Masquerading VM works 99%
Derek O keeffe
derekokeeffe85 at yahoo.ie
Thu Feb 10 16:12:45 UTC 2022
Hi all,
We have an openstack cluster with one controller and 4 computes (Victoria) we have set it up using vlan provider networks with linuxbridge agent, distributed routing & ml2 (I am only partly on the networking so there could be more to that which I can find out if needed)
So I was tasked with creating two Instances, one (lets call it the external vm) with an external interface 10.55.9.67 and internal interface 192.168.1.2. A second instance (lets call it the internal vm) would then be placed on the 192.168.1.0 network.
I configured masquerading on the "external vm" and tried to ping the outside world from the "internal" vm as per something like this https://kifarunix.com/configure-ubuntu-20-04-as-linux-router/?unapproved=49571&moderation-hash=b5168c04420557dcdc088994ffa4bdbb#comment-49571
Both VM's were instantiated on the same compute host (I've tried it with them on separate hosts as well).
I can see the ping leave using tcpdumps along the way and it makes it all the way back to the internal interface on the external machine. It just fails on the last hop to the internal machine. I've tried everything in my power to find why this won't work so I would be grateful for any advice at all. I have added the below to show how I followed the ping manually and where it went and when it failed. Thank you in advance.
Following the ping from source to destination and back:Generated on the private VMsent to the internal interface on the external vmsent to the external interface on the external vmsent to the tap interface on the computesent to the physical nic on the computesent to the nic on the network device out to the internet
received on nic on the network devicefrom the internet received on physical nic on the computereceived on tap interface on compute received on external interface on the external vmreceived on the internal interface on the external vmNEVER gets to last step on the internal vm
Regards,Derek
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20220210/c60e36ac/attachment.htm>
More information about the openstack-discuss
mailing list