[Neutron] How to provide internet access to tier 2 instance
Bernd Bausch
berndbausch at mailbox.org
Sun Apr 4 14:44:23 UTC 2021
I have a pretty standard single-server Victoria Devstack, where I
created this network topology:
public private backend
| | |
| /-------\ |-- I1 |- I2
|--|Router1|--| |
| \-------/ | |
| | /-------\ |
| |--|Router2|--|
| | \-------/ |
| | |
I1 and I2 are instances.
My question:
Is it possible to give I2 access to the external world to install
software and download files? I don't need access **to** I2 **from** the
external world.
My unsuccessful attempt:
After adding a static default route via Router1 to Router2, I can ping
the internet from Router2's namespace, but not from I2.
My guess is that Router1 ignores traffic from networks that are not
attached to it. I don't have enough experience to understand the
netfilter rules in Router1's namespace, and in any case, rather than
tweaking them I need a supported method to give I2 internet access, or
the confirmation that it is not possible.
Thanks much for any insights and suggestions.
Bernd
More information about the openstack-discuss
mailing list