<div dir="ltr"><div><div><div><div><div><div><div>Thanks for the information. Now I have configured a provider router based network, with Open vSwitch GRE tunnels.<br><br></div>Here is the network topology:<br><br></div>external network: <a href="http://172.17.0.0/16">172.17.0.0/16</a><br>
</div><div>external network physical router: 172.17.0.1<br></div>neutron node IP: 172.17.6.68<br><br></div>virtual provider router: 172.17.6.70<br><br></div>virtual subnet1: <a href="http://10.0.1.0/24">10.0.1.0/24</a><br>
<br></div>Now I can boot a vm instance and it got an IP from private IP pool (10.0.1.3). I can also associate a floating IP to it (172.17.6.71). But I can't ping the private ip nor the floating ip.<br><br></div><div>From the neutron node, I can ping 172.17.6.70, but can't ping 10.0.1.1, 10.0.1.3, 172.17.6.71.<br>
</div><div>So I can't ssh into the vm. My guess is something is wrong with the <a href="http://10.0.1.0/24">10.0.1.0/24</a> network, but I don't know what.<br><br></div><div>I used the NoopFirewallDriver in OVS plugin, so icmp and tcp:22 are not blocked by security-group rules.<br>
</div><div><br></div><div></div><div><div>Here is the current setup:<br>(neutron) net-list<br>+--------------------------------------+--------+----------------------------------------------------+<br>| id | name | subnets |<br>
+--------------------------------------+--------+----------------------------------------------------+<br>| a63f0950-cdea-4a6d-8312-1819113dc244 | net1 | 708f2a58-bd85-4493-b91c-a6d42c0db5e7 <a href="http://10.0.1.0/24">10.0.1.0/24</a> |<br>
| ee318d0b-74e5-43c6-92bd-abb690df3334 | extnet | 4c111c62-50f2-4332-b635-57846cf1980c <a href="http://172.17.0.0/16">172.17.0.0/16</a> |<br>+--------------------------------------+--------+----------------------------------------------------+<br>
(neutron) subnet-list<br>+--------------------------------------+---------+---------------+------------------------------------------------+<br>| id | name | cidr | allocation_pools |<br>
+--------------------------------------+---------+---------------+------------------------------------------------+<br>| 4c111c62-50f2-4332-b635-57846cf1980c | extnet | <a href="http://172.17.0.0/16">172.17.0.0/16</a> | {"start": "172.17.6.70", "end": "172.17.6.75"} |<br>
| 708f2a58-bd85-4493-b91c-a6d42c0db5e7 | subnet1 | <a href="http://10.0.1.0/24">10.0.1.0/24</a> | {"start": "10.0.1.2", "end": "10.0.1.254"} |<br>+--------------------------------------+---------+---------------+------------------------------------------------+<br>
(neutron) port-list<br>+--------------------------------------+------+-------------------+------------------------------------------------------------------------------------+<br>| id | name | mac_address | fixed_ips |<br>
+--------------------------------------+------+-------------------+------------------------------------------------------------------------------------+<br>| 234b4e76-7b7a-461f-8b61-2b7c58165fd2 | | fa:16:3e:86:95:d3 | {"subnet_id": "708f2a58-bd85-4493-b91c-a6d42c0db5e7", "ip_address": "10.0.1.1"} |<br>
| 35a8ab42-4f1a-4f1e-b656-ab4dd0e83725 | | fa:16:3e:44:c2:0a | {"subnet_id": "708f2a58-bd85-4493-b91c-a6d42c0db5e7", "ip_address": "10.0.1.2"} |<br>| 85f4d2d7-c92b-4bc1-b080-2b1978bb6e17 | | fa:16:3e:cd:77:17 | {"subnet_id": "708f2a58-bd85-4493-b91c-a6d42c0db5e7", "ip_address": "10.0.1.3"} |<br>
| 9a24c2e9-a6da-4a24-93d4-9eef8cb0bcfa | | fa:16:3e:01:a2:ef | {"subnet_id": "4c111c62-50f2-4332-b635-57846cf1980c", "ip_address": "172.17.6.70"} |<br>| f508b629-6e95-4be4-89c0-b37be3907231 | | fa:16:3e:7c:41:0a | {"subnet_id": "4c111c62-50f2-4332-b635-57846cf1980c", "ip_address": "172.17.6.71"} |<br>
+--------------------------------------+------+-------------------+------------------------------------------------------------------------------------+<br>(neutron) port-show 234b4e76-7b7a-461f-8b61-2b7c58165fd2<br>+-----------------------+---------------------------------------------------------------------------------+<br>
| Field | Value |<br>+-----------------------+---------------------------------------------------------------------------------+<br>
| admin_state_up | True |<br>| allowed_address_pairs | |<br>
| binding:capabilities | {"port_filter": false} |<br>| binding:host_id | <a href="http://172-17-6-68.yygamedev.com">172-17-6-68.yygamedev.com</a> |<br>
| binding:vif_type | ovs |<br>| device_id | c5b513fa-6d6a-476f-bfc0-2114954a15aa |<br>
| device_owner | network:router_interface |<br>| extra_dhcp_opts | |<br>
| fixed_ips | {"subnet_id": "708f2a58-bd85-4493-b91c-a6d42c0db5e7", "ip_address": "10.0.1.1"} |<br>| id | 234b4e76-7b7a-461f-8b61-2b7c58165fd2 |<br>
| mac_address | fa:16:3e:86:95:d3 |<br>| name | |<br>
| network_id | a63f0950-cdea-4a6d-8312-1819113dc244 |<br>| status | ACTIVE |<br>
| tenant_id | 860483f3ceeb43aab4d1f0e8f76b4064 |<br>+-----------------------+---------------------------------------------------------------------------------+<br>
(neutron) <br>root@172-17-6-68:/etc/neutron# nova list<br>+--------------------------------------+------+--------+------------+-------------+----------------------------+<br>| ID | Name | Status | Task State | Power State | Networks |<br>
+--------------------------------------+------+--------+------------+-------------+----------------------------+<br>| ec214f0b-eede-421e-9036-a1b56bff3c37 | c1 | ACTIVE | None | Running | net1=10.0.1.3, 172.17.6.71 |<br>
+--------------------------------------+------+--------+------------+-------------+----------------------------+<br><br></div></div><br></div>