[Openstack] [Grizzly] Inbound VM traffic fails at compute node
Greg Chavez
greg.chavez at gmail.com
Thu May 2 22:27:33 UTC 2013
I have Grizzly up and running on Ubuntu 13.04, following the excellent
instructions by Msekni Bilel. I'm using gre tunneling and per-tenant
routers. It looks something like this:
http://chavezy.files.wordpress.com/2013/03/ostack-log-net_iscsi.png
I was able to get a cirros m1.tiny VM launched easily. But although I've
associated a floating IP and configured secgroup rules, I am unable to get
any inbound traffic past the VM bridge.
The internal network is 192.168.252.0/23. The floating IP range is
10.21.166.1-254. The guest has IP 192.168.252.3 and is associate to
10.21.166.2.
So if I ping 10.21.166.2 from my external network, I can sniff the icmp
packets all the way to the VM linux bridge on the compute node. I can see
packets on qvb* but not tap*.
>From the VM console I am able to reach the external network. Packet dumps
show that traffic originates from 10.21.166.2.
Finally, I see no hits on my secgroup rules.
Any advice? I have interesting command output here:
http://pastebin.com/Cs514mkN
Thanks in advance.
--
\*..+.-
--Greg Chavez
+//..;};
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20130502/8b10f7ef/attachment.html>
More information about the Openstack
mailing list
