[RFE] DVR should route packets to Instances behind the L2 Gateway

Bug #1563879 reported by Swaminathan Vasudevan on 2016-03-30
This bug affects 1 person
Affects Status Importance Assigned to Milestone

Bug Description

L2 Gateway bridges the neutron network with the hardware based VxLAN gateways. The DVR routers in neutron could not forward traffic to an instance that is behind the VxLAN gateways since it could not 'ARP' for those instances.

DVR currently has prepopulated ARP entries for all instances created with DVR serviceable port. But somehow we should be able to populate the ARP entries of instances behind the VxLAN gateway on all DVR nodes and so the traffic can flow between them.

tags: added: l3-dvr-backlog
summary: - [RFE] DVR should route packets to Instances on the L2 Gateway
+ [RFE] DVR should route packets to Instances behind the L2 Gateway
Akihiro Motoki (amotoki) on 2016-04-03
Changed in neutron:
importance: Undecided → Wishlist
status: New → Confirmed
Akihiro Motoki (amotoki) on 2016-04-04
tags: added: rfe

The need is clear IMO, and we would need to elaborate on how to achieve this from the Neutron DVR's point of view. For this reason, I'd suggest putting together a spec that outlines the changes that you think are required in Neutron DVR (alone) to allow something like L2GW to integrate with.

Changed in neutron:
status: Confirmed → Triaged

I saw fix in [1], though I am not sure the full extent of it. Having said that, knowing that the l2gw project has been in the doldrums for sometime and the imminent Neutron Stadium evolution plan I wonder if now is the right time to investigate/resolve this issue rather than taking the time to invest in the long-term viability of the project.

[1] https://bugs.launchpad.net/neutron/+bug/1563879

anyone can share an update?

Carl Baldwin (carl-baldwin) wrote :

This should be addressed by [1] based on a discussion with Swami and a quick review.

[1] https://review.openstack.org/#/c/312593/

tags: added: rfe-approved
removed: rfe

Yes this approach in patch #312593 should solve the issue of redirecting the instance traffic behind a L2 gateway to an instance behind the cloud connected through a DVR router.

The issue had been in identifying the right node, where the cloud instance resides. Since DVR routers use the same router_interface address on all router_namespace in all compute nodes.

This approach will forward all traffic to the network node vxlan tunnel and hence the traffic will then be routed to the respective destination node.(east-west).

The only concern here is the asynchronous traffic. The incoming traffic from the L2 gateway will always hit the network node vxlan tunnel, but the outgoing traffic can be forwarded directly from the compute host.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers