> | | 10.1.1.X (Prv) |-------| (EXT) | | >> | | 172.16.X.X (Ext) | | | | >> | { 0.0.0.0 (Wildcard)} | L2 Flows | | >> | --------------------- |(diff from norm)| | >> | -----------------| | >> | (localnet) | | >> | (port) | | >> ----------------------------------------------------------|------------- >> | >> ------------------ >> | | >> | (BR-EXT) | >> | | >> ------------------ >> | >> chassis | >> [172.16.0.4] >> --------- | >> To Internet | | Physical Net | >> <-------------| Phy |--------------------------------- >> ... >> | Router| 172.16.0.1 (default gateway) >> | | >> --------- > > Thank you very much for your work on this. I believe you said you had > some code for this already? What's your plan for the code? Are you > waiting for the various pre-requisites to be merged first? (NAT > support, OVN ARP) > > This proposal covers the case where we have floating IPs assigned > directly to a hypervisor. That model seems beneficial primarily because > it avoids needing to send all traffic through a gateway node. This is > what Neutron supports today if you have DVR enabled. > Yes, the main benefit is the removal of the central gateway node.
> We've also been discussing an OVN gateway solution. I think we should > figure out exactly how this proposal works with that. Would we also > support floating IPs on OVN gateways instead of on each hypervisor? > > It seems that as long as we keep the logical and physical separation, > the same northbound db configuration could be implemented both ways, > depending on how the physical side has been configured (localnet ports > like today, or a gateway). > I agree here. I also think figuring out how this solution works with the GW solution is critical. I think this email thread ties into the other thread Matt started [1] as well. This stuff is critically important to get broader OVN adoption inside of OpenStack. [1] http://openvswitch.org/pipermail/dev/2016-February/066102.html >> OVN NorthDB Changes >> =================== >> >> Map from VM Fixed IP to Floating IP, new options field in lport. >> >> Logical_Port TABLE >> ------------------ >> >> Type: >> floatingip: A port representing a Floating IP. >> router-external: A connection to an External Logical Router. > > What is router-external used for? Is default_gw on Logical_Router not > enough? > > Do you have an example workflow that shows how you would use this? > >> >> Options: >> Options for floating ip ports: >> options: floatingip-port optional string >> Required: The name of Logical_Port to which this Floating >> IP port is connected. > > > > -- > Russell Bryant > _______________________________________________ > dev mailing list > dev@openvswitch.org > http://openvswitch.org/mailman/listinfo/dev _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
