Jump to: navigation, search

UnderstandingFlatNetworking

Understanding FlatNetworking

(this took me quite a while to get into my head, so I'm writing it down for anyone else)

OpenStack/Nova has two general catagories (as of Cactus/Diablo releases) for networking:

FlatNetworking

FlatNetworking uses ethernet adapters configured as bridges to allow network traffic to transit between all the various nodes. This setup can be done with a single adapter on the physical host, or multiple. This option _*does not*_ require a switch that does VLAN tagging (VLANNetworking does) - and is a common development installation or proof of concept setup.

Single Adapter, All in one setup

  • extremely common development setup

FlatNetworkSingleInterfaceAllInOne.png

Multiple nodes with a single adapter

  • smoke testing, proof of concept layout

FlatNetworkSingleInterface.png

Multiple nodes, multiple adapters

  • server setup with separate admin and data traffic

FlatNetworkMultInterface.png

Outbound Traffic Flow

In any set up with FlatNetworking, the host with `nova-network` on it is responsible for forwarding traffic from the private network configured with the {{--fixed_range=...} directive in nova.conf. This host needs to have br100 configured and talking to any other nodes that are hosting VMs. With either of the Flat Networking options, the default gateway for the virtual machines is set to the host which is running `nova-network`. You must set the --flat_network_bridge flag or create networks with the bridge parameter in order to avoid raising an error.

Single adapter hosts

  • When a virtual machine sends traffic out to the public networks, it sends it first to it's default gateway (where ever `nova-network` is configured)

SingleInterfaceOutbound 1.png

  • Then the host on which `nova-network` is configured acts as a router and forwards the traffic out to the Internet.

SingleInterfaceOutbound 2.png

#!wiki caution
If you're using a single interface, then that interface (often eth0) needs to be set into promiscuous mode for the forwarding to happen correctly. This _does not_ appear to be needed if you're running with physical hosts that have and use two interfaces.

Multiple adapter hosts

  • When a virtual machine sends traffic out to the public networks, it sends it first to it's default gateway (where ever `nova-network` is configured). In a multiple adapter setup, this is over the adapter that is configured as a bridge interface and connected to the other hosts via a switch.

MultiInterfaceOutbound 1.png

  • Then the host on which `nova-network` is configured acts as a router and forwards the traffic out to the Internet. Typically over the second interface, which has been configured with the hosts internet IP address.

MultiInterfaceOutbound 2.png

Inbound Traffic

For inbound traffic (assuming a floating IP address has been set up), the `nova-network` host is responsible for hosting that IP address and doing the DNAT/SNAT addressing to route the traffic to the appropriate virtual machine.