Hi all, During the implementation of: https://blueprints.launchpad.net/neutron/+spec/floating-ip-extra-route
Which suggest allowing assignment of floating IP to internal address not directly connected to the router, if there is a route configured on the router to the internal address. In: https://review.openstack.org/55987 There seem to be 2 possible approaches for finding an appropriate router for a floating IP assignment, while considering extra routes: 1. Use the first router that has a route matching the internal address which is the target of the floating IP. 2. Use the first router that has a matching route, _and_ verify that there exists a path of connected devices to the network object to which the internal address belongs. The first approach solves the simple case of a gateway on a compute hosts that protects an internal network (which is the motivation for this enhancement). However, if the same (or overlapping) addresses are assigned to different internal networks, there is a risk that the first approach might find the wrong router. Still, the second approach might force many DB lookups to trace the path from the router to the internal network. This overhead might not be desirable if the use case does not (at least, initially) appear in the real world. Patch set 6 presents the first, lightweight approach, and Patch set 5 presents the second, more accurate approach. I would appreciate the opportunity to get more points of view on this subject. Thanks, -Ofer _______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
