Implement configurable forwarding mode for VN
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
Juniper Openstack | Status tracked in Trunk | |||||
R2.20 |
Fix Committed
|
Medium
|
asbalaji | |||
Trunk |
Fix Committed
|
Medium
|
Rahul |
Bug Description
Should support configurable forwarding mode for VN. The 3 modes to be
supported are:
1. L2+ L3 mode: This is currently supported in 2.20 and newer releases. It
should be the default mode for a VN. Intra subnet traffic is bridged and inter-subnet traffic is routed.
2. L2 only mode: This is required for certain applications that need pure
L2 forwarding capabilities e.g. Junosphere. Even though there could be a
subnet configured for the VN, the ports/VMIs do not use addresses from the
subnet. Proxy ARP is disabled and all ARP packets are flooded - endpoints
are responsible for responding to ARP requests. Similarly, DHCP and DNS
are also disabled. The vRouter should not advertise any IP addresses in
MAC routes.
There's a known limitation with nova compute wherein it requires an IP
address for a port. Instead of forcing the user to configure a subnet
for L3 only networks in order to satisfy nova compute, we should consider
creating all L2 only networks with 0.0.0.0/8 subnet, which is reserved by
IANA for the "Current Network". An address from this subnet can only be
used a a source address, not as a destination. This should be OK for L2
only networks since we don't expect these addresses to even be used as
source addresses. Further, we should not add subnet, default gateway or
dns server routes to the VRF.
Need to figure out a way to allow multiple VNs in same project to use the
same 0.0.0.0/8 subnet.
3. L3 only mode: This is the classic mode supported in 1.x releases before
BMS and and IRB support was implemented. The vRouter responds to all ARP
requests with the VRRP MAC address. DNS and DHCP are also supported. The
vRouter should not advertise any EVPN routes for MACs.
In addition to supporting a mode per VN, it might also be worth making it
configurable in the global system config and allowing the user to override
it on a per VN basis. In this case, the default mode for a VN will be the
value from the global system config, which can then we overridden by a per
VN mode.
information type: | Proprietary → Public |
summary: |
- Support configurable mode for VN + Implement configurable mode for VN |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
summary: |
- Implement configurable mode for VN + Implement configurable forwarding mode for VN |
description: | updated |
tags: | added: quench |
A regular L2+L3 network with 0.0.0.0/8 subnet seems to work without
any issues. The network was created successfully and VMs with ports
in the network were spawned and assigned IP addresses. This indicates
we shouldn't have any problem using this subnet for L2 only networks.
We should ideally disallow 0.0.0.0/8 for L3 only and L2+L3 networks
since the subnet is reserved and addresses in the subnet cannot be
used as destination addresses.