<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div>Hi James. </div><div id="AppleMailSignature"><br></div><div id="AppleMailSignature">That makes sense. I had tried that. Doesn't seem to work. I'd think the public and private subnets would behave the same way. Public works but private doesn't. Private can ping though </div><div id="AppleMailSignature"><br></div><div id="AppleMailSignature">Telnet can't get to port 53 from an instance on the private net. </div><div id="AppleMailSignature"><br></div><div id="AppleMailSignature">Public net can use my ATT router gateway as DNS too. </div><div id="AppleMailSignature"><br></div><div id="AppleMailSignature">Wondering if Neutron router is to blame... again. :)</div><div id="AppleMailSignature"><br></div><div id="AppleMailSignature">Thanks</div><div id="AppleMailSignature">Chris. <br><br>Sent from my iPhone</div><div><br>On Mar 30, 2016, at 9:20 PM, James Denton <<a href="mailto:james.denton@rackspace.com">james.denton@rackspace.com</a>> wrote:<br><br></div><blockquote type="cite"><div>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<p>Hi Chris,<br>
</p>
<p><br>
</p>
<p>It shouldn't be as complex as that. DNS nameservers are pushed to instances via DHCP, and those name servers are set during subnet creation. You can also do a 'neutron subnet-update' to update an existing subnet.<br>
</p>
<p><br>
</p>
<p>Syntax:<br>
</p>
<p>neutron subnet-update <subnet> --dns-nameservers <dns1> <dns2><br>
</p>
<p><br>
</p>
<p>That would be used to update the subnet your instances attach to and not the external subnet attached to the router. Hope that helps.<br>
</p>
<p><br>
</p>
<p>James<br>
</p>
<p><br>
</p>
<p><br>
</p>
<div style="color: rgb(33, 33, 33);">
<hr tabindex="-1" style="display:inline-block; width:98%">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" color="#000000" style="font-size:11pt"><b>From:</b> Christopher Hull <<a href="mailto:chrishull42@gmail.com">chrishull42@gmail.com</a>><br>
<b>Sent:</b> Wednesday, March 30, 2016 11:06 PM<br>
<b>To:</b> openstack-operators<br>
<b>Subject:</b> [Openstack-operators] [neutron] Instances on private net can't resolve, no DNS</font>
<div> </div>
</div>
<div>
<div dir="ltr">
<div>
<div>
<div>
<div>
<div>
<div>
<div>Hello all;<br>
<br>
</div>
Well, more pulling of teeth it seems before I actually get to USE my self-installed OpenStack Liberty. :-)<br>
<br>
</div>
All networks seem to work just fine. Can ping everything from private network. You would think DNS would work, but it doesn't This I think has something to do with dnsmasq.
<br>
<br>
</div>
I've read a few web pages. Set dnsmasq_dns_servers in dhcp_agent.ini to 8.8.8.8,8.8.4.4 (Google DNS). Also set the private subnet to those. Nada.<br>
<br>
</div>
From within an instance on the Private network, telnet 8.8.8.8 53 "no route to host".... but it PINGS! Hmmm.
<br>
<br>
</div>
So help me unravel more of this genome known as OpenStack. Why if private instances can reach the internet, doens't DNS work????<br>
<br>
</div>
<div>Just patched Neutron to fix the previous bug. I think I have the latest.<br>
</div>
<div><br>
</div>
Thanks<br>
</div>
-Chris<br>
<br>
<div>
<div>
<div><br>
<div>
<div>
<div>
<div>
<div>
<div>
<div class="gmail_signature">
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div>
<div>- Christopher T. Hull<br>
</div>
<div>I am presently seeking a new career opportunity Please see career page<br>
</div>
<div><a href="http://chrishull.com/career" target="_blank">http://chrishull.com/career</a><br>
</div>
<div>333 Orchard Ave, Sunnyvale CA. 94085<br>
(415) 385 4865<br>
</div>
<div><a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a><br>
</div>
<a href="http://chrishull.com" target="_blank">http://chrishull.com</a><br>
<br>
</div>
</div>
<div>
<div><br>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div></blockquote></body></html>