Jacob, I don't have your original email from which to reply. So, hopefully this finds you just as well. The bad news is that I don't have an immediate answer to address this. However, I thought it was worth mentioning where the future may lead.
I have been thinking about the scenario that you describe for a while now. I've started to write blueprints for Liberty to address this. The first blueprint specification [1] describes adding private backing subnets to an external network. Initially, I'll use this capability to eliminate public IP waste in distributed routers. I'm writing a follow-on blueprint to this that will leverage it to eliminate the virtual routers' dedicated public IP addresses completely. Routers' gateway addresses will then be allocated only from the private subnet. I haven't posted the specification yet but will try to post it today. Your infrastructure will have to provide your own SNAT to the internet from these private addresses but it sounds like you've already an idea for that based on your description: > We want to have: instance -> (gateway IP) virtual router NAT (private IP) -> > (private gateway) router NAT (this NAT provided by your infrastructure). If we can manage to implement these two blueprints in Liberty then we would have the perfect solution for you. Carl [1] https://review.openstack.org/#/c/172244/ _______________________________________________ OpenStack-operators mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
