[Openstack] Instances do not have access to internet
Imran Khakoo
imran.khakoo at netronome.com
Fri Sep 30 15:24:11 UTC 2016
Hello all. Resolved.
On a fresh install, I saw the same issues again. Enlisted a friend's help,
found the admin's RC file and listed subnets. Realized that the external
subnet actually already exists, but the CIDR for the subnet was wrong.
Fixed the CIDR from a /24 to a /22 and set the gateway, which was missing.
VMs can now ping out. Yay.
ubuntu at blue-drop:~$ neutron subnet-list
+--------------------------------------+-------------------------+---------------+--------------------------------------------------+
| id | name | cidr
| allocation_pools |
+--------------------------------------+-------------------------+---------------+--------------------------------------------------+
| dd1138c1-03a3-481b-8e54-38c2847f1ae8 | admin_net_subnet |
10.10.0.0/16 | {"start": "10.10.0.2", "end": "10.10.255.254"} |
| c390e9d9-497c-4de4-ac57-fb5c711dbe3d | imran_khakoo_net_subnet |
10.10.0.0/16 | {"start": "10.10.0.2", "end": "10.10.255.254"} |
| 8f679da6-0bb7-4645-935f-3f8e254152d3 | ext_net_subnet |
172.26.0.0/22 | {"start": "172.26.1.101", "end": "172.26.1.130"} |
+--------------------------------------+-------------------------+---------------+--------------------------------------------------+
On Thu, Sep 29, 2016 at 4:22 PM, Imran Khakoo <imran.khakoo at netronome.com>
wrote:
> I realized I had forgotten my admin details so I tore my install down and
> started afresh.
> In the process I realized that the installer was trying to take over the
> entire corporate network:
> [image: Inline image 1]
> I changed the range to an allowable figure and am continuing with the
> install now. Will update once I've retried.
> Thanks for all the help so far and for being so responsive, guys.
>
> Regards,
> Imran
>
> On Thu, Sep 29, 2016 at 2:34 PM, Turbo Fredriksson <turbo at bayour.com>
> wrote:
>
>> On Sep 29, 2016, at 11:07 AM, Imran Khakoo wrote:
>>
>> > ubuntu at throwaway:~$ ping 8.8.8.8
>> > PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
>> > From 10.10.0.1 icmp_seq=17 Destination Net Unreachable
>> > From 10.10.0.1 icmp_seq=18 Destination Net Unreachable
>>
>> As far as I can tell, your security groups is just fine now.
>>
>> But can you just do a "traceroute -n 8.8.8.8" as well?
>>
>> Looking at your screenshot of your setup (first mail), it
>> looks to me that the router have both an internal (the one
>> connected to "the cloud" - "imran_khakoo_net" I'm guessing)
>> and an external (the one connected to "the globe" - "ext_net"
>> if I'm to guess) interface.
>>
>> Our assumption have been that the router isn't routing (which
>> is why I suggested twiddling with the SGs). If this still
>> holds true, then the traceroute I've asked you to run above
>> should reach the router (it's not absolutly clear, but I'm
>> guessing "10.10.0.1" if the 'ip route' command is correct -
>> please triple check by going into the router config and look
>> that it have a "Internal Interface" with that IP) but NOT go
>> anywhere beyond that.
>>
>>
>> Looking at your first mail again, I just noticed that the
>> supposedly external network (the "ext_" part of the network
>> name - if this is NOT the external, then you should rename
>> it :) is NOT set as 'External' (the 'External=No' entry).
>>
>> In the router, do you have an interface with the label
>> "External Gateway"? You shouldn't have, if I'm correct..
>>
>> This is somewhat a misnomer - it is NOT the IP of the gateway,
>> it is the routers gateway IP.. Hmm, that doesn't make sense..
>>
>> If your actual, real gateway (the one with 'Net access) is,
>> for example, "192.168.1.1/24", then that "External Gateway" in
>> the OS router needs to be something like "192.168.1.253/24"
>> (an unused IP on the same network as the real GW/FW/NAT/Whatever).
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160930/f0fc6222/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 101707 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160930/f0fc6222/attachment.png>
More information about the Openstack
mailing list
