
<div dir="ltr">Sorry, my original reply went to OP directly... Pasted below..<div><br></div><div>--------------------</div><div><br></div><div><div>I am not an expert, but I'll take a stab at it...</div><div><br></div>


<div>Since the openstack environment doesn't have a direct connection to the "public" network, you would not be able to do anything with that network inside of Openstack.</div><div><br></div><div>You could assign the instances some floating IPs out of the 192.168 network and then handle public translation at your firewall.</div>


<div><br></div><div>If you *require* public IP addresses directly on your instances, you would need to have that network VLAN trunked down to your hypervisors, as well.</div><div><br></div><div>Hope that helps some.  Like I said, I'm no expert.</div>


</div><div><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Apr 22, 2014 at 5:27 PM, Matej <span dir="ltr"><<a href="mailto:matej@tam.si" target="_blank">matej@tam.si</a>></span> wrote:<br>


<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi,<br><br>I am using GRE tunneling and OVS and have several instances working perfectly. They get private IP addresses (range: <a href="http://10.0.0.0/24" target="_blank">10.0.0.0/24</a>) and get routed through my local IP subnet (<a href="http://192.168.22.0/24" target="_blank">192.168.22.0/24</a>) out via my HW router's 192.168.22.1. This setup works good and I am pretty happy with it.<br>


<br>What bothers me is the case where I need to delegate some of our instances a direct public IP address, without the need for any NAT whatsoever.<br>Let's declare this public subnet as: <a href="http://102.203.103.80/29" target="_blank">102.203.103.80/29</a><br>


<br>I have created a new network:<br>+---------------------------+--------------------------------------+<br>| Field                     | Value                                |<br>+---------------------------+--------------------------------------+<br>


| admin_state_up            | True                                 |<br>| id                        | 50ad28c9-6a7d-4579-8339-a39f29cc4485 |<br>| name                      | inet                                 |<br>| provider:network_type     | local                                |<br>


| provider:physical_network |                                      |<br>| provider:segmentation_id  |                                      |<br>| router:external           | True                                 |<br>| shared                    | False                                |<br>


| status                    | ACTIVE                               |<br>| subnets                   | 6d27b5fa-191e-473e-9852-cbf47a62188e |<br>| tenant_id                 | a0edd2a531bb41e6b17e0fd644bfd494     |<br>+---------------------------+--------------------------------------+<br>


<br>and then assigned a subnet inside:<br>+------------------+------------------------------------------------------+<br>| Field            | Value                                                |<br>+------------------+------------------------------------------------------+<br>


| allocation_pools | {"start": "102.203.103.84", "end": "102.203.103.86"} |<br>| cidr             | <a href="http://102.203.103.80/29" target="_blank">102.203.103.80/29</a>                                    |<br>


| dns_nameservers  | 8.8.8.8                                          |<br>| enable_dhcp      | False                                                |<br>| gateway_ip       |                                                      |<br>


| host_routes      |                                                      |<br>| id               | 6d27b5fa-191e-473e-9852-cbf47a62188e                 |<br>| ip_version       | 4                                                    |<br>


| name             | inet                                                 |<br>| network_id       | 50ad28c9-6a7d-4579-8339-a39f29cc4485                 |<br>| tenant_id        | a0edd2a531bb41e6b17e0fd644bfd494                     |<br>


+------------------+------------------------------------------------------+<br><br><br>When I create a new instance (CirrOS) and delegate this newly created network to it and then set IP <br><a href="http://102.203.103.84/29" target="_blank">102.203.103.84/29</a> inside it, I am unable to ping our router's public IP address, it doesn't work.<br>


I have tried to create it as a flat network, but I don't currently have physnet interface defined in ovs_neutron_plugin.ini and when I did it, my private NAT setup stopped working.<br><br>My current ovs_neutron_plugin.ini on controller:<br>


[ovs]<br>tenant_network_type = gre<br>tunnel_id_ranges = 1:1000<br>enable_tunneling = True<br>local_ip = 192.168.22.10<br>integration_bridge = br-int<br>tunnel_bridge = br-tun<br>tunnel_types=gre<br><br>[agent]<br>polling_interval = 2<br>


<br>[securitygroup]<br>firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver<br><br><br><br>What is the right way to achieve this public IP assignment I would like to do? After reading a lot of docs, I still don't have any working solutions for it.<br>


<br>Thank you very much for any ideas and help. If you need any other information, I will be happy to provide it.<span class="HOEnZb"><font color="#888888"><br><br>Matej</font></span></div>


<br>_______________________________________________<br>


Mailing list: <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br>


Post to     : <a href="mailto:openstack@lists.openstack.org">openstack@lists.openstack.org</a><br>


Unsubscribe : <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br>


<br></blockquote></div><br></div>