[DVR config] Can we use drv_snat agent_mode in every compute node?
According to documentation which You cited even "â??dvr_snatâ?? - this enables centralized SNAT support in conjunction with DVRâ??. So yes, dvr_snat will do both, SNAT mode as well as DVR for E-W traffic.
We are using it like that in some CI jobs for sure and it works.
But Iâ??m not 100% sure that this is â??production readyâ?? solution.
> On 16 May 2019, at 05:47, Yi Yang (æ?¨ç??)-äº?æ??å?¡é??å?¢ <yangyi01 at inspur.com> wrote:
> Hi, folks
> I saw somebody discussed distributed SNAT, but finally they didnâ??t make agreement on how to implement distributed SNAT, my question is can we use dvr_snat agent_mode in compute node? I understand dvr_snat only does snat but doesnâ??t do east west routing, right? Can we set dvr_snat and dvr in one compute node at the same time? It is equivalent to distributed SNAT if we can set drv_snat in every compute node, isnâ??t right? I know Opendaylight can do SNAT in compute node in distributed way, but one external router only can run in one compute node.
> I also see https://wiki.openstack.org/wiki/Dragonflow is trying to implement distributed SNAT, what are technical road blocks for distributed SNAT in openstack dvr? Do we have any good way to remove these road blocks?
> Thank you in advance and look forward to getting your replies and insights.
> Also attached official drv configuration guide for your reference.
> Valid Values
> dvr, dvr_snat, legacy, dvr_no_external
> The working mode for the agent. Allowed modes are: â??legacyâ?? - this preserves the existing behavior where the L3 agent is deployed on a centralized networking node to provide L3 services like DNAT, and SNAT. Use this mode if you do not want to adopt DVR. â??dvrâ?? - this mode enables DVR functionality and must be used for an L3 agent that runs on a compute host. â??dvr_snatâ?? - this enables centralized SNAT support in conjunction with DVR. This mode must be used for an L3 agent running on a centralized node (or in single-host deployments, e.g. devstack). â??dvr_no_externalâ?? - this mode enables only East/West DVR routing functionality for a L3 agent that runs on a compute host, the North/South functionality such as DNAT and SNAT will be provided by the centralized network node that is running in â??dvr_snatâ?? mode. This mode should be used when there is no external network connectivity on the compute host.
Senior software engineer