[openstack-dev] [all] devstack changing to neutron by default RSN
Dan Smith
dms at danplanet.com
Fri Aug 5 18:45:18 UTC 2016
> The only functional difference in the new code that happens in
> the gate
> is the iptables rule:
>
> local default_dev=""
> default_dev=$(ip route | grep ^default | awk '{print $5}')
> sudo iptables -t nat -A POSTROUTING -o $default_dev -s
> $FLOATING_RANGE -j MASQUERADE
>
>
> I skipped this in [0], to give us further data points....clasping at
> straws still.
>
> [0] https://review.openstack.org/#/c/351876/
This rule only takes effect for packets leaving our public (real,
physical) interface. If that is causing packets to be routed from one
fixed range to another, then I think they must be leaving the box and
bouncing back from the provider somehow.
I don't understand what all DVR has to do with it. Maybe someone could
describe what is different about that scenario in terms of what extra
components, routes, etc are in play?
Also, are we sure that in that sort of run we have properly chosen our
outbound interface and aren't doing something stupid like
iptables -t nat -A POSTROUTING -o br_ex ...
?
--Dan
More information about the OpenStack-dev
mailing list