Fake Uplink Setup

If you are not connecting through a BGP link, or you just want to use static routing follow this section.

This creates a static up-link to connect VMs to the external network.

  1. Create fake uplink

    We are going to create the following topology to allow the VMs reach external networks:

                 +---------------+
                                 |
                                 | 172.19.0.1/30
              +------------------+---------------+
              |                                  |
              |     Fakeuplink linux bridge      |
              |                                  |
              +------------------+---------------+        UNDERLAY
                                 | veth0
                                 |
                                 |
                                 |
      +------+  +------+  +-------------+  +------+  +------+
                                 |
                                 |
                                 |
                   172.19.0.2/30 | veth1
              +------------------+----------------+        OVERLAY
              |                                   |
              |            Edge Router            |
              |                                   |
              +------------------+----------------+
                                 |  200.200.200.0/24
                                 |
              +------------------+----------------+
  2. Create a veth pair

    # ip link add type veth
    # ip link set dev veth0 up
    # ip link set dev veth1 up
  3. Create a bridge, set an IP address and attach veth0

    # brctl addbr uplinkbridge
    # brctl addif uplinkbridge veth0
    # ip addr add 172.19.0.1/30 dev uplinkbridge
    # ip link set dev uplinkbridge up
  4. Enable IP forwarding

    # sysctl -w net.ipv4.ip_forward=1
  5. Route packets to 'external' network to the bridge

    # ip route add 200.200.200.0/24 via 172.19.0.2
  6. Create a port on the Edge Router and bind it to the veth:

    $ midonet-cli
    midonet> router list
    router router0 name Edge Router state up
    midonet> router router0 add port addresses 172.19.0.2/30
    router0:port0
    midonet> router router0 add route src 0.0.0.0/0 dst 0.0.0.0/0 type normal port router router0 port port0 gw 172.19.0.1
    midonet> host list
    host host0 name controller alive true
    midonet> host host0 add binding port router router0 port port0 interface veth1
    host host0 interface veth1 port router0:port
  7. Add masquerading to your external interface so connections coming from the overlay with addresses that belong to the "fake" external network are NATed. Also make sure these packets can be forwarded:

    # iptables -t nat -I POSTROUTING -o eth0 -s 200.200.200.0/24 -j MASQUERADE
    # iptables -I FORWARD -s 200.200.200.0/24 -j ACCEPT

Now we can reach VMs from the underlay host using their floating IPs, and VMs can reach external networks as well (as long as the host has external connectivity).

Questions? Discuss on Mailing Lists or Chat.
Found an error? Report a bug.


loading table of contents...