[Openstack] [neutron] provider router with private networks, can not ping private IP and floating IP
sylecn
sylecn at gmail.com
Sun Nov 17 08:45:08 UTC 2013
Thanks for the information. Now I have configured a provider router based
network, with Open vSwitch GRE tunnels.
Here is the network topology:
external network: 172.17.0.0/16
external network physical router: 172.17.0.1
neutron node IP: 172.17.6.68
virtual provider router: 172.17.6.70
virtual subnet1: 10.0.1.0/24
Now I can boot a vm instance and it got an IP from private IP pool
(10.0.1.3). I can also associate a floating IP to it (172.17.6.71). But I
can't ping the private ip nor the floating ip.
>From the neutron node, I can ping 172.17.6.70, but can't ping 10.0.1.1,
10.0.1.3, 172.17.6.71.
So I can't ssh into the vm. My guess is something is wrong with the
10.0.1.0/24 network, but I don't know what.
I used the NoopFirewallDriver in OVS plugin, so icmp and tcp:22 are not
blocked by security-group rules.
Here is the current setup:
(neutron) net-list
+--------------------------------------+--------+----------------------------------------------------+
| id | name |
subnets |
+--------------------------------------+--------+----------------------------------------------------+
| a63f0950-cdea-4a6d-8312-1819113dc244 | net1 |
708f2a58-bd85-4493-b91c-a6d42c0db5e7 10.0.1.0/24 |
| ee318d0b-74e5-43c6-92bd-abb690df3334 | extnet |
4c111c62-50f2-4332-b635-57846cf1980c 172.17.0.0/16 |
+--------------------------------------+--------+----------------------------------------------------+
(neutron) subnet-list
+--------------------------------------+---------+---------------+------------------------------------------------+
| id | name | cidr |
allocation_pools |
+--------------------------------------+---------+---------------+------------------------------------------------+
| 4c111c62-50f2-4332-b635-57846cf1980c | extnet | 172.17.0.0/16 |
{"start": "172.17.6.70", "end": "172.17.6.75"} |
| 708f2a58-bd85-4493-b91c-a6d42c0db5e7 | subnet1 | 10.0.1.0/24 |
{"start": "10.0.1.2", "end": "10.0.1.254"} |
+--------------------------------------+---------+---------------+------------------------------------------------+
(neutron) port-list
+--------------------------------------+------+-------------------+------------------------------------------------------------------------------------+
| id | name | mac_address |
fixed_ips
|
+--------------------------------------+------+-------------------+------------------------------------------------------------------------------------+
| 234b4e76-7b7a-461f-8b61-2b7c58165fd2 | | fa:16:3e:86:95:d3 |
{"subnet_id": "708f2a58-bd85-4493-b91c-a6d42c0db5e7", "ip_address":
"10.0.1.1"} |
| 35a8ab42-4f1a-4f1e-b656-ab4dd0e83725 | | fa:16:3e:44:c2:0a |
{"subnet_id": "708f2a58-bd85-4493-b91c-a6d42c0db5e7", "ip_address":
"10.0.1.2"} |
| 85f4d2d7-c92b-4bc1-b080-2b1978bb6e17 | | fa:16:3e:cd:77:17 |
{"subnet_id": "708f2a58-bd85-4493-b91c-a6d42c0db5e7", "ip_address":
"10.0.1.3"} |
| 9a24c2e9-a6da-4a24-93d4-9eef8cb0bcfa | | fa:16:3e:01:a2:ef |
{"subnet_id": "4c111c62-50f2-4332-b635-57846cf1980c", "ip_address":
"172.17.6.70"} |
| f508b629-6e95-4be4-89c0-b37be3907231 | | fa:16:3e:7c:41:0a |
{"subnet_id": "4c111c62-50f2-4332-b635-57846cf1980c", "ip_address":
"172.17.6.71"} |
+--------------------------------------+------+-------------------+------------------------------------------------------------------------------------+
(neutron) port-show 234b4e76-7b7a-461f-8b61-2b7c58165fd2
+-----------------------+---------------------------------------------------------------------------------+
| Field |
Value
|
+-----------------------+---------------------------------------------------------------------------------+
| admin_state_up |
True
|
| allowed_address_pairs
|
|
| binding:capabilities | {"port_filter":
false} |
| binding:host_id | 172-17-6-68.yygamedev.com
|
| binding:vif_type |
ovs
|
| device_id |
c5b513fa-6d6a-476f-bfc0-2114954a15aa
|
| device_owner |
network:router_interface
|
| extra_dhcp_opts
|
|
| fixed_ips | {"subnet_id":
"708f2a58-bd85-4493-b91c-a6d42c0db5e7", "ip_address": "10.0.1.1"} |
| id |
234b4e76-7b7a-461f-8b61-2b7c58165fd2
|
| mac_address |
fa:16:3e:86:95:d3
|
| name
|
|
| network_id |
a63f0950-cdea-4a6d-8312-1819113dc244
|
| status |
ACTIVE
|
| tenant_id |
860483f3ceeb43aab4d1f0e8f76b4064
|
+-----------------------+---------------------------------------------------------------------------------+
(neutron)
root at 172-17-6-68:/etc/neutron# nova list
+--------------------------------------+------+--------+------------+-------------+----------------------------+
| ID | Name | Status | Task State | Power
State | Networks |
+--------------------------------------+------+--------+------------+-------------+----------------------------+
| ec214f0b-eede-421e-9036-a1b56bff3c37 | c1 | ACTIVE | None |
Running | net1=10.0.1.3, 172.17.6.71 |
+--------------------------------------+------+--------+------------+-------------+----------------------------+
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20131117/43bb291c/attachment.html>
More information about the Openstack
mailing list