Ask Your Question
0

what's FIP net-ns for in the DVR

asked 2015-10-10 07:28:51 -0500

Maple Wang gravatar image

I just start to try kilo with DVR, and the SNAT and FIP net-ns are introduced as DVR is used, I can understand why SNAT net-ns exist, but what's FIP net-ns for?

Internal router still handle the SNAT/DNAT if the floating IP is assiagned as before, but why the next hop is different net-ns like FIP, I don't see any special handling in the FIP, in opposite, for every floating IP, there is a static route like "10.10.10.20 169.254.31.28 255.255.255.255 UGH 0 0 0 fpr-05656c3a-8" to guide incoming traffic from FIP to router, so why not directly connect route to br-ex?

who knows reason the FIP is introduced? thanks in advance.

edit retag flag offensive close merge delete
add a comment

2 answers

Sort by ยป oldest newest most voted
0

answered 2015-10-11 05:10:55 -0500

Maple Wang gravatar image

updated 2015-10-11 05:13:15 -0500

Hi,

Thanks for your reply, they are really good posts, I guess I have answer now. It's true that FIP namespace is used for proxy ARP, but in old way(centralized router), there is also interface in qrouter namespace for that, so why not keep the old way? the answer is saving the floating IP. If we use the old way, every DVR router which handle floating IP in same compute node will have an extra external IP from floating IP range to do ARP proxy point, it will waste floating IPs. Now there is FIP namespace used to provide unified ARP proxy point, no matter how many routers in same compute node, they are all connected to FIP namespace, it only cost one floating IP to do ARP proxy.

edit flag offensive delete link more
add a comment
0

answered 2015-10-10 15:30:07 -0500

dbaxps gravatar image

updated 2015-10-10 16:00:23 -0500

Consider this as comment rather then an answer
See
1. http://assafmuller.com/2014/02/23/ml2...
2. http://assafmuller.com/2014/05/21/ovs...
3. http://blog.gampel.net/2014/12/openst...

In particular:-
the fg-<portid> act as a proxy ARP  for the DVR namespace.

4. http://blog.gampel.net/2015/01/openst...

My guess is :-
DVR does need l2_population && arp_responder. Fip-namespace is needed to get all three things working together.
On your way DVR would be unable to relay on L2pop, but L2pop is useful thing per [1]. L2pop in turn requires arp_responder [2].

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2015-10-10 07:28:51 -0500

Seen: 719 times

Last updated: Oct 11 '15

Related questions

Why is Liberty Neutron DVR so slow?

Neutron not able to telnet to google

Neutron net-create HTTP503 Error

faild to start neutron-server.service [closed]

why the 'routes' in 'neutron router-show' is empty?

Instance receiving traffic but not responding?

'neutron agent-list' show nothing

Unable to delete neutron port [closed]

kolla-ansible creating br-ex on compute node

Enable distributed virtual routing (DVR) juno