[ovs-discuss] [OVN] OVN NB "NAT" to accept CIDRs in logical_ip

Rodolfo Alonso Hernandez ralonsoh at redhat.com
Wed Jul 14 14:38:28 UTC 2021


Hello all:

First of all, a bit of context. This question/request is related to [1].
The problem we have in OpenStack is that we are trying to create a VIP but
not with a /32 IP address but with a CIDR.

Since [2][3], is it possible to define VIPs in Neutron using OVN by
creating an unassigned port. This port will provide the VIP. When this VIP
is set to a bound port as "allowed_address_pairs", we set the LSP port type
to "virtual".

In Neutron we can assign a CIDR to a port as an "allowed_address_pairs".
For example:
$ openstack port show port10 | grep allowed_address_pairs
allowed_address_pairs   | ip_address='1.2.3.0/24',
mac_address='fa:16:3e:7d:ca:e4'

The problem is that OVN, to set the virtual LSP chassis and thus create the
OpenFlow rules in the selected OVS, is expecting an ARP from the exact IP
address that matches with the VIP IP address. Any other IP address in the
CIDR '1.2.3.0/24' (following the example provided), won't trigger the rule
creation.

Is there any mechanism to provide support for a virtual CIDR instead of a
VIP? If not, are there any plans for this?

Thank you in advance.
Rodolfo Alonso (ralonsoh at redhat.com).

[1]https://bugzilla.redhat.com/show_bug.cgi?id=1970907
[2]
https://github.com/ovn-org/ovn/commit/054f4c85c413e20d893e10ba053ec52ac15db49c
[3]https://review.opendev.org/c/openstack/networking-ovn/+/676223
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20210714/75f4ff69/attachment.html>


More information about the discuss mailing list