[ovs-discuss] OpenVSwitch connecting between private network and public network

Egg VS Sphere ghostplant at qq.com
Sun Mar 12 13:55:24 UTC 2017 

Thanks, that means openvswitch doesn't support this situation.


But I think NAT problem will be solved if openvswitch transfers the data via the connection from private network service to public network service, and it is just not realized.


Regards,
Ghostplant


------------------ Original ------------------
From:  "Scott Lowe";<scott.lowe at scottlowe.org>;
Send time: Sunday, Mar 12, 2017 9:50 PM
To: "ovs-discuss"<ovs-discuss at openvswitch.org>; 
Cc: "Egg VS Sphere"<ghostplant at qq.com>; 
Subject:  Re: [ovs-discuss] OpenVSwitch connecting between private network and public network



Please see my reply below.


On Mar 11, 2017, at 11:59 PM, Egg VS Sphere <ghostplant at qq.com> wrote:


Hi,


I have a question about whether OpenvSwitch supports the following requirement:


Firstly, I am sure that OpenvSwitch can connect 2 sub-networks via a tunnel (e.g. vxlan) -->
Assume the IP address of two hosts are 192.168.1.10 and 192.168.1.147 respectively, what people should do is just to use
"ovs-vsctl add-port br1 vx1 -- set interface vx1 type=vxlan options:remote_ip=192.168.1.147" and
"ovs-vsctl add-port br1 vx1 -- set interface vx1 type=vxlan options:remote_ip=192.168.1.10" to link the 2 hosts.
It is clear that this is a DUPLEX task for each host to link to another host.


But it doesn't work on such requirement:
I have a remote cloud machine (named host-1) whose IP is allocated a public address that anyone can get access to it.
And I have a local machine (named host-2) from a family router whose IP is a private sub-net, all connections from this host to public service is NATed.


I want to link host-1 and host-2 to create a shared subnet. If I use the following method,
run "ovs-vsctl add-port br1 vx1 -- set interface vx1 type=vxlan options:remote_ip=<host-1-ip>" on host-2

run "ovs-vsctl add-port br1 vx1 -- set interface vx1 type=vxlan options:remote_ip=<host-2-ip (private network)>" on host-1



Obviously, the second command doesn't work.


I want to know whether there is a way to connect host-1 and host-2 to generate a shared subnet. (Assume I have no access to change settings of the family router)
Looking forward to your reply. 



If you have no access to the family router such that you cannot set up/configure NAT rules, then I think you will not be able to accomplish what you're seeking.

-- Scott


Sent from my mobile device
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20170312/ca8fdf41/attachment-0001.html>

More information about the discuss mailing list