Hi Shyam,<div> Make sure you have access control list configured for the VMs.</div><div>You can configure it from the dashboard.</div><div><br></div><div>Thanks,</div><div>-Ravi.</div><div class="gmail_extra"><br><br><div class="gmail_quote">
On Fri, Nov 23, 2012 at 12:34 PM, Shyam Goud <span dir="ltr"><<a href="mailto:shyam.todeti@oneconvergence.com" target="_blank">shyam.todeti@oneconvergence.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<br>
<div>Hello All,<br>
<br>
I am unable to ping VM on its floating IP from external network.
Interestingly I am able to ping external network from VM.<br>
VM's: Fixed IP 10.0.0.3, Floating IP <a href="http://192.168.2.161/24" target="_blank">192.168.2.161/24</a>. <br>
<br>
Appreciate any inputs here.<br>
<br>
#quantum router-list<br>
+--------------------------------------+---------+--------------------------------------------------------+<br>
| id | name |
external_gateway_info |<br>
+--------------------------------------+---------+--------------------------------------------------------+<br>
| 27b3117b-1fe7-43b6-a1af-6c4cd54387bb | router1 | {"network_id":
"246f3475-1113-479a-a478-ee2b91c09b82"} |<br>
+--------------------------------------+---------+--------------------------------------------------------+<br>
<br>
root@controller-desktop:~# <br>
root@controller-desktop:~# quantum port-list --
--27b3117b-1fe7-43b6-a1af-6c4cd54387bb<br>
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+<br>
| id | name | mac_address
|
fixed_ips
|<br>
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+<br>
| 0e54497a-c4da-4d24-bdcf-50d9bc7349fc | | fa:16:3e:7a:93:47
| {"subnet_id": "78e72581-6079-4758-beb1-e35751c428f8",
"ip_address": "10.0.0.1"} |<br>
| 146fa6ef-4051-493f-a1f5-caaf7d6be106 | | fa:16:3e:60:40:44
| {"subnet_id": "b0955be1-cefe-4fb8-b607-01ff93af5753",
"ip_address": "192.168.2.161"} |<br>
| 41d1f801-febd-4559-9253-b661623cdf95 | | fa:16:3e:2a:40:2d
| {"subnet_id": "78e72581-6079-4758-beb1-e35751c428f8",
"ip_address": "10.0.0.3"} |<br>
| db7f14be-a460-4dfb-87df-8098cf16489f | | fa:16:3e:f5:22:21
| {"subnet_id": "78e72581-6079-4758-beb1-e35751c428f8",
"ip_address": "10.0.0.2"} |<br>
| ee9f258e-0f4a-463a-b2d8-738d00b246f7 | | fa:16:3e:b1:c5:46
| {"subnet_id": "b0955be1-cefe-4fb8-b607-01ff93af5753",
"ip_address": "192.168.2.160"} |<br>
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+<br>
<br>
root@controller-desktop:~# quantum floatingip-list<br>
+--------------------------------------+------------------+---------------------+--------------------------------------+<br>
| id | fixed_ip_address |
floating_ip_address | port_id |<br>
+--------------------------------------+------------------+---------------------+--------------------------------------+<br>
| e045f346-a4f3-44c2-9c9e-0f02d95107a8 | 10.0.0.3 |
192.168.2.161 | 41d1f801-febd-4559-9253-b661623cdf95 |<br>
+--------------------------------------+------------------+---------------------+--------------------------------------+<br>
root@controller-desktop:~# <br>
<br>
+++++++++++ Routers Routing tables ++++++++++++<br>
~# ip netns exec qrouter-27b3117b-1fe7-43b6-a1af-6c4cd54387bb
route -n<br>
Kernel IP routing table<br>
Destination Gateway Genmask Flags Metric
Ref Use Iface<br>
0.0.0.0 192.168.2.254 0.0.0.0 UG 0
0 0 qg-ee9f258e-0f<br>
10.0.0.0 0.0.0.0 255.255.255.0 U 0
0 0 qr-0e54497a-c4<br>
192.168.2.0 0.0.0.0 255.255.255.0 U 0
0 0 qg-ee9f258e-0f<br>
root@controller-desktop:~# <br>
<br>
<br>
+++++++++ Routers NAT policy +++++++++++++++++<br>
<br>
# ip netns exec qrouter-27b3117b-1fe7-43b6-a1af-6c4cd54387bb
iptables -t nat -L -vn<br>
Chain PREROUTING (policy ACCEPT 5008 packets, 475K bytes)<br>
pkts bytes target prot opt in out
source destination <br>
5013 475K quantum-l3-agent-PREROUTING all -- * *
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <br>
<br>
Chain INPUT (policy ACCEPT 528 packets, 140K bytes)<br>
pkts bytes target prot opt in out
source destination <br>
<br>
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)<br>
pkts bytes target prot opt in out
source destination <br>
1 84 quantum-l3-agent-OUTPUT all -- * *
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <br>
<br>
Chain POSTROUTING (policy ACCEPT 5 packets, 420 bytes)<br>
pkts bytes target prot opt in out
source destination <br>
10 840 quantum-l3-agent-POSTROUTING all -- * *
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <br>
10 840 quantum-postrouting-bottom all -- * *
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <br>
<br>
Chain quantum-l3-agent-OUTPUT (1 references)<br>
pkts bytes target prot opt in out
source destination <br>
1 84 DNAT all -- * *
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> 192.168.2.161 to:10.0.0.3<br>
<br>
Chain quantum-l3-agent-POSTROUTING (1 references)<br>
pkts bytes target prot opt in out
source destination <br>
0 0 ACCEPT all -- !qg-ee9f258e-0f !qg-ee9f258e-0f
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> ! ctstate DNAT<br>
<br>
Chain quantum-l3-agent-PREROUTING (1 references)<br>
pkts bytes target prot opt in out
source destination <br>
5 420 DNAT all -- * *
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> 192.168.2.161 to:10.0.0.3<br>
<br>
Chain quantum-l3-agent-float-snat (1 references)<br>
pkts bytes target prot opt in out
source destination <br>
5 420 SNAT all -- * *
10.0.0.3 <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> to:192.168.2.161<br>
<br>
Chain quantum-l3-agent-snat (1 references)<br>
pkts bytes target prot opt in out
source destination <br>
10 840 quantum-l3-agent-float-snat all -- * *
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <br>
0 0 SNAT all -- * *
<a href="http://10.0.0.0/24" target="_blank">10.0.0.0/24</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> to:192.168.2.160<br>
<br>
Chain quantum-postrouting-bottom (1 references)<br>
pkts bytes target prot opt in out
source destination <br>
10 840 quantum-l3-agent-snat all -- * *
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <br>
root@controller-desktop:~# <br>
<br>
<br>
Following is the link which we used to create floating IPs.<br>
<br>
<b><a href="http://docs.openstack.org/trunk/openstack-network/admin/content/demo_logical_network_config.html" target="_blank">http://docs.openstack.org/trunk/openstack-network/admin/content/demo_logical_network_config.html</a></b><br>
<br>
Thanks,<br>
Shyam.<br>
<br>
</div>
<br>
</div>
<br>_______________________________________________<br>
OpenStack-dev mailing list<br>
<a href="mailto:OpenStack-dev@lists.openstack.org">OpenStack-dev@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br>Ravi<br><br>
</div>