Asking again: Openstack "Newton" all-in-one with provider networks

asked 2017-07-24 10:40:08 -0500

tiger gravatar image

I have set up Openstack "Newton" on one physical host. I have gotten "self-service" networking to work. Two private networks, 10.0.0.0/24 and 10.0.1.0/24 along with one external 192.168.140.0/24. A router binds them together. External is "flat". Private is "vxlan". A route on the host grants access from the outside to the private without "floating" IP.

Want to simplify this a bit by granting the VM access to the physical host interfaces (em1, em2) and VLANs like em1.100, etc.

So if em1's network address is 192.168.140.100/24, subnet 192.168.140.0/24 and gateway 192.168.140.1 I want spun up VMs to be able to have alias addresses .101, .102, .103, etc.

The outside world then will try to access .101, send an ARP, something replies with ARP reply, then the VM see the traffic directly. Everything I read ends up going down the rabbit hole of floating IPs which will not work when there is application-layer IP addresses that NAT will not touch. NAT will fix the layer-3 IP address, but the application layer IP will be wrong, hence the need for a simpler / cleaner / less-wacked-out networking scheme.

Hoping someone can help, thanks.

edit retag flag offensive close merge delete

Comments

Hi, if i am not wrong, with the flat external network, the network traffic(while using floating IPs) is visible to all other hosts in the network. But with VLAN model of external network, then you will be having isolation of traffic.--Regards

CloudEnthusiast gravatar imageCloudEnthusiast ( 2017-07-25 03:09:50 -0500 )edit

You may be right but I am trying to avoid floating IPs! I should be able to boot up an instance with "--nic net-id=xxxxxx" specifying a provider network and thus avoid private networks, routers and floating IPs

tiger gravatar imagetiger ( 2017-07-25 17:07:29 -0500 )edit