<div dir="ltr"><div>Thanks.</div><div><br></div><div>root@controller:~# iptables -t nat -L -n</div><div>Chain PREROUTING (policy ACCEPT)</div><div>target prot opt source destination </div><div>quantum-l3-agent-PREROUTING all -- <a href="http://0.0.0.0/0">0.0.0.0/0</a> <a href="http://0.0.0.0/0">0.0.0.0/0</a> </div>
<div>nova-api-PREROUTING all -- <a href="http://0.0.0.0/0">0.0.0.0/0</a> <a href="http://0.0.0.0/0">0.0.0.0/0</a> </div><div><br></div><div>Chain INPUT (policy ACCEPT)</div><div>target prot opt source destination </div>
<div><br></div><div>Chain OUTPUT (policy ACCEPT)</div><div>target prot opt source destination </div><div>quantum-l3-agent-OUTPUT all -- <a href="http://0.0.0.0/0">0.0.0.0/0</a> <a href="http://0.0.0.0/0">0.0.0.0/0</a> </div>
<div>nova-api-OUTPUT all -- <a href="http://0.0.0.0/0">0.0.0.0/0</a> <a href="http://0.0.0.0/0">0.0.0.0/0</a> </div><div><br></div><div>Chain POSTROUTING (policy ACCEPT)</div><div>target prot opt source destination </div>
<div>quantum-l3-agent-POSTROUTING all -- <a href="http://0.0.0.0/0">0.0.0.0/0</a> <a href="http://0.0.0.0/0">0.0.0.0/0</a> </div><div>nova-api-POSTROUTING all -- <a href="http://0.0.0.0/0">0.0.0.0/0</a> <a href="http://0.0.0.0/0">0.0.0.0/0</a> </div>
<div>quantum-postrouting-bottom all -- <a href="http://0.0.0.0/0">0.0.0.0/0</a> <a href="http://0.0.0.0/0">0.0.0.0/0</a> </div><div>nova-postrouting-bottom all -- <a href="http://0.0.0.0/0">0.0.0.0/0</a> <a href="http://0.0.0.0/0">0.0.0.0/0</a> </div>
<div><br></div><div>Chain nova-api-OUTPUT (1 references)</div><div>target prot opt source destination </div><div><br></div><div>Chain nova-api-POSTROUTING (1 references)</div><div>target prot opt source destination </div>
<div><br></div><div>Chain nova-api-PREROUTING (1 references)</div><div>target prot opt source destination </div><div><br></div><div>Chain nova-api-float-snat (1 references)</div><div>target prot opt source destination </div>
<div><br></div><div>Chain nova-api-snat (1 references)</div><div>target prot opt source destination </div><div>nova-api-float-snat all -- <a href="http://0.0.0.0/0">0.0.0.0/0</a> <a href="http://0.0.0.0/0">0.0.0.0/0</a> </div>
<div><br></div><div>Chain nova-postrouting-bottom (1 references)</div><div>target prot opt source destination </div><div>nova-api-snat all -- <a href="http://0.0.0.0/0">0.0.0.0/0</a> <a href="http://0.0.0.0/0">0.0.0.0/0</a> </div>
<div><br></div><div>Chain quantum-l3-agent-OUTPUT (1 references)</div><div>target prot opt source destination </div><div>DNAT all -- <a href="http://0.0.0.0/0">0.0.0.0/0</a> 192.168.2.152 to:10.5.5.3</div>
<div><br></div><div>Chain quantum-l3-agent-POSTROUTING (1 references)</div><div>target prot opt source destination </div><div>ACCEPT all -- <a href="http://0.0.0.0/0">0.0.0.0/0</a> <a href="http://0.0.0.0/0">0.0.0.0/0</a> ! ctstate DNAT</div>
<div>ACCEPT all -- <a href="http://10.5.5.0/24">10.5.5.0/24</a> 192.168.2.225 </div><div><br></div><div>Chain quantum-l3-agent-PREROUTING (1 references)</div><div>target prot opt source destination </div>
<div>DNAT tcp -- <a href="http://0.0.0.0/0">0.0.0.0/0</a> 169.254.169.254 tcp dpt:80 to:<a href="http://192.168.2.225:8775">192.168.2.225:8775</a></div><div>DNAT all -- <a href="http://0.0.0.0/0">0.0.0.0/0</a> 192.168.2.152 to:10.5.5.3</div>
<div><br></div><div>Chain quantum-l3-agent-float-snat (1 references)</div><div>target prot opt source destination </div><div>SNAT all -- 10.5.5.3 <a href="http://0.0.0.0/0">0.0.0.0/0</a> to:192.168.2.152</div>
<div><br></div><div>Chain quantum-l3-agent-snat (1 references)</div><div>target prot opt source destination </div><div>quantum-l3-agent-float-snat all -- <a href="http://0.0.0.0/0">0.0.0.0/0</a> <a href="http://0.0.0.0/0">0.0.0.0/0</a> </div>
<div>SNAT all -- <a href="http://10.5.5.0/24">10.5.5.0/24</a> <a href="http://0.0.0.0/0">0.0.0.0/0</a> to:192.168.2.151</div><div><br></div><div>Chain quantum-postrouting-bottom (1 references)</div>
<div>target prot opt source destination </div><div>quantum-l3-agent-snat all -- <a href="http://0.0.0.0/0">0.0.0.0/0</a> <a href="http://0.0.0.0/0">0.0.0.0/0</a></div><div><br></div>
<div><br></div><div style>I can not see anything going through <span style="font-family:arial,sans-serif;font-size:13px">qg-XXXX interface.</span></div><div style><span style="font-family:arial,sans-serif;font-size:13px"><br>
</span></div><div style><span style="font-family:arial,sans-serif;font-size:13px">I have activated </span><font face="arial, sans-serif">net.ipv4.ip_forward </font><span style="font-family:arial,sans-serif;font-size:13px">in /etc/sysctl.conf.</span></div>
<div class="gmail_extra"><br><div class="gmail_quote">On 25 March 2013 13:03, Sylvain Bauza <span dir="ltr"><<a href="mailto:sylvain.bauza@digimind.com" target="_blank">sylvain.bauza@digimind.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">Le 25/03/2013 12:49, Chathura M. Sarathchandra Magurawalage a écrit :<div class="im">
<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<br>
I have got one question on this. Does quantum directly request leases from the gateway of the physical network before reserving them to allocate to VMs?<br>
<br>
<br>
</blockquote>
<br></div>
Nope, not at all. It's up to the administrator to make sure the IP ranges for Openstack are not pooled by any other DHCP server. There is (as per my knowledge) no way to sync up in between quantum-l3-agent and other DHCP servers.<br>
<br>
Actually, contrary to fixed ip networks in Quantum, floating IP networks are not DHCP managed. Eligibility is made upon next IP address available in Quantum mysql database and directly injected into iptables, that's it.<span class=""><font color="#888888"><br>
<br>
-Sylvain<br>
</font></span></blockquote></div><br></div></div>