We would like to allow using LRP IPs as a source IP for the LB Health Checks. The main motivation is that with the current implementation, the CMS has to set aside at least one IP per LSP to be later used for health check probes and that's in the very least impractical. It also complicates introduction of the health check feature in existing deployments that were not designed with this limitation in mind.
Overall we believe that if this proposal is viable, and LRP IPs could be used for health checks, it would simplify management of health checks from the user perspective. So far I only did manual testing and it doesn't seem to break anything, so I was interested in the community's opinion on this approach. The only scenario that comes to mind that would be "broken" is if the LB backend was sitting on the public side of SNAT and the "real" traffic to backend would be using LRP's IP. However that seems like an unlikely setup, and it's a smaller constraint than the current state. Thank you for a feedback, Martin. Martin Kalcok (1): northd: Allow LB health checks from router IPs. northd/northd.c | 95 +++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 93 insertions(+), 2 deletions(-) -- 2.51.0 _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
