Instances cannot ping each other and cannot ping virtual-router

wodel youchi wodel.youchi at
Mon Sep 13 12:07:53 UTC 2021


After some reading, I found out that I needed to specify the physical port
that will be used to connect my infrastructure to the external world.
In my configuration I created two ovs bridges over two bonds :
br0 : is used for storage and storage management networks.
br1 : is used for api, tenant and external networks.

So I added this to my network-environment.yaml file :
*Neu*tronBridgeMappings: 'datacentre:br1'

And it did fix the majority of my connectivity problems, now the instances
can ping each other, the instances can ping the internet. I can ping the
external vrouter interface, but when I associate a floating IP with an
instance, I cannot ping or ssh that instance from the external network.
I have any to any security group rules for icmp and ssh (for test). How can
I debug that?

I have some other questions :
What does mean technically these variables ?

1) What is the difference between these two lines?
NeutronNetworkVLANRanges: 'datacentre:1:4000'
NeutronNetworkVLANRanges: 'datacentre:1:1000,tenant:500:1000'

2) What is the difference between NeutronNetworkType and NeutronTunnelType


Le mer. 8 sept. 2021 à 17:13, wodel youchi <wodel.youchi at> a
écrit :

> Hi,
> I deployed OpenStack Train using TripleO using this tutorial :
> and the
> documentation of TripleO.
> I deployed it with DVR.
> In my deployment I am using virtual machines with nested-kvm.
> The deployment went well, I am using network isolation like this :
> - nic1 : provisioning
> - nic2 and nic3 (bond0) storage and storage mgmt networks, each one in
> it's VLAN
> - nic3 and nic5 (bond1) tenant, api and *external* ( VLAN2100)
> networks, each one in it's VLAN
> In my physical host (the bare metal KVM) I created a bridge which handles
> the provisioning, tenant, api and external networks.
> I created a private tenant network (
> openstack network create private
> neutron subnet-create private --name private-sub --dns-nameserver
> I created a public network and I attached it to the external network using
> the same VLAN tag ( VLAN 2100, pool: :
> *openstack network create --provider-network-type vlan --provider-physical-network datacentre --provider-segment 2100 --external public*
> neutron subnet-create public --name public-sub --disable-dhcp --allocation-pool=start=,end= --gateway= --dns-nameserver
> I created a vrouter, one port in the public network and the other in the
> private network.
> I created two cirrus instances, each one got it's ip address from the
> private network.
> I found :
> cirrus-1 :
> cirrus-2 :
> vrouter : private
>             :  external
> neutron:dhcp :
> The problems :
> - The instances cannot ping each other.
> - The instances cannot ping the vrouter.
> - I cannot ping the public vrouter interface.
> But both instances can ping neutron:dhcp
> Could someone help me dig into this.
> Thanks in advance, Regards.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the openstack-discuss mailing list