when no default route entry in the router namespace, the vpnaas do not work!
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Expired
|
Medium
|
Unassigned |
Bug Description
Hi,
in my situation,there are two subnets on different openstack platforms, and I want connect them by using the vpnaas.
10.
Since I created the external network with --no-gateway option, so the routing tables in the router's namespace are like below:
router on openstack1:
10.0.1.0/24 dev qr-6ed9ea58-dd proto kernel scope link src 10.0.1.1
192.0.100.0/24 dev qg-d2d9942f-4d proto kernel scope link src 192.0.100.15
router on openstack2
192.0.100.0/24 dev qg-fd0f7863-40 proto kernel scope link src 192.0.100.20
20.0.2.0/24 dev qr-ce203452-50 proto kernel scope link src 20.0.2.1
when the traffic from subnet 10.0.1.0 /24 with 20.0.2.0/24 as its destination, there is no matching routing entry,so the traffic will be dropped, and won't be forwarded by the vpn tunnel! So I think a static default route entry liking "default dev qg-d2d9942f-4d scope link" should be added, though the external network without a gateway!
I think it's better to have some kind of validation for such case.
I'm not sure creating vpn connection should lead to changes on a router.
More input from vpnaas subteam is needed, so I'm marking this as incomplete