[Openstack-operators] Router external interface DOWN

achi hara h16mara at gmail.com
Tue Jun 30 07:09:47 UTC 2015


Hi Andreas,

Your guess is right,i forgot to add  rules to permit ICMP (ping)  :)
Everything is working as expected now.

thank you very much for your response

regards,
Hamza

2015-06-29 14:42 GMT+01:00 Andreas Scheuring <scheuran at linux.vnet.ibm.com>:

> Your setup looks fine.
>
> Please check your security groups configuration. There should be a rule
> that allows icmp traffic outside to have a guest pinging out to the
> router. And a rule to allow ingress icmp if you want to ping a guest
> from the outside world!
>
>
>
> In addition, you can debug thing with the following commands:
>
> > ip netns show
>
> --> should give you a list of all network namepsace available. There
> should be one called "qrouter...." which represents your router.
>
>
> > ip netns exec <netnwor-namepspace> ip a
>
> You should see two interfaces there, one qg with your external router
> ip, one qr with the internal router ip
>
> You should also be able to execute ping from there to test if you can
> reach some external node and an internal instance
>
> > ip netns exec <netnwor-namepspace> ping <ip>
>
>
>
> Hope that helps
>
> Andreas
>
>
>
> On Mo, 2015-06-29 at 11:20 +0100, achi hara wrote:
> > Hi guys,
> >
> > I have installed juno openstack installation on Ubuntu 14.04. After
> > creating the router through neutron API with two interface , I am NOT
> > able to ping my external network. Router's external interface/gateway
> > status is DOWN.
> >
> > I am adding my content of /etc/neutron/plugins/ml2/ml2_conf.ini of the
> > network node:
> >
> > [ml2]
> > type_drivers=flat,gre
> > tenant_network_types=gre
> > mechanism_drivers=openvswitch
> >
> > [ml2_type_flat]
> > flat_networks=External
> >
> > [ml2_type_vlan]
> >
> > [ml2_type_gre]
> > tunnel_id_ranges=1:1000
> >
> > [ml2_type_vxlan]
> >
> > [securitygroup]
> >
> firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
> > enable_ipset=True
> > enable_security_group=True
> >
> > [ovs]
> > bridge_mappings=External:br-ex
> > enable_tunneling=True
> > local_ip=10.20.20.52
> >
> > [agent]
> > tunnel_types=gre
> >
> >
> > The content of /etc/neutron/l3_agent.ini of the network node
> >
> > [DEFAULT]
> > verbose=True
> > router_delete_namespaces=True
> > interface_driver=neutron.agent.linux.interface.OVSInterfaceDriver
> > use_namespaces=True
> > external_network_bridge=br-ex
> >
> >
> > Content of ovs-vsctl show  after creating the bridges
> >
> > ubuntu at network01:~$ sudo ovs-vsctl show
> > f7d6ee0f-3107-4011-910f-420b925068c4
> >     Bridge br-int
> >         fail_mode: secure
> >         Port int-br-tun
> >             Interface int-br-tun
> >                 type: patch
> >                 options: {peer=phy-br-tun}
> >         Port int-br-ex
> >             Interface int-br-ex
> >                 type: patch
> >                 options: {peer=phy-br-ex}
> >         Port "qr-648090f8-6d"
> >             tag: 1
> >             Interface "qr-648090f8-6d"
> >                 type: internal
> >         Port br-int
> >             Interface br-int
> >                 type: internal
> >         Port "tapad7609c0-2f"
> >             tag: 1
> >             Interface "tapad7609c0-2f"
> >                 type: internal
> >         Port patch-tun
> >             Interface patch-tun
> >                 type: patch
> >                 options: {peer=patch-int}
> >     Bridge br-tun
> >         fail_mode: secure
> >         Port "gre-0a141435"
> >             Interface "gre-0a141435"
> >                 type: gre
> >                 options: {df_default="true", in_key=flow,
> > local_ip="10.20.20.52", out_key=flow, remote_ip="10.20.20.53"}
> >         Port patch-int
> >             Interface patch-int
> >                 type: patch
> >                 options: {peer=patch-tun}
> >         Port br-tun
> >             Interface br-tun
> >                 type: internal
> >         Port "gre-c0a8019a"
> >             Interface "gre-c0a8019a"
> >                 type: gre
> >                 options: {df_default="true", in_key=flow,
> > local_ip="10.20.20.52", out_key=flow, remote_ip="192.168.1.154"}
> >     Bridge br-ex
> >         Port br-ex
> >             Interface br-ex
> >                 type: internal
> >         Port phy-br-ex
> >             Interface phy-br-ex
> >                 type: patch
> >                 options: {peer=int-br-ex}
> >         Port "qg-4be112a4-08"
> >             Interface "qg-4be112a4-08"
> >                 type: internal
> >         Port "p3p2"
> >             Interface "p3p2"
> >     ovs_version: "2.0.2"
> >
> >
> > External network added by following commands:
> >
> > neutron net-create ext-net --router:external True
> > --provider:physical_network External --provider:network_type flat
> >
> > neutron subnet-create ext-net --name ext-subnet --allocation-pool
> > start=10.1.166.101,end=10.1.166.200 --disable-dhcp --gateway 10.1.0.1
> > 10.1.0.0/16
> >
> >
> >
> > Any help please ??
> >
> >
> > thanks
> >
> > Hamza
> >
> > _______________________________________________
> > OpenStack-operators mailing list
> > OpenStack-operators at lists.openstack.org
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>
> --
> Andreas
> (IRC: scheuran)
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20150630/bf3c07ba/attachment.html>


More information about the OpenStack-operators mailing list