[Openstack] nova-network-snat weird behavior
YIP Wai Peng
yipwp at comp.nus.edu.sg
Wed Dec 12 16:17:32 UTC 2012
Dear all,
I am running FlatDHCPNetwork. I have two interfaces, em1 and em2.
- em1 is my flat_interface for fixed (192.168.15.0/24) and node
(192.168.14.0/24) ips.
- em2 is my public_interface for floating ips (192.168.16.0/24).
When I create an instance, I notice that the following iptable rule
gets created:
-A nova-network-snat -s 192.168.15.0/24 -o em2 -j SNAT --to-source 192.168.14.10
Strangely, the interface in the -o option seems to be always following
the "public_interface = em2" configuration in '/etc/nova/nova.conf'.
If I don't define it, then the rule that gets created is
-A nova-network-snat -s 192.168.15.0/24 -o eth0 -j SNAT --to-source
192.168.14.10
This results in outgoing traffic from instances not being SNAT
correctly, because the iptable rule is applied on the public_interface
and not flat_network_bridge
FWIW, I changed public_interface to vmnetbr0 (that bridges em1 and
vnet0), and the instance was able to ping out. But that shouldn't be
the correct configuration, should it?
Can someone tell me what am I doing wrong?
(I am running openstack-nova-network-2012.2-1 on fedora)
/etc/nova/nova.conf
----
<snip>
public_interface = em2
flat_interface = em1
fixed_range = 192.168.15.0/24
floating_range = 192.168.16.0/24
flat_network_bridge = vmnetbr0
multi_host = True
Regards,
WP
More information about the Openstack
mailing list