[Openstack-operators] [DVR] Instances without floating-ip cannot reach external network
Gustavo Randich
gustavo.randich at gmail.com
Tue May 5 18:54:00 UTC 2015
Hi everybody,
I've just configuerd DVR in Kilo. Everything is fine, except that instances
with no floating-ip cannot reach external network.
NETWORKS
neutron net-create ext-net1 --router:external --provider:physical_network
external --provider:network_type flat
neutron subnet-create ext-net1 10.180.0.0/16 --name ext-subnet1
--allocation-pool start=10.180.100.1,end=10.180.100.100 --disable-dhcp
--gateway 10.180.255.254
neutron net-create demo-net
neutron subnet-create demo-net 10.0.1.0/24 --name demo-subnet --gateway
10.0.1.1
neutron router-create demo-router
neutron router-interface-add demo-router demo-subnet
neutron router-gateway-set demo-router ext-net1
I suspect the cause of the problem is that the SNAT namespace in my Network
Node cannot reach the external network's gateway. Should the SNAT namespace
in Network Node "see" the external network gateway via de "qg" interface?
E.g.:
# ip netns exec snat-e6284aff-67eb-4c0b-9983-b7c9e0a0cbbc ping -I
qg-fcdb6430-0c 10.180.255.254
...
2 packets transmitted, 0 received, 100% packet loss, time 1007ms
I can see the ARP request on the network node's physical interface, but no
reply.
# tcpdump -envi eth0 arp or icmp
14:09:29.500350 fa:16:3e:3b:d2:67 > ff:ff:ff:ff:ff:ff, ethertype ARP
(0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has
10.180.255.254 tell 10.180.100.1, length 28
14:09:30.500494 fa:16:3e:3b:d2:67 > ff:ff:ff:ff:ff:ff, ethertype ARP
(0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has
10.180.255.254 tell 10.180.100.1, length 28
...
(NO REPLY)
Thanks!
NETWORK NODE SNAT NAMESPACE
# ip netns exec snat-e6284aff-67eb-4c0b-9983-b7c9e0a0cbbc ip a
...
9: sg-f7ee7649-81: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
state UNKNOWN group default
link/ether fa:16:3e:0e:2d:37 brd ff:ff:ff:ff:ff:ff
inet 10.0.1.3/24 brd 10.0.1.255 scope global sg-f7ee7649-81
valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:fe0e:2d37/64 scope link
valid_lft forever preferred_lft forever
10: qg-fcdb6430-0c: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue state UNKNOWN group default
link/ether fa:16:3e:3b:d2:67 brd ff:ff:ff:ff:ff:ff
inet 10.180.100.1/16 brd 10.180.255.255 scope global qg-fcdb6430-0c
valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:fe3b:d267/64 scope link
valid_lft forever preferred_lft forever
# ip netns exec snat-e6284aff-67eb-4c0b-9983-b7c9e0a0cbbc arp -an
...
? (10.180.255.254) at <incomplete> on qg-fcdb6430-0c
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20150505/ac487ee3/attachment.html>
More information about the OpenStack-operators
mailing list