Floating IP Principle Analysis-5 minutes a day to play OpenStack (107)

In the previous section, we created a floating IP for cirros-vm3 with the Web UI, and today we will analyze how it works.

First look at the interface configuration of the router:

As you can see, the floating IP is already configured on the router extranet interface qg-b8b32a88-03. To view NAT rules for router:

Iptables adds two rules for handling floating IP:
1. When router receives a packet from the extranet, if the destination address is floating IP 10.10.10.3, the destination address is modified to cirros-vm3 IP 172.16.101.3. So that the outer network of the package can be sent to reach cirros-vm3.
2. When cirros-vm3 sends data to the extranet, the source address 172.16.101.3 will be modified to floating IP 10.10.10.3.

Let's pass the PING test. In my lab environment, 10.10.10.1 is the physical switch in the extranet, and now let it PING cirros-vm3.

able to PING through. We can observe the behavior of floating IP through tcpdump on the interface of router.

Ext_net interface qg-b8b32a88-03 tcpdump output:

Visible, on the external network interface qg-b8b32a88-03, is always through the floating IP 10.10.10.3 and the external network communication.

vlan101 interface qr-e17162c5-00 tcpdump output:

When the data is forwarded to the Tenant network, the address has become CIRROS-VM3 tenant IP 172.16.101.3.

Summary:
1. Floating IP allows the extranet to directly access the instance in the tenant network. This is achieved by applying the iptalbes NAT rule on the router.
2. Floating IP is configured on the router extranet interface rather than instance, which requires special attention.

At this point, we have completed the Neutron L3 service connection to different subnet, access to the extranet, and floating IP learning.
At the beginning of the next section, we will learn how Neutron supports the VxLAN network type.

Floating IP Principle Analysis-5 minutes a day to play OpenStack (107)