[ovs-discuss] [ovn] distributed router port and distributed SNAT

Numan Siddique numans at ovn.org
Thu Sep 24 06:11:46 UTC 2020


On Thu, Sep 24, 2020 at 10:14 AM Tony Liu <tonyliu0592 at hotmail.com> wrote:

> Hi,
>
> I read through this long discussion [1].
>
> Here is what I am doing.
>
>     +------------------------------------------+
>     |        external logical switch           |
>     +-+-------------+--------------------+-----+
>       |             |                    |
>    +--+--+       +--+--+             +---+----+
>    |dgp1 |       |dgp2 |   ...       |dgp1000 |
>    +--+--+       +--+--+             +---+----+
>       |             |                    |
>     +-+-+         +-+-+              +---+---+
>     |LR1|         |LR2|              |LR1000 |
>     +---+         +---+              +-------+
>
> First of all, I see the same flow explosion in lr_in_arp_resolve
> table. I'd like to confirm the patch [2] will also avoid explosion
> in my case?
>
>
I think so. Maybe Han or Dumitru can confirm. I suggest that you test it
out yourself.
You can stop the neutron server and run a script which sets this option on
each logical router.

something like

for i in $(ovn-nbctl --bare --columns __uuid list logical_router)
do
    ovn-nbctl set logical_router $i
options:always_learn_from_arp_request=false
done



> In my case, LRs are not bound to any specific compute chassis.
> All DGPs are bound on the central set of gateway chassis.
> It's central SNAT and FIP.
>
> I am looking for the possibility to do distributed SNAT and FIP to
> avoid central gateway nodes. With OpenStack integration,
> distributed FIP is supported, but not distributed SNAT. because
> there is not chassis specific address can be used as the source
> IP for SNAT.
>
>
I  don't think OVN supports distributed SNAT.



> Given the idea in [3], DPG can be bound on compute chassis.
> I don't need the support to have multiple DPGs on one LR.
> Then is that going to work for distributed SNAT?
> Any details, like how to allocate chassis specific address
> as the source IP for SNAT, and how ARP works for that address?
>

I am not sure how easy is it going to support this.

Thanks
Numan


>
> [1] https://www.mail-archive.com/ovs-discuss@openvswitch.org/msg06948.html
> [2] https://www.mail-archive.com/ovs-dev@openvswitch.org/msg45681.html
> [3] https://www.mail-archive.com/ovs-discuss@openvswitch.org/msg06987.html
>
> Thanks!
> Tony
>
> _______________________________________________
> discuss mailing list
> discuss at openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20200924/b0f9e162/attachment.html>


More information about the discuss mailing list