Open Stack

Hi guys,

I have a question regarding NAT in openstack

I have an openstack cloud (FlatDHCP, multi_host=false) with one nova-network node doing the nating.

I have noticed that when I ping an external machine from within a VM, on the receiving end I see the IP of the VM (so the outgoing SNAT works properly).
I have also noticed that when I ping a VM inside the cloud from a machine outside, the VM sees the external IP of the nova-network node as the source of the ping and not the real IP of the "pinger"...  (this is the problem for me).

I looked at the nova-network machine's iptables and I see this:

-A nova-network-snat -s 10.0.0.0/8 -j SNAT --to-source 10.129.40.12

So it's basically setting the nova-network node as the source IP for all incoming traffic, in my situation, this prevents an application running inside the cloud to properly identifies the server located outside, currently, the only peer it sees is the nova-network node and not the IP of the server (located outside the cloud) so my application tries to connect to nova-network instead of the server that initiated the connection.

Would it be possible to have SNAT work in a way where, when connecting to a VM from outside the cloud, the VM sees the source IP as the real source IP and not the nova-network controller's ip ?

Thank you very much

Boris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120718/0e6bad76/attachment.html>