[Openstack-operators] Liberty Neutron - Can't ping router or get floating ips to work.

Christopher Hull chrishull42 at gmail.com
Mon Mar 14 05:06:17 UTC 2016


Hi all;   again.  :-)
Sorry.  Still having issues with this.  It comes down to the public port on
the router I think...

Following the Liberty install instructions.  Setting up a public / private
net with router.

Still trying to get my private to public net router working.  Can't seem to
get floating IPs to work.  Am able to ping the router from the private
space.   Both public and private ports work.   There seems to be something
wrong with the router's public port as it is DOWN.

Had thought it might be a security issue, but security is off for both
public and private ports.  And the private one works just fine.  Perhaps I
should create a VM on the public network and somehow force the router to
use it's working port?

How can I diagnose this.

Thanks;
-Chris


Details.....


[sleestack at maersk src]$ neutron router-port-list router
+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
| id                                   | name | mac_address       |
fixed_ips
|
+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
| 145e2d39-75ff-452d-b840-bb355528f865 |      | fa:16:3e:66:02:f2 |
{"subnet_id": "9bc41a73-6863-476f-8b1a-5317dfc1fcdd", "ip_address":
"192.168.10.1"} |
| 688e344c-448a-4279-9e68-0653017c856f |      | fa:16:3e:1b:b2:75 |
{"subnet_id": "fdf2bf4b-e0ef-4843-85a2-e88f9aa674b5", "ip_address":
"172.22.10.11"} |
+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
[sleestack at maersk src]$ neutron port-show
688e344c-448a-4279-9e68-0653017c856f
+-----------------------+--------------------------------------------------------------------------------------------------------------+
| Field                 |
Value
|
+-----------------------+--------------------------------------------------------------------------------------------------------------+
| admin_state_up        |
True
|
| allowed_address_pairs
|
|
| binding:host_id       |
maersk
|
| binding:profile       |
{}
|
| binding:vif_details   | {"port_filter":
true}
|
| binding:vif_type      |
bridge
|
| binding:vnic_type     |
normal
|
| device_id             |
c6d5a6a9-e0b6-419d-adf6-3647410550bf
|
| device_owner          |
network:router_gateway
|
| dns_assignment        | {"hostname": "host-172-22-10-11", "ip_address":
"172.22.10.11", "fqdn": "host-172-22-10-11.openstacklocal."} |
| dns_name
|
|
| extra_dhcp_opts
|
|
| fixed_ips             | {"subnet_id":
"fdf2bf4b-e0ef-4843-85a2-e88f9aa674b5", "ip_address":
"172.22.10.11"}                          |
| id                    |
688e344c-448a-4279-9e68-0653017c856f
|
| mac_address           |
fa:16:3e:1b:b2:75
|
| name
|
|
| network_id            |
43f09f04-c7ca-4df9-bc74-516dd134313f
|
| port_security_enabled |
False
|
| security_groups
|
|
| status                |
DOWN
|
| tenant_id
|
|
+-----------------------+--------------------------------------------------------------------------------------------------------------+

But the Private one works and it has no security either.  Hmmm

[sleestack at maersk src]$ neutron port-show
145e2d39-75ff-452d-b840-bb355528f865
+-----------------------+--------------------------------------------------------------------------------------------------------------+
| Field                 |
Value
|
+-----------------------+--------------------------------------------------------------------------------------------------------------+
| admin_state_up        |
True
|
| allowed_address_pairs
|
|
| binding:host_id       |
maersk
|
| binding:profile       |
{}
|
| binding:vif_details   | {"port_filter":
true}
|
| binding:vif_type      |
bridge
|
| binding:vnic_type     |
normal
|
| device_id             |
c6d5a6a9-e0b6-419d-adf6-3647410550bf
|
| device_owner          |
network:router_interface
|
| dns_assignment        | {"hostname": "host-192-168-10-1", "ip_address":
"192.168.10.1", "fqdn": "host-192-168-10-1.openstacklocal."} |
| dns_name
|
|
| extra_dhcp_opts
|
|
| fixed_ips             | {"subnet_id":
"9bc41a73-6863-476f-8b1a-5317dfc1fcdd", "ip_address":
"192.168.10.1"}                          |
| id                    |
145e2d39-75ff-452d-b840-bb355528f865
|
| mac_address           |
fa:16:3e:66:02:f2
|
| name
|
|
| network_id            |
f1309195-e346-4748-b223-d2875204cab8
|
| port_security_enabled |
False
|
| security_groups
|
|
| status                |
ACTIVE
|
| tenant_id             |
7813be77b1de4196b1c6b77006afa21c
|
+-----------------------+--------------------------------------------------------------------------------------------------------------+


[sleestack at maersk src]$ neutron port-update --security-group
a76c3568-7f0c-4e57-903b-669f6911eb0d \
>     688e344c-448a-4279-9e68-0653017c856f
Port security must be enabled and port must have an IP address in order to
use security groups.













- Christopher T. Hull
333 Orchard Ave, Sunnyvale CA. 94085
(415) 385 4865
chrishull42 at gmail.com
http://chrishull.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20160313/9407bcb2/attachment.html>


More information about the OpenStack-operators mailing list