)]}'
{"/COMMIT_MSG":[{"author":{"_account_id":9531,"name":"liuyulong","display_name":"LIU Yulong","email":"i@liuyulong.me","username":"LIU-Yulong"},"change_message_id":"b5748e4d885dd9b99f0cb95f48efff725ce978f4","unresolved":false,"context_lines":[{"line_number":10,"context_line":"1. The metering agent adds the metering iptables rules on the qrouter-"},{"line_number":11,"context_line":"namespace for the qg- interface. This is for centralized routers and"},{"line_number":12,"context_line":"works well."},{"line_number":13,"context_line":"2. The metering agent adds the metering iptables rules on the snat-"},{"line_number":14,"context_line":"namespace for the rpf- interface. This is wrong. The snat- namespace"},{"line_number":15,"context_line":"(which exists only on network nodes for DVR routers) houses a qg-"},{"line_number":16,"context_line":"interface for doing NAT. The rfp- interface exists only on compute nodes"},{"line_number":17,"context_line":"in the qrouter- namespace and it is used to route floating ip traffic."},{"line_number":18,"context_line":""},{"line_number":19,"context_line":"This change properly associates the qg- interface to the snat namespace"},{"line_number":20,"context_line":"and the rfp- interface with the main namespace."}],"source_content_type":"text/x-gerrit-commit-message","patch_set":3,"id":"3fa7e38b_e77cffb7","line":17,"range":{"start_line":13,"start_character":0,"end_line":17,"end_character":70},"updated":"2019-11-07 14:17:48.000000000","message":"There are much more use cases:\n1. VM is under the dvr router, but the compute host\u0027s L3 agent mode is dvr_no_external, then in snat node L3 agent (dvr_snat), the floating IPs will be set in the snat-namespace. The device is also qg- interface.\n2. Mixed compute node and snat node, the agent mode will be dvr_snat. Then the qrouter-namespace and rfp-device will be used for floating IPs for this host. Such mixed deployment is mostly used in upstream CI.\n\nThese patch sets handle these scenario well?","commit_id":"6310c0a19bbf20c34bc8ce2a4bdb486734e26903"},{"author":{"_account_id":9531,"name":"liuyulong","display_name":"LIU Yulong","email":"i@liuyulong.me","username":"LIU-Yulong"},"change_message_id":"419a65a92e0dbb6ae8d17bbdd9f0a10acad633cf","unresolved":false,"context_lines":[{"line_number":10,"context_line":"1. The metering agent adds the metering iptables rules on the qrouter-"},{"line_number":11,"context_line":"namespace for the qg- interface. This is for centralized routers and"},{"line_number":12,"context_line":"works well."},{"line_number":13,"context_line":"2. The metering agent adds the metering iptables rules on the snat-"},{"line_number":14,"context_line":"namespace for the rpf- interface. This is wrong. The snat- namespace"},{"line_number":15,"context_line":"(which exists only on network nodes for DVR routers) houses a qg-"},{"line_number":16,"context_line":"interface for doing NAT. The rfp- interface exists only on compute nodes"},{"line_number":17,"context_line":"in the qrouter- namespace and it is used to route floating ip traffic."},{"line_number":18,"context_line":""},{"line_number":19,"context_line":"This change properly associates the qg- interface to the snat namespace"},{"line_number":20,"context_line":"and the rfp- interface with the main namespace."}],"source_content_type":"text/x-gerrit-commit-message","patch_set":3,"id":"3fa7e38b_a1e6cc49","line":17,"range":{"start_line":13,"start_character":0,"end_line":17,"end_character":70},"in_reply_to":"3fa7e38b_616d34cb","updated":"2019-11-12 13:00:09.000000000","message":"This is the original RFE: https://bugs.launchpad.net/neutron/+bug/1667877","commit_id":"6310c0a19bbf20c34bc8ce2a4bdb486734e26903"},{"author":{"_account_id":9531,"name":"liuyulong","display_name":"LIU Yulong","email":"i@liuyulong.me","username":"LIU-Yulong"},"change_message_id":"a684e9c6a8cde8f99753feb97937ba9585b00727","unresolved":false,"context_lines":[{"line_number":10,"context_line":"1. The metering agent adds the metering iptables rules on the qrouter-"},{"line_number":11,"context_line":"namespace for the qg- interface. This is for centralized routers and"},{"line_number":12,"context_line":"works well."},{"line_number":13,"context_line":"2. The metering agent adds the metering iptables rules on the snat-"},{"line_number":14,"context_line":"namespace for the rpf- interface. This is wrong. The snat- namespace"},{"line_number":15,"context_line":"(which exists only on network nodes for DVR routers) houses a qg-"},{"line_number":16,"context_line":"interface for doing NAT. The rfp- interface exists only on compute nodes"},{"line_number":17,"context_line":"in the qrouter- namespace and it is used to route floating ip traffic."},{"line_number":18,"context_line":""},{"line_number":19,"context_line":"This change properly associates the qg- interface to the snat namespace"},{"line_number":20,"context_line":"and the rfp- interface with the main namespace."}],"source_content_type":"text/x-gerrit-commit-message","patch_set":3,"id":"3fa7e38b_f78491d5","line":17,"range":{"start_line":13,"start_character":0,"end_line":17,"end_character":70},"in_reply_to":"3fa7e38b_9498be75","updated":"2019-11-11 11:49:11.000000000","message":"Yes, you are going to fix the bug of dvr metering, so it is DVR. : )\n\nFor dvr_no_external node, qrouter-namespace will not have that rfp-device.\n\nOne more question, for east-west traffic of internal IPs only (we can create metering rule for fixed IPs, right?), this will handle that properly since the traffic will be routed locally in compute node, the traffic direction could be a problem? This could be a very complicated case...","commit_id":"6310c0a19bbf20c34bc8ce2a4bdb486734e26903"},{"author":{"_account_id":28655,"name":"Alexandru Sorodoc","email":"alex@privacysystems.eu","username":"bno1"},"change_message_id":"055e8d222cfffe70dca2ff2d23dcc8c41130d524","unresolved":false,"context_lines":[{"line_number":10,"context_line":"1. The metering agent adds the metering iptables rules on the qrouter-"},{"line_number":11,"context_line":"namespace for the qg- interface. This is for centralized routers and"},{"line_number":12,"context_line":"works well."},{"line_number":13,"context_line":"2. The metering agent adds the metering iptables rules on the snat-"},{"line_number":14,"context_line":"namespace for the rpf- interface. This is wrong. The snat- namespace"},{"line_number":15,"context_line":"(which exists only on network nodes for DVR routers) houses a qg-"},{"line_number":16,"context_line":"interface for doing NAT. The rfp- interface exists only on compute nodes"},{"line_number":17,"context_line":"in the qrouter- namespace and it is used to route floating ip traffic."},{"line_number":18,"context_line":""},{"line_number":19,"context_line":"This change properly associates the qg- interface to the snat namespace"},{"line_number":20,"context_line":"and the rfp- interface with the main namespace."}],"source_content_type":"text/x-gerrit-commit-message","patch_set":3,"id":"3fa7e38b_616d34cb","line":17,"range":{"start_line":13,"start_character":0,"end_line":17,"end_character":70},"in_reply_to":"3fa7e38b_b7d4d9bc","updated":"2019-11-12 12:56:49.000000000","message":"The metering agent doesn\u0027t handle east-west traffic. I\u0027m only trying to fix the metering agent for DVR routers, not to enhance its functionality.\n\nAbout dvr_no_external, can you please point me to some documentation that explains all the agent modes and how they route traffic?","commit_id":"6310c0a19bbf20c34bc8ce2a4bdb486734e26903"},{"author":{"_account_id":28655,"name":"Alexandru Sorodoc","email":"alex@privacysystems.eu","username":"bno1"},"change_message_id":"e2f96463fbebca71335253e5d93395081829916f","unresolved":false,"context_lines":[{"line_number":10,"context_line":"1. The metering agent adds the metering iptables rules on the qrouter-"},{"line_number":11,"context_line":"namespace for the qg- interface. This is for centralized routers and"},{"line_number":12,"context_line":"works well."},{"line_number":13,"context_line":"2. The metering agent adds the metering iptables rules on the snat-"},{"line_number":14,"context_line":"namespace for the rpf- interface. This is wrong. The snat- namespace"},{"line_number":15,"context_line":"(which exists only on network nodes for DVR routers) houses a qg-"},{"line_number":16,"context_line":"interface for doing NAT. The rfp- interface exists only on compute nodes"},{"line_number":17,"context_line":"in the qrouter- namespace and it is used to route floating ip traffic."},{"line_number":18,"context_line":""},{"line_number":19,"context_line":"This change properly associates the qg- interface to the snat namespace"},{"line_number":20,"context_line":"and the rfp- interface with the main namespace."}],"source_content_type":"text/x-gerrit-commit-message","patch_set":3,"id":"3fa7e38b_9498be75","line":17,"range":{"start_line":13,"start_character":0,"end_line":17,"end_character":70},"in_reply_to":"3fa7e38b_e77cffb7","updated":"2019-11-10 17:22:51.000000000","message":"The driver checks the router type (distributed or centralized) and the available iptables namespaces (qrouter and snat) to determine on what interfaces to apply metering rules on. Here is a pseudocode:\n\n```\nif the qrouter- namespace is available:\n  if router is distributed:\n    apply metering rules on the rfp- device from the qrouter- namespace\n  else:\n    apply metering rules on the qg- device from the qrouter- namespace\n\nif the snat- namespace is available:\n  apply metering rules on the qg- device from the snat- namespace\n```\n\nFor the use cases you described:\n1. On the snat node: the router is distributed, the snat- namespace is available, so the qg- device on the snat- namespace will be metered. On the compute host the rfp- device on the qrouter- namespace will also be metered, but I don\u0027t think any traffic flows through it. Please correct me if I\u0027m wrong.\n2. I assume you\u0027re talking about a distributed router, in which case the rfp- device from the qrouter- namespace will be metered.\n\nIn conclusion, I believe my patches handle these scenarios properly.","commit_id":"6310c0a19bbf20c34bc8ce2a4bdb486734e26903"},{"author":{"_account_id":9531,"name":"liuyulong","display_name":"LIU Yulong","email":"i@liuyulong.me","username":"LIU-Yulong"},"change_message_id":"c04b65e4e2491d221bf85a8e813d268187606f12","unresolved":false,"context_lines":[{"line_number":10,"context_line":"1. The metering agent adds the metering iptables rules on the qrouter-"},{"line_number":11,"context_line":"namespace for the qg- interface. This is for centralized routers and"},{"line_number":12,"context_line":"works well."},{"line_number":13,"context_line":"2. The metering agent adds the metering iptables rules on the snat-"},{"line_number":14,"context_line":"namespace for the rpf- interface. This is wrong. The snat- namespace"},{"line_number":15,"context_line":"(which exists only on network nodes for DVR routers) houses a qg-"},{"line_number":16,"context_line":"interface for doing NAT. The rfp- interface exists only on compute nodes"},{"line_number":17,"context_line":"in the qrouter- namespace and it is used to route floating ip traffic."},{"line_number":18,"context_line":""},{"line_number":19,"context_line":"This change properly associates the qg- interface to the snat namespace"},{"line_number":20,"context_line":"and the rfp- interface with the main namespace."}],"source_content_type":"text/x-gerrit-commit-message","patch_set":3,"id":"3fa7e38b_b7d4d9bc","line":17,"range":{"start_line":13,"start_character":0,"end_line":17,"end_character":70},"in_reply_to":"3fa7e38b_f78491d5","updated":"2019-11-11 11:51:27.000000000","message":"So if east-west is not your case, but for floating IP and gateway IP only, then I have an alternative here, it does not require metering agent, but gives you same functionality with a new L3 agent extension only:\nhttps://review.opendev.org/#/c/658511/","commit_id":"6310c0a19bbf20c34bc8ce2a4bdb486734e26903"}]}