Comment 0 for bug 2051935

I am trying to achieve the following scenario:

I have a VM attached to a router w/o external gateway (called project-router) but with a default route which send all the traffic to another router (transit router) which has an external gateway with snat enabled and it is connected to a transit network 192.168.100.0/24

My VM is on 172.16.100.0/24, traffic hits the project-router thanks to the default route gets redirected to the transit-router correctly, here it gets into the external gateway but w/o being snat.

This is because in ovn since in ovn I see that in SNAT on that router is only enabled for logical ip in 192.168.100.0/24 which is the subnet directly connected to the router

# ovn-nbctl lr-nat-list neutron-6d1e6bb7-3949-43d1-8dac-dc55155b9ad8
TYPE EXTERNAL_IP EXTERNAL_PORT LOGICAL_IP EXTERNAL_MAC LOGICAL_PORT
snat 147.22.16.207 192.168.100.0/24

But I would like that this router snat all the traffic that hits it, even when coming from a subnet not directly connected to it.

I can achieve this by setting in ovn the snat for 0.0.0.0/0

# ovn-nbctl lr-nat-add neutron-6d1e6bb7-3949-43d1-8dac-dc55155b9ad8 snat 147.22.16.207 0.0.0.0/0

# ovn-nbctl lr-nat-list neutron-6d1e6bb7-3949-43d1-8dac-dc55155b9ad8
TYPE EXTERNAL_IP EXTERNAL_PORT LOGICAL_IP EXTERNAL_MAC LOGICAL_PORT
snat 147.22.16.207 0.0.0.0/0
snat 147.22.16.207 192.168.100.0/24

But this workaround can be wiped if I run the neutron-ovn-db-sync-util on any of the neutron-api unit.

Is there a way to achieve this via OpenStack? If not does it make sense to have this as a new feature?