Ask Your Question

Revision history [back]

subnet host routes update

Hi guys,

if it possible update the host routes for a subnet ? I tried it

neutron subnet-update 71f4da61-145d-4ad4-817b-d38db1a3e787 --host_routes type=dict list=true destination=10.255.255.0/24,nexthop=10.0.200.254

And look into the subnet

neutron subnet-show 71f4da61-145d-4ad4-817b-d38db1a3e787
+------------------+---------------------------------------------------------------+
| Field            | Value                                                         |
+------------------+---------------------------------------------------------------+
| allocation_pools | {"start": "10.0.200.2", "end": "10.0.200.254"}                |
| cidr             | 10.0.200.0/24                                                 |
| dns_nameservers  | 109.234.108.234                                               |
|                  | 109.234.109.234                                               |
|                  | 8.8.8.8                                                       |
| enable_dhcp      | True                                                          |
| gateway_ip       | 10.0.200.1                                                    |
| host_routes      | {"destination": "10.255.255.0/24", "nexthop": "10.0.200.254"} |
| id               | 71f4da61-145d-4ad4-817b-d38db1a3e787                          |
| ip_version       | 4                                                             |
| name             | testing-sub1                                                  |
| network_id       | 07240086-6011-46c6-a3c3-51edffecc5c6                          |
| tenant_id        | d4e1c14691d841f6b53a24b6c4c42a0e                              |
+------------------+---------------------------------------------------------------+

Looks fine and here the port:

neutron port-show 4da1f23c-9d5e-4406-9ae0-0b810f80a22e
+-----------------------+-------------------------------------------------------------------------------------+
| Field                 | Value                                                                               |
+-----------------------+-------------------------------------------------------------------------------------+
| admin_state_up        | True                                                                                |
| allowed_address_pairs |                                                                                     |
| binding:capabilities  | {"port_filter": true}                                                               |
| binding:host_id       | net1                                                                  |
| binding:vif_type      | ovs                                                                                 |
| device_id             | 2539464a-2fcd-4025-863f-87d871c329b7                                                |
| device_owner          | network:router_interface                                                            |
| extra_dhcp_opts       |                                                                                     |
| fixed_ips             | {"subnet_id": "71f4da61-145d-4ad4-817b-d38db1a3e787", "ip_address": "10.0.200.254"} |
| id                    | 4da1f23c-9d5e-4406-9ae0-0b810f80a22e                                                |
| mac_address           | fa:16:3e:5d:aa:e4                                                                   |
| name                  |                                                                                     |
| network_id            | 07240086-6011-46c6-a3c3-51edffecc5c6                                                |
| security_groups       | 0799273c-44f2-4ce0-bed8-6c7c41b8f0c3                                                |
| status                | ACTIVE                                                                              |
| tenant_id             | d4e1c14691d841f6b53a24b6c4c42a0e                                                    |
+-----------------------+-------------------------------------------------------------------------------------+

This port is attached to an other router (not this tenant router). Anyway, i can't see any routes btw. any iptables rules on the gateway / router

ip netns exec qrouter-df1ef401-2cb4-4f8b-86aa-7947c32c4f67 iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
neutron-l3-agent-PREROUTING  all  --  anywhere             anywhere            

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
neutron-l3-agent-OUTPUT  all  --  anywhere             anywhere            

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
neutron-l3-agent-POSTROUTING  all  --  anywhere             anywhere            
neutron-postrouting-bottom  all  --  anywhere             anywhere            

Chain neutron-l3-agent-OUTPUT (1 references)
target     prot opt source               destination         
DNAT       all  --  anywhere             xxxxx         to:10.0.200.5
DNAT       all  --  anywhere             xxxxx         to:10.0.200.10

Chain neutron-l3-agent-POSTROUTING (1 references)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere             ! ctstate DNAT

Chain neutron-l3-agent-PREROUTING (1 references)
target     prot opt source               destination         
REDIRECT   tcp  --  anywhere             169.254.169.254      tcp dpt:http redir ports 9697
DNAT       all  --  anywhere             xxxx         to:10.0.200.5
DNAT       all  --  anywhere             xxxx         to:10.0.200.10

Chain neutron-l3-agent-float-snat (1 references)
target     prot opt source               destination         
SNAT       all  --  10.0.200.5           anywhere             to:xxxx
SNAT       all  --  10.0.200.10          anywhere             to:xxxxx

Chain neutron-l3-agent-snat (1 references)
target     prot opt source               destination         
neutron-l3-agent-float-snat  all  --  anywhere             anywhere            
SNAT       all  --  10.0.200.0/24        anywhere             to:xxxx

Chain neutron-postrouting-bottom (1 references)
target     prot opt source               destination         
neutron-l3-agent-snat  all  --  anywhere             anywhere

xxxx are pub ip's :)

Here the tenant1 router + routes

ip netns exec qrouter-2539464a-2fcd-4025-863f-87d871c329b7 route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         xxxxxx    0.0.0.0         UG    0      0        0 qg-1f8ce973-2a
xxxxxx    0.0.0.0         255.255.255.192 U     0      0        0 qg-1f8ce973-2a
10.0.200.0      0.0.0.0         255.255.255.0   U     0      0        0 qr-4da1f23c-9d
10.255.255.0    0.0.0.0         255.255.255.0   U     0      0        0 qr-9632bfc6-4e

netns exec qrouter-2539464a-2fcd-4025-863f-87d871c329b7 ifconfig
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

qg-1f8ce973-2a Link encap:Ethernet  HWaddr fa:16:3e:23:1f:63  
          inet addr:xxxxx  Bcast:xxxx  Mask:255.255.255.192
          inet6 addr: xxxx Scope:Link
          UP BROADCAST RUNNING  MTU:1500  Metric:1
          RX packets:33156496 errors:0 dropped:226 overruns:0 frame:0
          TX packets:162892 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:2970833020 (2.9 GB)  TX bytes:15189090 (15.1 MB)

qr-4da1f23c-9d Link encap:Ethernet  HWaddr fa:16:3e:5d:aa:e4  
          inet addr:10.0.200.254  Bcast:10.0.200.255  Mask:255.255.255.0
          inet6 addr: fe80::f816:3eff:fe5d:aae4/64 Scope:Link
          UP BROADCAST RUNNING  MTU:1500  Metric:1
          RX packets:113 errors:0 dropped:0 overruns:0 frame:0
          TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:4746 (4.7 KB)  TX bytes:684 (684.0 B)

qr-9632bfc6-4e Link encap:Ethernet  HWaddr fa:16:3e:5e:46:20  
          inet addr:10.255.255.1  Bcast:10.255.255.255  Mask:255.255.255.0
          inet6 addr: fe80::f816:3eff:fe5e:4620/64 Scope:Link
          UP BROADCAST RUNNING  MTU:1500  Metric:1
          RX packets:147422 errors:0 dropped:0 overruns:0 frame:0
          TX packets:380281 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:14100581 (14.1 MB)  TX bytes:491311821 (491.3 MB)

Is it only possible to create extra routes on the creating process of a tenant? Or do i have something wrong ? The goal is: Tenant1 have a router and network Tenant n..x have a router and network; On each network will create one port and will be attached to the tenant1 router.

If you have questions please ask :)

Cheers Heiko