undercloud: network: fix NAT rules and gateway to make VRRP slaves work properly (!1244) · Merge requests · Forge / infra / infrastructure

Charles Decoux requested to merge gate-redundancy into main Jan 23, 2023

Three changes are made here:

Removal of default "Bocal" gateway on bond0.930: this is useless as keepalived already does this when the node is master, and the route can't be used on backup nodes because it doesn't own expected public IP;
New default route to undercloud's internal keepalived IP with metric 50: this route will be used by backup nodes to reach Internet and internal resources, and will be superseded by keepalived's default one on master node
Exception on SNAT: do not SNAT traffic inside routing subnet

Edited Jan 30, 2023 by Charles Decoux

undercloud: network: fix NAT rules and gateway to make VRRP slaves work properly