Hey Nguyen, We simply followed the guide linked below. No deploy tool was used. From: Nguyễn Hữu Khôi <nguyenhuukhoinw@gmail.com> Date: Wednesday, December 13, 2023 at 1:10 AM To: Michael J Turek <mjturek@us.ibm.com> Cc: openstack-discuss@lists.openstack.org <openstack-discuss@lists.openstack.org> Subject: [EXTERNAL] Re: [neutron] Cannot reach external network from within VM Hello. Which tool u used to deploy system? Nguyen Huu Khoi On Wed, Dec 13, 2023 at 8: 05 AM Michael J Turek <mjturek@ us. ibm. com> wrote: Hey all, We’ve been trying to get our Bobcat openstack cloud working and have been stuck on some networking ZjQcmQRYFpfptBannerStart This Message Is From an External Sender This message came from outside your organization. <https://us-phishalarm-ewt.proofpoint.com/EWT/v1/PjiDSg!12-vrJAxZVcW8KkacOgGJv9KS1RSl81WfJPSLMB7iNZOS5sEDQQYVqUbp6AvAVqsQp0Wswaz-OR0s3zNouVq4gjbFiJB4i8RmCguSsIizJ5gguyXQwK9BFGK6tY$> Report Suspicious <https://us-phishalarm-ewt.proofpoint.com/EWT/v1/PjiDSg!12-vrJAxZVcW8KkacOgGJv9KS1RSl81WfJPSLMB7iNZOS5sEDQQYVqUbp6AvAVqsQp0Wswaz-OR0s3zNouVq4gjbFiJB4i8RmCguSsIizJ5gguyXQwK9BFGK6tY$> ZjQcmQRYFpfptBannerEnd Hello. Which tool u used to deploy system? Nguyen Huu Khoi On Wed, Dec 13, 2023 at 8:05 AM Michael J Turek <mjturek@us.ibm.com<mailto:mjturek@us.ibm.com>> wrote: Hey all, We’ve been trying to get our Bobcat openstack cloud working and have been stuck on some networking woes. It’s a flat provider network with one compute node and one controller (plan to expand after this is resolved). 1) We can SSH and ping the VMs but only if we are on the controller and behind the qdhcp network namespace. 2) Once on the VM, we cannot reach the external network. We followed this installation guide [0] and nothing stands out as misconfigured. If anyone can offer some advice on how to debug this, it would be greatly appreciated. [0] https://docs.openstack.org/neutron/latest/install/controller-install-option1-ubuntu.html<https://docs.openstack.org/neutron/latest/install/controller-install-option1-ubuntu.html>

we set up neutron/plugins/ml2_conf.ini if that's what you're referring to. We are using a flat provider network, so that file looks like this [ml2] type_drivers = flat,vlan,vxlan tenant_network_types = mechanism_drivers = openvswitch,l2population extension_drivers = port_security [ml2_type_flat] flat_networks = provider Our network is named provider

Hey MJ, I understand that you are trying to understand how network namespaces work in OpenStack. Network namespaces are a way of isolating network devices and routing tables for different purposes. They allow you to create multiple virtual networks with overlapping IP addresses, as well as apply different security and performance policies for each network.. And in your case, it seems that you have created a qdhcp network namespace, which is used for DHCP clients and servers. This namespace has its own routing table and iptables rules, which means that it can only communicate with other devices in the same namespace or through the qdhcp bridge. Therefore, you cannot reach into or out of the qdhcp namespace from the controller node or the compute node. To fix this issue, you need to either switch the VMs to a different network namespace that has access to the external network, or configure the qdhcp bridge to allow traffic from other namespaces. You can use the ip netns exec command to switch between namespaces, or use the ip netns add command to create new namespaces. You can also use the ip link set command to configure bridges and VLANs for your network interfaces :) Also you can refer to these resources below for sure; https://docs.openstack.org/mitaka/networking-guide/intro-network-namespaces.... https://docs.openstack.org/neutron/latest/admin/intro-network-namespaces.htm... Best, Kerem ÇELİKER Head of Cloud Architecture tr.linkedin.com/in/keremceliker