> From: Daniel Comnea <comnea.d...@gmail.com> > To: Jacob Godin <jacobgo...@gmail.com> > Cc: Mike Spreitzer/Watson/IBM@IBMUS, OpenStack Operators <openstack- > operat...@lists.openstack.org> > Date: 04/15/2015 02:34 AM > Subject: Re: [Openstack-operators] [Neutron] Floating IPs / Router Gateways > Sent by: daniel.com...@gmail.com > > Mike, pls share the solution, some are interested even if is a hack > as long as it gets the job done. >
> > On Tue, Apr 14, 2015 at 10:24 PM, Jacob Godin <jacobgo...@gmail.com> wrote: > Hey Mike, > > Would you send along your solution off-list? I'm curious, and I won't judge :) > > On Tue, Apr 14, 2015 at 6:22 PM, Mike Spreitzer <mspre...@us.ibm.com> wrote: > Jacob Godin <jacobgo...@gmail.com> wrote on 04/14/2015 05:12:48 PM: > > > Absolutely. We're trying to reduce our public IPv4 usage, so having > > one per tenant network (not even including floating IPs) is a drain. > > I am having exactly the same issue. I am currently solving it with > a different hack that nobody likes, I will not even describe it > here. But total agreement that the problem is important. > > IPv6 is the ultimate answer, provided there is a reasonably smooth > transition. I think we will need to support a tenant that is using > both v4 and v6 during his transition. This will require NAT between > a tenant's v4 and v6. > > Regards, > Mike OK, you asked for it. What we do is share Neutron routers, and add some iptables rules that prevent communication between the tenants sharing a router. I told you it was a hack. Regards, Mike
_______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
