SlideShare a Scribd company logo

Routed networks sydney

Miguel Lavalle
Miguel Lavalle

OpenStack Neutron Routed Networks

Software
1 of 35
Download to read offline
Routed Networks Update Swaminathan Vasudevan, SUSE Miguel Lavalle, Huawei
Agenda • Why Routed Networks • Layer 2 and layer-3 networks at scale • Routed Networks implementation • Changes to Neutron • Floating IPs and DVR • Interaction with the Nova scheduler • Configuration
Agenda • Why Routed Networks • Layer 2 and layer-3 networks at scale • Routed Networks implementation • Changes to Neutron • Floating IPs and DVR • Interaction with the Nova scheduler • Configuration
TenantA-VM1 10.0.0.2 TenantA-VM3 9.0.0.2 TenantA-VM2 10.0.0.3 9.0.0.3 Load Balancer Public Net 88.0.0.0/18 Tenant-A Net1 10.0.0.0/24 Tenant-A Net2 9.0.0.0/24 Providing a rich toolkit to create complex networking topologies Neutron excels at ….
Neutron also excels at …. VXLAN 123567 physnet1 VLAN 37 physnet2 VLAN 413 VM 1 VM 2 VM 3 • The entire network constitutes a contiguous layer-2 domain • Ports associated with network, not specific segment • Ports bound automatically to segment with connectivity Enabling admins to create complex layer-2 provider networks
But what if …. Tenants only need to connect VM’s to a single or few shared networks VXLAN 123567 physnet1 VLAN 37 VM VMVM VMVMVM physnet1 VLAN 820 VM VMVM VMVMVM One alternative is to create one large layer-2 network • These networks become complex at larger scale • Also have large failure domains Layer-2 network
Another alternative to achieve scale …. Collection of distinct networks routed together to the outside: network-1 VM VMVM VMVMVM network-2 VM VMVM VMVMVM network-3 VM VMVM VMVMVM • Leaves the choice of which network to select to the user • This is confusing, since nothing distinguishes one network from the other
Routed Networks segment 1 VMVM VM VMVM segment 2 VM VMVM VMVM Layer-3 Layer-2 • Users boot instances to a routed network presented as a single entity. The compute host determines the segment. • This allows for simplicity and scalability simultaneously
Agenda • Why Routed Networks • Layer-2 and layer-3 networks at scale • Routed Networks implementation • Changes to Neutron • Floating IPs and DVR • Interaction with the Nova scheduler • Configuration • Demo
Segments • A segment contains the encapsulation details used to carry level-2 traffic • Each network has at least one segment associated with it • Segment details • network_type - how traffic is encapsulated • segmentation_id - the encapsulation identifier • physical_network - a unique name for the physical network the encapsulated traffic will be sent on • With L2 networks, multiple segments on the same networks are assumed to be bridged together • Not true for routed networks
Network Segment API extension • New in Newton as part of the implementation of routed networks • Moved segments from ML2 DB to the core DB model • Made segment an API resource with uuid • CRUD operations for segments as part of the ReST API • Exposed as a service plugin • Not enabled by default • All core plugins are not guaranteed to work with it • Available with: • ML2 agents based implementation • Ml2 OVN mechanism driver. Requires own host mapping mechanism
Subnets associate to segments in routed networks segment1 172.16.0.0/22 segment2 172.16.2.0/22 segment3 172.16.8.0/22 segment1 172.16.12.0/22
Subnets associate to segments in routed networks • Associating a subnet to a segment • $ openstack subnet create --network multinet --ip-version 4 --network-segment my-segment --subnet-range 172.16.0.0/22 multinet-segment1-subnet • This turns a network into a routed network • Networks have a new attribute l2_adjacency • When a network is originally created, l2_adjacency is True • When subnets are assigned to segments, it becomes a routed network and its l2_adjacency becomes False • Cannot mix subnets with segments and without segments in the same network
Each segment requires at least one DHCP agent segment1 172.16.0.0/22 segment2 172.16.2.0/22 segment3 172.16.8.0/22 segment1 172.16.12.0/22 DHCP DHCP DHCP DHCP If segments are small, DHCP can run in one of the compute nodes in each rack
Ports in routed networks • In a routed network, a port cannot get ip addresses until it is bound, when the segment it will be connected to is known • These unbound ports have an empty fixed_ips attribute • Ports have a new attribute ip_allocation • immediate for bound and unbound ports in l2 networks • immediate for ports in routed networks that were bound at creation • deferred for routed networks ports that were unbound at creation. • It will remain deferred even after binding • Neutron maintains a hosts to segments mapping • Used during host binding to allocate ip addresses • Available in ML2 agent based implementations and OVN
Agenda • Why Routed Networks • Layer 2 and layer-3 networks at scale • Routed Networks implementation • Changes to Neutron • Floating IPs and DVR • Interaction with the Nova scheduler • Configuration
Floating IPs • Floating IP subnets • BGP • With Neutron router • Routed external gateway • No Neutron router • NAT on the port? • DVR • DNAT on router namespace. • Service subnet to reduce the public IP consumption segment1 physnet1 172.16.0.0/22 segment2 segment3 segment1 physnet1 172.16.4.0/22 physnet1 172.16.8.0/22 physnet1 172.16.12.0/22 Datacenter Routing 203.0.113.251 -> 172.16.12.199 203.0.113.0/24 203.0.113.43 -> 172.16.0.227 BGP Speaker
Distributed Virtual Router - North South Routing with DNAT br-tun qrouter br-ex Network Node Compute Node 1 Compute Node2 br-tunbr-tun br-int VM2VM1 br-int br-int VM4VM3 Private_net Public_net qrouter qrouter FIP FIP br-ex br-ex SNAT
Distributed Virtual Router - FIP (FloatingIP or Fast Internet Path) Namespace
Distributed Virtual Router and Service subnets • DVR consumes one external public IP address per Compute Node for North-South Routing. • The issue with this is, public IP addresses are expensive and the consumption increases as the scale increases. (No of compute nodes) • Service subnets was introduced to get around the public IP address consumption by the FIP agent gateway. • With a BGP Speaker in place and defining a service subnet for the FloatingIP agent gateway port, it is easy to overcome the IP address consumption issue.
Distributed Virtual Router and Service subnets $ openstack network create --external demo-ext-net $ openstack subnet create demo-external-ip-subnet --subnet-range 203.0.113.0/24 --no-dhcp --network demo-ext-net $ openstack subnet create demo-floating-ip-agent-gateway-subnet --subnet-range 198.168.113.0/24 --no-dhcp --service-type 'network:floatingip_agent_gateway' --network demo-ext-net
Distributed Virtual Router and Service subnets $ neutron port-show a2d1e756-8ae1-4f96-9aa1-e7ea16a6a68a +-----------------------+--------------------------------------------------------------------------+ | Field | Value | +-----------------------+--------------------------------------------------------------------------+ | admin_state_up | UP | | device_id | 3d0c98eb-bca3-45cc-8aa4-90ae3deb0844 | | device_owner | network:floatingip_agent_gateway | | extra_dhcp_opts | | | fixed_ips | ip_address='198.168.113.10', | | | subnet_id='67c251d9-2b7a-4200-99f6-e13785b0334d' | | id | a2d1e756-8ae1-4f96-9aa1-e7ea16a6a68a | | mac_address | fa:16:3e:f4:5d:fa | | network_id | 02d236d5-dad9-4082-bb6b-5245f9f84d13 | | project_id | | | status | ACTIVE | +-----------------------+--------------------------------------------------------------------------+
Distributed Virtual Router - Distributed North South with BGP and Service subnet br-tun qrouter br-ex Network Node Compute Node 1 Compute Node2 br-tunbr-tun br-int VM2VM1 br-int br-int VM4VM3 Private_net Public_net qrouter qrouter FIP FIP br-ex br-ex SNAT BGP Service_subnet 192.168.113.40 192.168.113..41192.168.113.39 Rack1 with segment 1 Router Router 192.168.113.50 203.0.113.150203.0.113.0/24 10.0.10.20 10.0.10.21 10.0.10.22 10.0.10.23 203.0.113.22 203.0.113.21
Distributed Virtual Router - What determines the FloatingIP versus the Fast Path Exit • Networks and Address scopes • Subnet-pools on Address scopes • Networks residing on same Address scopes ( External and Internal) follow the fast path exit or Fixed IP • Networks residing on different Address scopes follow the Floating IP or DNAT • In both these cases the FIP (Floating IP or Fast Internet Path) Namespace will be created. • Based on the Subnet Pool cidr the traffic will be directed to the respective routers routing the network.
Routed networks and Nova scheduling Segments topology and ip address availability have to be considered by the Nova scheduler to place instances in compute nodes if routed networks are involved, both when booting and when live migrating segment1 172.16.0.0/22 segment2 172.16.2.0/22 segment3 172.16.8.0/22 segment1 172.16.12.0/22
Changes to Nova scheduling (in progress) • Creation of instance’s ports moves from compute manager to conductor and will take place prior to placement decision • There are four use cases: User requests Scheduler places instance at: Boot with port id. Port has no IP address Any segment with available ip addresses Boot with port id. Port has IP address Segment with subnet containing ip address Boot with network id Any segment with available ip addresses Instance move Segment with subnet containing ip address
Nova Generic Resource Pools API Resource Pool Inventories Aggregates DISK_GB IPV4_ADDRESS Host 1 Host n….. A resource pool represents a provider of resources: e.g. segments provide IPv4 addresses
Resource Pools for routed networks Resource Pool Inventories Aggregates IPV4_ADDRESS Host 1 Host n….. Only created for routed networks segments ‘Neutron segment id <uuid>’ Updated for every subnet associated with the segment Based on hosts segments mapping
Agenda • Why Routed Networks • Layer 2 and layer-3 networks at scale • Routed Networks implementation • Changes to Neutron • Interaction with the Nova scheduler • Configuration
Physical preparation • Unique physnet per segment • VLAN number is independent per physnet • VLAN ids can be re-used from segment to segment • DHCP agent hosts per physnet • Your choice of routing architecture
Neutron Configuration • Configure segments service plugin • Bridge mappings • OVN provides a different way to configure host to segment access • Create network • Includes creating the segments with multi-provider extension • Creating segments after network creation is also supported • Create subnets • Include segment_id from previous step with each subnet create
Distributed Virtual Router (DVR) br-tun qrouter br-ex Network Node Compute Node 1 Compute Node2 br-tunbr-tun br-int VM2VM1 br-int br-int VM4VM3 Private_net Public_net qrouter qrouter FIP FIP br-ex br-ex SNAT
Distributed Virtual Router - North South Routing with SNAT br-tun qrouter br-ex Network Node Compute Node 1 Compute Node2 br-tunbr-tun br-int VM2VM1 br-int br-int VM4VM3 Private_net Public_net qrouter qrouter FIP FIP br-ex br-ex SNAT
Distributed Virtual Router - North South with Fixed IP - (Fast path exit) br-tun qrouter br-ex Network Node Compute Node 1 Compute Node2 br-tunbr-tun br-int VM2VM1 br-int br-int VM4VM3 Private_net Public_net qrouter qrouter FIP FIP br-ex br-ex SNAT
Distributed Virtual Router - Distributed North South with BGP and Service subnet br-tun qrouter br-ex Network Node Compute Node 1 Compute Node2 br-tunbr-tun br-int VM2VM1 br-int br-int VM4VM3 Private_net Public_net qrouter qrouter FIP FIP br-ex br-ex SNAT BGP Speaker Service_subnet 192.168.113.40 192.168.113..41192.168.113.39 Rack1 with segment 1 Router Router 192.168.113.50 203.0.113.150203.0.113.0/24 10.0.10.20 10.0.10.21 10.0.10.22 10.0.10.23 203.0.113.22 203.0.113.21

Recommended

[OpenInfra Days Korea 2018] (Track 2) Neutron LBaaS 어디까지 왔니? - Octavia 소개
[OpenInfra Days Korea 2018] (Track 2) Neutron LBaaS 어디까지 왔니? - Octavia 소개[OpenInfra Days Korea 2018] (Track 2) Neutron LBaaS 어디까지 왔니? - Octavia 소개
[OpenInfra Days Korea 2018] (Track 2) Neutron LBaaS 어디까지 왔니? - Octavia 소개OpenStack Korea Community
 
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/NeutronOverview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/Neutronvivekkonnect
 
Virtualized network with openvswitch
Virtualized network with openvswitchVirtualized network with openvswitch
Virtualized network with openvswitchSim Janghoon
 
開發人員必須知道的 Kubernetes 核心技術 - Kubernetes Summit 2018
開發人員必須知道的 Kubernetes 核心技術 - Kubernetes Summit 2018開發人員必須知道的 Kubernetes 核心技術 - Kubernetes Summit 2018
開發人員必須知道的 Kubernetes 核心技術 - Kubernetes Summit 2018Will Huang
 
Routed Provider Networks on OpenStack
Routed Provider Networks on OpenStack Routed Provider Networks on OpenStack
Routed Provider Networks on OpenStack Romana Project
 
Troubleshooting containerized triple o deployment
Troubleshooting containerized triple o deploymentTroubleshooting containerized triple o deployment
Troubleshooting containerized triple o deploymentSadique Puthen
 
Meetup 23 - 02 - OVN - The future of networking in OpenStack
Meetup 23 - 02 - OVN - The future of networking in OpenStackMeetup 23 - 02 - OVN - The future of networking in OpenStack
Meetup 23 - 02 - OVN - The future of networking in OpenStackVietnam Open Infrastructure User Group
 
Large scale overlay networks with ovn: problems and solutions
Large scale overlay networks with ovn: problems and solutionsLarge scale overlay networks with ovn: problems and solutions
Large scale overlay networks with ovn: problems and solutionsHan Zhou
 

Recommended

[OpenInfra Days Korea 2018] (Track 2) Neutron LBaaS 어디까지 왔니? - Octavia 소개
[OpenInfra Days Korea 2018] (Track 2) Neutron LBaaS 어디까지 왔니? - Octavia 소개[OpenInfra Days Korea 2018] (Track 2) Neutron LBaaS 어디까지 왔니? - Octavia 소개
[OpenInfra Days Korea 2018] (Track 2) Neutron LBaaS 어디까지 왔니? - Octavia 소개OpenStack Korea Community
 
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/NeutronOverview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/Neutronvivekkonnect
 
Virtualized network with openvswitch
Virtualized network with openvswitchVirtualized network with openvswitch
Virtualized network with openvswitchSim Janghoon
 
開發人員必須知道的 Kubernetes 核心技術 - Kubernetes Summit 2018
開發人員必須知道的 Kubernetes 核心技術 - Kubernetes Summit 2018開發人員必須知道的 Kubernetes 核心技術 - Kubernetes Summit 2018
開發人員必須知道的 Kubernetes 核心技術 - Kubernetes Summit 2018Will Huang
 
Routed Provider Networks on OpenStack
Routed Provider Networks on OpenStack Routed Provider Networks on OpenStack
Routed Provider Networks on OpenStack Romana Project
 
Troubleshooting containerized triple o deployment
Troubleshooting containerized triple o deploymentTroubleshooting containerized triple o deployment
Troubleshooting containerized triple o deploymentSadique Puthen
 
Meetup 23 - 02 - OVN - The future of networking in OpenStack
Meetup 23 - 02 - OVN - The future of networking in OpenStackMeetup 23 - 02 - OVN - The future of networking in OpenStack
Meetup 23 - 02 - OVN - The future of networking in OpenStackVietnam Open Infrastructure User Group
 
Large scale overlay networks with ovn: problems and solutions
Large scale overlay networks with ovn: problems and solutionsLarge scale overlay networks with ovn: problems and solutions
Large scale overlay networks with ovn: problems and solutionsHan Zhou
 
BGP Dynamic Routing and Neutron
BGP Dynamic Routing and NeutronBGP Dynamic Routing and Neutron
BGP Dynamic Routing and Neutronrktidwell
 
Deploying IPv6 on OpenStack
Deploying IPv6 on OpenStackDeploying IPv6 on OpenStack
Deploying IPv6 on OpenStackVietnam Open Infrastructure User Group
 
Openstack Neutron, interconnections with BGP/MPLS VPNs
Openstack Neutron, interconnections with BGP/MPLS VPNsOpenstack Neutron, interconnections with BGP/MPLS VPNs
Openstack Neutron, interconnections with BGP/MPLS VPNsThomas Morin
 
DevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughDevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughThomas Graf
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Diverajdeep
 
OpenStack Quantum Intro (OS Meetup 3-26-12)
OpenStack Quantum Intro (OS Meetup 3-26-12)OpenStack Quantum Intro (OS Meetup 3-26-12)
OpenStack Quantum Intro (OS Meetup 3-26-12)Dan Wendlandt
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge MigrationJames Denton
 
MP BGP-EVPN 실전기술-1편(개념잡기)
MP BGP-EVPN 실전기술-1편(개념잡기)MP BGP-EVPN 실전기술-1편(개념잡기)
MP BGP-EVPN 실전기술-1편(개념잡기)JuHwan Lee
 
Linux Network Stack
Linux Network StackLinux Network Stack
Linux Network StackAdrien Mahieux
 
[OpenInfra Days Korea 2018] (Track 4) - Grafana를 이용한 OpenStack 클라우드 성능 모니터링
[OpenInfra Days Korea 2018] (Track 4) - Grafana를 이용한 OpenStack 클라우드 성능 모니터링[OpenInfra Days Korea 2018] (Track 4) - Grafana를 이용한 OpenStack 클라우드 성능 모니터링
[OpenInfra Days Korea 2018] (Track 4) - Grafana를 이용한 OpenStack 클라우드 성능 모니터링OpenStack Korea Community
 
Service Function Chaining in Openstack Neutron
Service Function Chaining in Openstack NeutronService Function Chaining in Openstack Neutron
Service Function Chaining in Openstack NeutronMichelle Holley
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversBrent Salisbury
 
Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking ExplainedThomas Graf
 
OVN - Basics and deep dive
OVN - Basics and deep diveOVN - Basics and deep dive
OVN - Basics and deep diveTrinath Somanchi
 
OpenStack DVR_What is DVR?
OpenStack DVR_What is DVR?OpenStack DVR_What is DVR?
OpenStack DVR_What is DVR?Yongyoon Shin
 
Neutron packet logging framework
Neutron packet logging frameworkNeutron packet logging framework
Neutron packet logging frameworkVietnam Open Infrastructure User Group
 
Monitoring kubernetes with prometheus
Monitoring kubernetes with prometheusMonitoring kubernetes with prometheus
Monitoring kubernetes with prometheusBrice Fernandes
 
OpenStack networking (Neutron)
OpenStack networking (Neutron) OpenStack networking (Neutron)
OpenStack networking (Neutron) CREATE-NET
 
OpenStack Neutron's Distributed Virtual Router
OpenStack Neutron's Distributed Virtual RouterOpenStack Neutron's Distributed Virtual Router
OpenStack Neutron's Distributed Virtual Routercarlbaldwin
 
Open vSwitch Introduction
Open vSwitch IntroductionOpen vSwitch Introduction
Open vSwitch IntroductionHungWei Chiu
 
Netforce: extending neutron to support routed networks at scale in ebay
Netforce: extending neutron to support routed networks at scale in ebayNetforce: extending neutron to support routed networks at scale in ebay
Netforce: extending neutron to support routed networks at scale in ebayAliasgar Ginwala
 
What's new in Neutron Juno
What's new in Neutron JunoWhat's new in Neutron Juno
What's new in Neutron JunoJaume Devesa Gomez
 

More Related Content

What's hot

BGP Dynamic Routing and Neutron
BGP Dynamic Routing and NeutronBGP Dynamic Routing and Neutron
BGP Dynamic Routing and Neutronrktidwell
 
Openstack Neutron, interconnections with BGP/MPLS VPNs
Openstack Neutron, interconnections with BGP/MPLS VPNsOpenstack Neutron, interconnections with BGP/MPLS VPNs
Openstack Neutron, interconnections with BGP/MPLS VPNsThomas Morin
 
DevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughDevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughThomas Graf
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Diverajdeep
 
OpenStack Quantum Intro (OS Meetup 3-26-12)
OpenStack Quantum Intro (OS Meetup 3-26-12)OpenStack Quantum Intro (OS Meetup 3-26-12)
OpenStack Quantum Intro (OS Meetup 3-26-12)Dan Wendlandt
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge MigrationJames Denton
 
MP BGP-EVPN 실전기술-1편(개념잡기)
MP BGP-EVPN 실전기술-1편(개념잡기)MP BGP-EVPN 실전기술-1편(개념잡기)
MP BGP-EVPN 실전기술-1편(개념잡기)JuHwan Lee
 
[OpenInfra Days Korea 2018] (Track 4) - Grafana를 이용한 OpenStack 클라우드 성능 모니터링
[OpenInfra Days Korea 2018] (Track 4) - Grafana를 이용한 OpenStack 클라우드 성능 모니터링[OpenInfra Days Korea 2018] (Track 4) - Grafana를 이용한 OpenStack 클라우드 성능 모니터링
[OpenInfra Days Korea 2018] (Track 4) - Grafana를 이용한 OpenStack 클라우드 성능 모니터링OpenStack Korea Community
 
Service Function Chaining in Openstack Neutron
Service Function Chaining in Openstack NeutronService Function Chaining in Openstack Neutron
Service Function Chaining in Openstack NeutronMichelle Holley
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversBrent Salisbury
 
Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking ExplainedThomas Graf
 
OVN - Basics and deep dive
OVN - Basics and deep diveOVN - Basics and deep dive
OVN - Basics and deep diveTrinath Somanchi
 
OpenStack DVR_What is DVR?
OpenStack DVR_What is DVR?OpenStack DVR_What is DVR?
OpenStack DVR_What is DVR?Yongyoon Shin
 
Monitoring kubernetes with prometheus
Monitoring kubernetes with prometheusMonitoring kubernetes with prometheus
Monitoring kubernetes with prometheusBrice Fernandes
 
OpenStack networking (Neutron)
OpenStack networking (Neutron) OpenStack networking (Neutron)
OpenStack networking (Neutron) CREATE-NET
 
OpenStack Neutron's Distributed Virtual Router
OpenStack Neutron's Distributed Virtual RouterOpenStack Neutron's Distributed Virtual Router
OpenStack Neutron's Distributed Virtual Routercarlbaldwin
 
Open vSwitch Introduction
Open vSwitch IntroductionOpen vSwitch Introduction
Open vSwitch IntroductionHungWei Chiu
 

What's hot (20)

BGP Dynamic Routing and Neutron
BGP Dynamic Routing and NeutronBGP Dynamic Routing and Neutron
BGP Dynamic Routing and Neutron
 
Deploying IPv6 on OpenStack
Deploying IPv6 on OpenStackDeploying IPv6 on OpenStack
Deploying IPv6 on OpenStack
 
Openstack Neutron, interconnections with BGP/MPLS VPNs
Openstack Neutron, interconnections with BGP/MPLS VPNsOpenstack Neutron, interconnections with BGP/MPLS VPNs
Openstack Neutron, interconnections with BGP/MPLS VPNs
 
DevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughDevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking Walkthrough
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Dive
 
OpenStack Quantum Intro (OS Meetup 3-26-12)
OpenStack Quantum Intro (OS Meetup 3-26-12)OpenStack Quantum Intro (OS Meetup 3-26-12)
OpenStack Quantum Intro (OS Meetup 3-26-12)
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
 
MP BGP-EVPN 실전기술-1편(개념잡기)
MP BGP-EVPN 실전기술-1편(개념잡기)MP BGP-EVPN 실전기술-1편(개념잡기)
MP BGP-EVPN 실전기술-1편(개념잡기)
 
Linux Network Stack
Linux Network StackLinux Network Stack
Linux Network Stack
 
[OpenInfra Days Korea 2018] (Track 4) - Grafana를 이용한 OpenStack 클라우드 성능 모니터링
[OpenInfra Days Korea 2018] (Track 4) - Grafana를 이용한 OpenStack 클라우드 성능 모니터링[OpenInfra Days Korea 2018] (Track 4) - Grafana를 이용한 OpenStack 클라우드 성능 모니터링
[OpenInfra Days Korea 2018] (Track 4) - Grafana를 이용한 OpenStack 클라우드 성능 모니터링
 
Service Function Chaining in Openstack Neutron
Service Function Chaining in Openstack NeutronService Function Chaining in Openstack Neutron
Service Function Chaining in Openstack Neutron
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan Drivers
 
Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking Explained
 
OVN - Basics and deep dive
OVN - Basics and deep diveOVN - Basics and deep dive
OVN - Basics and deep dive
 
OpenStack DVR_What is DVR?
OpenStack DVR_What is DVR?OpenStack DVR_What is DVR?
OpenStack DVR_What is DVR?
 
Neutron packet logging framework
Neutron packet logging frameworkNeutron packet logging framework
Neutron packet logging framework
 
Monitoring kubernetes with prometheus
Monitoring kubernetes with prometheusMonitoring kubernetes with prometheus
Monitoring kubernetes with prometheus
 
OpenStack networking (Neutron)
OpenStack networking (Neutron) OpenStack networking (Neutron)
OpenStack networking (Neutron)
 
OpenStack Neutron's Distributed Virtual Router
OpenStack Neutron's Distributed Virtual RouterOpenStack Neutron's Distributed Virtual Router
OpenStack Neutron's Distributed Virtual Router
 
Open vSwitch Introduction
Open vSwitch IntroductionOpen vSwitch Introduction
Open vSwitch Introduction
 

Similar to Routed networks sydney

Netforce: extending neutron to support routed networks at scale in ebay
Netforce: extending neutron to support routed networks at scale in ebayNetforce: extending neutron to support routed networks at scale in ebay
Netforce: extending neutron to support routed networks at scale in ebayAliasgar Ginwala
 
SDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingSDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingThomas Graf
 
Network Virtualization & Software-defined Networking
Network Virtualization & Software-defined NetworkingNetwork Virtualization & Software-defined Networking
Network Virtualization & Software-defined NetworkingDigicomp Academy AG
 
Technical introduction to MidoNet
Technical introduction to MidoNetTechnical introduction to MidoNet
Technical introduction to MidoNetMidoNet
 
Network virtualization seminar report
Network virtualization seminar reportNetwork virtualization seminar report
Network virtualization seminar reportSKS
 
CCN CEP.pptx
CCN CEP.pptxCCN CEP.pptx
CCN CEP.pptxNOOR69810
 
F5 link controller
F5 link controllerF5 link controller
F5 link controllerJimmy Saigon
 
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...Dan Mihai Dumitriu
 
Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015SDN Hub
 
Understanding network and service virtualization
Understanding network and service virtualizationUnderstanding network and service virtualization
Understanding network and service virtualizationSDN Hub
 
Open stack networking_101_update_2014
Open stack networking_101_update_2014Open stack networking_101_update_2014
Open stack networking_101_update_2014yfauser
 
Virt july-2013-meetup
Virt july-2013-meetupVirt july-2013-meetup
Virt july-2013-meetupnvirters
 
MidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostMidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostOpenStack_Online
 
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack NetworkingONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networkingmarkmcclain
 
OpenStack Scale-out Networking Architecture
OpenStack Scale-out Networking ArchitectureOpenStack Scale-out Networking Architecture
OpenStack Scale-out Networking ArchitectureRandy Bias
 

Similar to Routed networks sydney (20)

Netforce: extending neutron to support routed networks at scale in ebay
Netforce: extending neutron to support routed networks at scale in ebayNetforce: extending neutron to support routed networks at scale in ebay
Netforce: extending neutron to support routed networks at scale in ebay
 
What's new in Neutron Juno
What's new in Neutron JunoWhat's new in Neutron Juno
What's new in Neutron Juno
 
Raga_SDN_NSX_1
Raga_SDN_NSX_1Raga_SDN_NSX_1
Raga_SDN_NSX_1
 
SDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingSDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center Networking
 
Network Virtualization & Software-defined Networking
Network Virtualization & Software-defined NetworkingNetwork Virtualization & Software-defined Networking
Network Virtualization & Software-defined Networking
 
Technical introduction to MidoNet
Technical introduction to MidoNetTechnical introduction to MidoNet
Technical introduction to MidoNet
 
Network virtualization seminar report
Network virtualization seminar reportNetwork virtualization seminar report
Network virtualization seminar report
 
CCN CEP.pptx
CCN CEP.pptxCCN CEP.pptx
CCN CEP.pptx
 
F5 link controller
F5 link controllerF5 link controller
F5 link controller
 
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
 
Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015
 
Vpnppt1884
Vpnppt1884Vpnppt1884
Vpnppt1884
 
Understanding network and service virtualization
Understanding network and service virtualizationUnderstanding network and service virtualization
Understanding network and service virtualization
 
OpenStack Quantum
OpenStack QuantumOpenStack Quantum
OpenStack Quantum
 
Open stack networking_101_update_2014
Open stack networking_101_update_2014Open stack networking_101_update_2014
Open stack networking_101_update_2014
 
Virt july-2013-meetup
Virt july-2013-meetupVirt july-2013-meetup
Virt july-2013-meetup
 
MidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostMidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a Boost
 
10 sdn-vir-6up
10 sdn-vir-6up10 sdn-vir-6up
10 sdn-vir-6up
 
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack NetworkingONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
 
OpenStack Scale-out Networking Architecture
OpenStack Scale-out Networking ArchitectureOpenStack Scale-out Networking Architecture
OpenStack Scale-out Networking Architecture
 

Recently uploaded

Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...OnePlan Solutions
 
Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Rob Geurden
 
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprisepreethippts
 
Understanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM ArchitectureUnderstanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM Architecturerahul_net
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Matt Ray
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...confluent
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024StefanoLambiase
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLionel Briand
 
VK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web DevelopmentVK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web Developmentvyaparkranti
 
Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Mater
 
英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作qr0udbr0
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfDrew Moseley
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Velvetech LLC
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaHanief Utama
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identityteam-WIBU
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odishasmiwainfosol
 
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxReal-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxRTS corp
 

Recently uploaded (20)

Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
 
Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...
 
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprise
 
Understanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM ArchitectureUnderstanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM Architecture
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
 
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort ServiceHot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and Repair
 
VK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web DevelopmentVK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web Development
 
Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)
 
英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdf
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief Utama
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identity
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
 
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxReal-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
 

Routed networks sydney

  • 1. Routed Networks Update Swaminathan Vasudevan, SUSE Miguel Lavalle, Huawei
  • 2. Agenda • Why Routed Networks • Layer 2 and layer-3 networks at scale • Routed Networks implementation • Changes to Neutron • Floating IPs and DVR • Interaction with the Nova scheduler • Configuration
  • 3. Agenda • Why Routed Networks • Layer 2 and layer-3 networks at scale • Routed Networks implementation • Changes to Neutron • Floating IPs and DVR • Interaction with the Nova scheduler • Configuration
  • 4. TenantA-VM1 10.0.0.2 TenantA-VM3 9.0.0.2 TenantA-VM2 10.0.0.3 9.0.0.3 Load Balancer Public Net 88.0.0.0/18 Tenant-A Net1 10.0.0.0/24 Tenant-A Net2 9.0.0.0/24 Providing a rich toolkit to create complex networking topologies Neutron excels at ….
  • 5. Neutron also excels at …. VXLAN 123567 physnet1 VLAN 37 physnet2 VLAN 413 VM 1 VM 2 VM 3 • The entire network constitutes a contiguous layer-2 domain • Ports associated with network, not specific segment • Ports bound automatically to segment with connectivity Enabling admins to create complex layer-2 provider networks
  • 6. But what if …. Tenants only need to connect VM’s to a single or few shared networks VXLAN 123567 physnet1 VLAN 37 VM VMVM VMVMVM physnet1 VLAN 820 VM VMVM VMVMVM One alternative is to create one large layer-2 network • These networks become complex at larger scale • Also have large failure domains Layer-2 network
  • 7. Another alternative to achieve scale …. Collection of distinct networks routed together to the outside: network-1 VM VMVM VMVMVM network-2 VM VMVM VMVMVM network-3 VM VMVM VMVMVM • Leaves the choice of which network to select to the user • This is confusing, since nothing distinguishes one network from the other
  • 8. Routed Networks segment 1 VMVM VM VMVM segment 2 VM VMVM VMVM Layer-3 Layer-2 • Users boot instances to a routed network presented as a single entity. The compute host determines the segment. • This allows for simplicity and scalability simultaneously
  • 9. Agenda • Why Routed Networks • Layer-2 and layer-3 networks at scale • Routed Networks implementation • Changes to Neutron • Floating IPs and DVR • Interaction with the Nova scheduler • Configuration • Demo
  • 10. Segments • A segment contains the encapsulation details used to carry level-2 traffic • Each network has at least one segment associated with it • Segment details • network_type - how traffic is encapsulated • segmentation_id - the encapsulation identifier • physical_network - a unique name for the physical network the encapsulated traffic will be sent on • With L2 networks, multiple segments on the same networks are assumed to be bridged together • Not true for routed networks
  • 11. Network Segment API extension • New in Newton as part of the implementation of routed networks • Moved segments from ML2 DB to the core DB model • Made segment an API resource with uuid • CRUD operations for segments as part of the ReST API • Exposed as a service plugin • Not enabled by default • All core plugins are not guaranteed to work with it • Available with: • ML2 agents based implementation • Ml2 OVN mechanism driver. Requires own host mapping mechanism
  • 12. Subnets associate to segments in routed networks segment1 172.16.0.0/22 segment2 172.16.2.0/22 segment3 172.16.8.0/22 segment1 172.16.12.0/22
  • 13. Subnets associate to segments in routed networks • Associating a subnet to a segment • $ openstack subnet create --network multinet --ip-version 4 --network-segment my-segment --subnet-range 172.16.0.0/22 multinet-segment1-subnet • This turns a network into a routed network • Networks have a new attribute l2_adjacency • When a network is originally created, l2_adjacency is True • When subnets are assigned to segments, it becomes a routed network and its l2_adjacency becomes False • Cannot mix subnets with segments and without segments in the same network
  • 14. Each segment requires at least one DHCP agent segment1 172.16.0.0/22 segment2 172.16.2.0/22 segment3 172.16.8.0/22 segment1 172.16.12.0/22 DHCP DHCP DHCP DHCP If segments are small, DHCP can run in one of the compute nodes in each rack
  • 15. Ports in routed networks • In a routed network, a port cannot get ip addresses until it is bound, when the segment it will be connected to is known • These unbound ports have an empty fixed_ips attribute • Ports have a new attribute ip_allocation • immediate for bound and unbound ports in l2 networks • immediate for ports in routed networks that were bound at creation • deferred for routed networks ports that were unbound at creation. • It will remain deferred even after binding • Neutron maintains a hosts to segments mapping • Used during host binding to allocate ip addresses • Available in ML2 agent based implementations and OVN
  • 16. Agenda • Why Routed Networks • Layer 2 and layer-3 networks at scale • Routed Networks implementation • Changes to Neutron • Floating IPs and DVR • Interaction with the Nova scheduler • Configuration
  • 17. Floating IPs • Floating IP subnets • BGP • With Neutron router • Routed external gateway • No Neutron router • NAT on the port? • DVR • DNAT on router namespace. • Service subnet to reduce the public IP consumption segment1 physnet1 172.16.0.0/22 segment2 segment3 segment1 physnet1 172.16.4.0/22 physnet1 172.16.8.0/22 physnet1 172.16.12.0/22 Datacenter Routing 203.0.113.251 -> 172.16.12.199 203.0.113.0/24 203.0.113.43 -> 172.16.0.227 BGP Speaker
  • 18. Distributed Virtual Router - North South Routing with DNAT br-tun qrouter br-ex Network Node Compute Node 1 Compute Node2 br-tunbr-tun br-int VM2VM1 br-int br-int VM4VM3 Private_net Public_net qrouter qrouter FIP FIP br-ex br-ex SNAT
  • 19. Distributed Virtual Router - FIP (FloatingIP or Fast Internet Path) Namespace
  • 20. Distributed Virtual Router and Service subnets • DVR consumes one external public IP address per Compute Node for North-South Routing. • The issue with this is, public IP addresses are expensive and the consumption increases as the scale increases. (No of compute nodes) • Service subnets was introduced to get around the public IP address consumption by the FIP agent gateway. • With a BGP Speaker in place and defining a service subnet for the FloatingIP agent gateway port, it is easy to overcome the IP address consumption issue.
  • 21. Distributed Virtual Router and Service subnets $ openstack network create --external demo-ext-net $ openstack subnet create demo-external-ip-subnet --subnet-range 203.0.113.0/24 --no-dhcp --network demo-ext-net $ openstack subnet create demo-floating-ip-agent-gateway-subnet --subnet-range 198.168.113.0/24 --no-dhcp --service-type 'network:floatingip_agent_gateway' --network demo-ext-net
  • 22. Distributed Virtual Router and Service subnets $ neutron port-show a2d1e756-8ae1-4f96-9aa1-e7ea16a6a68a +-----------------------+--------------------------------------------------------------------------+ | Field | Value | +-----------------------+--------------------------------------------------------------------------+ | admin_state_up | UP | | device_id | 3d0c98eb-bca3-45cc-8aa4-90ae3deb0844 | | device_owner | network:floatingip_agent_gateway | | extra_dhcp_opts | | | fixed_ips | ip_address='198.168.113.10', | | | subnet_id='67c251d9-2b7a-4200-99f6-e13785b0334d' | | id | a2d1e756-8ae1-4f96-9aa1-e7ea16a6a68a | | mac_address | fa:16:3e:f4:5d:fa | | network_id | 02d236d5-dad9-4082-bb6b-5245f9f84d13 | | project_id | | | status | ACTIVE | +-----------------------+--------------------------------------------------------------------------+
  • 23. Distributed Virtual Router - Distributed North South with BGP and Service subnet br-tun qrouter br-ex Network Node Compute Node 1 Compute Node2 br-tunbr-tun br-int VM2VM1 br-int br-int VM4VM3 Private_net Public_net qrouter qrouter FIP FIP br-ex br-ex SNAT BGP Service_subnet 192.168.113.40 192.168.113..41192.168.113.39 Rack1 with segment 1 Router Router 192.168.113.50 203.0.113.150203.0.113.0/24 10.0.10.20 10.0.10.21 10.0.10.22 10.0.10.23 203.0.113.22 203.0.113.21
  • 24. Distributed Virtual Router - What determines the FloatingIP versus the Fast Path Exit • Networks and Address scopes • Subnet-pools on Address scopes • Networks residing on same Address scopes ( External and Internal) follow the fast path exit or Fixed IP • Networks residing on different Address scopes follow the Floating IP or DNAT • In both these cases the FIP (Floating IP or Fast Internet Path) Namespace will be created. • Based on the Subnet Pool cidr the traffic will be directed to the respective routers routing the network.
  • 25. Routed networks and Nova scheduling Segments topology and ip address availability have to be considered by the Nova scheduler to place instances in compute nodes if routed networks are involved, both when booting and when live migrating segment1 172.16.0.0/22 segment2 172.16.2.0/22 segment3 172.16.8.0/22 segment1 172.16.12.0/22
  • 26. Changes to Nova scheduling (in progress) • Creation of instance’s ports moves from compute manager to conductor and will take place prior to placement decision • There are four use cases: User requests Scheduler places instance at: Boot with port id. Port has no IP address Any segment with available ip addresses Boot with port id. Port has IP address Segment with subnet containing ip address Boot with network id Any segment with available ip addresses Instance move Segment with subnet containing ip address
  • 27. Nova Generic Resource Pools API Resource Pool Inventories Aggregates DISK_GB IPV4_ADDRESS Host 1 Host n….. A resource pool represents a provider of resources: e.g. segments provide IPv4 addresses
  • 28. Resource Pools for routed networks Resource Pool Inventories Aggregates IPV4_ADDRESS Host 1 Host n….. Only created for routed networks segments ‘Neutron segment id <uuid>’ Updated for every subnet associated with the segment Based on hosts segments mapping
  • 29. Agenda • Why Routed Networks • Layer 2 and layer-3 networks at scale • Routed Networks implementation • Changes to Neutron • Interaction with the Nova scheduler • Configuration
  • 30. Physical preparation • Unique physnet per segment • VLAN number is independent per physnet • VLAN ids can be re-used from segment to segment • DHCP agent hosts per physnet • Your choice of routing architecture
  • 31. Neutron Configuration • Configure segments service plugin • Bridge mappings • OVN provides a different way to configure host to segment access • Create network • Includes creating the segments with multi-provider extension • Creating segments after network creation is also supported • Create subnets • Include segment_id from previous step with each subnet create
  • 32. Distributed Virtual Router (DVR) br-tun qrouter br-ex Network Node Compute Node 1 Compute Node2 br-tunbr-tun br-int VM2VM1 br-int br-int VM4VM3 Private_net Public_net qrouter qrouter FIP FIP br-ex br-ex SNAT
  • 33. Distributed Virtual Router - North South Routing with SNAT br-tun qrouter br-ex Network Node Compute Node 1 Compute Node2 br-tunbr-tun br-int VM2VM1 br-int br-int VM4VM3 Private_net Public_net qrouter qrouter FIP FIP br-ex br-ex SNAT
  • 34. Distributed Virtual Router - North South with Fixed IP - (Fast path exit) br-tun qrouter br-ex Network Node Compute Node 1 Compute Node2 br-tunbr-tun br-int VM2VM1 br-int br-int VM4VM3 Private_net Public_net qrouter qrouter FIP FIP br-ex br-ex SNAT
  • 35. Distributed Virtual Router - Distributed North South with BGP and Service subnet br-tun qrouter br-ex Network Node Compute Node 1 Compute Node2 br-tunbr-tun br-int VM2VM1 br-int br-int VM4VM3 Private_net Public_net qrouter qrouter FIP FIP br-ex br-ex SNAT BGP Speaker Service_subnet 192.168.113.40 192.168.113..41192.168.113.39 Rack1 with segment 1 Router Router 192.168.113.50 203.0.113.150203.0.113.0/24 10.0.10.20 10.0.10.21 10.0.10.22 10.0.10.23 203.0.113.22 203.0.113.21