Configuring cloud routing
Instances within the same virtual tenant network can reach each other, but by default, each tenant network cannot reach other tenants or external networks. Deploying virtual routers is the way to enable L3 network communication so that tenant virtual networks can connect by associating a subnet with a router.
Routing tenant traffic
Under the hood, a port associated with a tenant virtual network will be associated with the IP address of the subnet gateway. Instances across different virtual networks reach each other by communicating via the virtual router, using the gateway IP address and their private IP addresses encapsulated in the packets. This is called a NAT (network address translation) mechanism. In OpenStack networking, the Neutron L3 agent manages virtual routers. IP packets are forwarded by a virtual router to different self-service and external networks through the following router interfaces:
qr: Contains the tenant network gateway...
