[Bug 1924765] Re: [ovn] fip assignment to instance via router with snat disabled is broken

[Launchpad Bug Tracker]

[Expired for neutron (Ubuntu) because there has been no activity for 60
days.]

** Changed in: neutron (Ubuntu)
       Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to neutron in Ubuntu.
https://bugs.launchpad.net/bugs/1924765

Title:
  [ovn] fip assignment to instance via router with snat disabled is
  broken

Status in neutron:
  Expired
Status in neutron package in Ubuntu:
  Expired

Bug description:
  Ubuntu: 20.04
  OpenStack: Ussuri
  Networking: OVN (20.03.x)

  Network topology:

  Geneve overlay network for project networks, router has snat disabled
  and the project network and the external network are all in the same
  address scope and subnet pool.  OVN routers are simply acting as L3
  routers and instances on the project network can be directly accessed
  by the address assigned to their port (with appropriate route
  configuration in the outside of openstack world).

  Issue:

  Its possible to create and then associate a floating IP on the
  external network with an instance attached to the project network -
  however this does not work - access to the instance via the FIP is
  broken, as is access to its fixed IP (when this worked OK before).

  Thoughts:

  The concept of a FIP is very much NAT centric, and in the described
  configuration NAT is very much disabled.  This idea seems to have
  worked way back in icehouse, however does not work at Ussuri.  If this
  is not a supported network model, the association of the FIP to the
  instance should error with an appropriate message that NAT is not
  supported to the in-path router to the external network.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1924765/+subscriptions