# Avoid routing every network trafic to Network Node

Hi,

As I understood how Openstack and network are working together. In a multi node environment, every network traffic from the nova instance is sent to the network node which decides where and how to forward it. Meaning that if my network node goes down my instances don't have access to the Internet and the network node is the bottleneck.

So my question is the following: if I have instances that does a lot of I/O to the public network (Internet) is there any way to avoid the instance network traffic to always go through the network node? I do not need to access instances from the Internet but I'd like the instance to access Internet without going through the network node.

Thank you.

edit retag close merge delete

Sort by » oldest newest most voted

Originally addressed in Juno , stabilized during Kilo cycle - that is DVR (Distributed Virtual Routing).
In Mitaka DVR has new advanced features .
See RDO Liberty DVR Neutron workflow on CentOS 7.2
In Mitaka release you may create neutron router which is HA and Distributed at a time :-
HA support for DVR centralized default SNAT functionality on RDO Mitaka Milestone 3

Keepalived daemons  are running inside SNAT namespaces on each one of 2 Network Nodes, which actually are  working as fail-over cluster. Details in link above


The reason is that Neutron DHCP agent may run only on Network or Controller/Network , but not on Compute. That is why Neutron/Network HA solution may be provided by 2 Network Nodes ( Mitaka) either 3 Nodes HA Controller/Network (pacemaker,corosync,HAProxy, MariaGaleraDB) . The last configuration provides complete protection for landscape running each Compute in DVR mode, but I am not sure that Triple0 provides this configuration in meantime. You would better consult Mirantis (automated puppet based setup) or RH (Triple0 setup ) in regards of getting fulll protection, in case if it comes to major concern. Neutron/Network HA && DVR on each Compute node setup is pretty straight forward on RDO Mitaka and well tested (see second link been provided && uploaded picture)

more