Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Allow Direct Routing between External Network and Tenant Network

We've begun the POC stage of deploying OpenStack within our internal network. The idea behind why we're using OpenStack rather that VMware, XenServer or even just KVM, is because we want to give our Developers the ability to automagically build their own servers and application platforms to deliver our products and services, without having the need to take time away from our BAU operations guys with having to build each server, and yes we can build it with templates etc, but there is either a requirement to give them access, which we certainly do not want, due to the high change that they'd balls the hypervisor, or the requirement that we need to actually spend time deploying the template.

Anyway, back to the requirement, is it possible, to directly route traffic from the proverbial "external network" to the tenant network, WITHOUT the use of NAT?

The external network already sits on it's own dedicated VLAN, and is routed back out from the tenant network?

The other reason for this, is because we wish to move our production servers for things such as Active Directory and Exchange across to the OpenStack cluster, but obviously with the tenant VM's having a "private ip" address that is not directly reachable causes some issues with AD reachability with the "external network".

Anyway, any suggestions or thoughts would be great.

At the moment we have a 5 node setup, 1 Controller, 1 Neutron, 3 Compute+Block nodes deployed using ML2 Neutron with Icehouse.