[Openstack] should instances be able to ping each other through a router?

ZHOU TAO A tao.a.zhou at alcatel-lucent.com
Mon Aug 25 09:03:28 UTC 2014 

I think you need to add a resource with type
type: OS::Neutron::RouterGateway.

On 08/24/2014 09:09 AM, Don Waterloo wrote:
> I have the below heat template instantiated.
>
> Each instance (h1/h2/h3) can ping out to the world just fine.
> In addition, h1 can ping h2 & h3, and they it. e.g. everyone can ping
> everyone on its own subnet.
> But h2 and h3 cannot ping each other (this is a routing function
> rather than local net).
>
> I am using vxlan with neutron, ovs ml2 on icehouse ubuntu 14.04.
>
> I have port_security disabled (and iptables -L shows this to be true
> in the router namespace).
>
> what is happening is the ping hits the router port, and stops.
> e.g. 172.16.1.X sends ICMP to 172.16.2.1, and its never seen again.
>
> Should I be expecting this to work? It seems that this should not be
> an SNAT issue, its all inside my private networking space.
>
> >From the host, if I 'ip netns exec qrouter-<...>' i can ping each
> interface inside each vm, so i know the host can reach them.
>
> So, uh, suggestions on how to debug this? My 'trusty' image below is
> ubuntu 14.04, but it also happens w/ cirros fwiw.
>
> --------------<snip>--------------
> heat_template_version: 2013-05-23
>
> description: >
>
> resources:
>    key:
>      type: OS::Nova::KeyPair
>      properties:
>        name: { str_replace: { params: { $stack_name: { get_param:
> 'OS::stack_name' } }, template: '$stack_name-key' } }
>        save_private_key: True
>
>    rtr:
>      type: OS::Neutron::Router
>      properties:
>        admin_state_up: True
>        name: { str_replace: { params: { $stack_name: { get_param:
> 'OS::stack_name' } }, template: '$stack_name-rtr' } }
>        external__info:
>          network: "ext-net"
>
>    ctrl_net:
>      type: OS::Neutron::Net
>      properties:
>        name: { str_replace: { params: { $stack_name: { get_param:
> 'OS::stack_name' } }, template: '$stack_name-data-ctrl-net' } }
>
>    ctrl_subnet:
>      type: OS::Neutron::Subnet
>      properties:
>        name: { str_replace: { params: { $stack_name: { get_param:
> 'OS::stack_name' } }, template: '$stack_name-data-ctrl-subnet' } }
>        enable_dhcp: True
>        network_id: { get_resource: ctrl_net }
>        cidr: 172.16.1/24
>        allocation_pools:
>          - start: 172.16.1.10
>            end: 172.16.1.254
>
>    router_i0:
>      type: OS::Neutron::RouterInterface
>      properties:
>        router_id: { get_resource: rtr }
>        subnet_id: { get_resource: ctrl_subnet }
>
>    router_i1:
>      type: OS::Neutron::RouterInterface
>      properties:
>        router_id: { get_resource: rtr }
>        subnet_id: { get_resource: data_int_subnet }
>
>    int_net:
>      type: OS::Neutron::Net
>      properties:
>        name: { str_replace: { params: { $stack_name: { get_param:
> 'OS::stack_name' } }, template: '$stack_name-int-net' } }
>
>    data_int_subnet:
>      type: OS::Neutron::Subnet
>      properties:
>        name: { str_replace: { params: { $stack_name: { get_param:
> 'OS::stack_name' } }, template: '$stack_name-data-int-subnet' } }
>        enable_dhcp: True
>        network_id: { get_resource: int_net }
>        cidr: 172.16.2/24
>        allocation_pools:
>          - start: 172.16.2.10
>            end: 172.16.2.254
>
>
>    h1:
>      type: OS::Nova::Server
>      properties:
>        name: { str_replace: { params: { $stack_name: { get_param:
> 'OS::stack_name' } }, template: '$stack_name-h1' } }
>        key_name: { get_resource: key }
>        image: "trusty"
>        flavor: "m1.tiny"
>        config_drive: "true"
>        networks:
>          - network: { get_resource: ctrl_net }
>          - network: { get_resource: int_net }
>        user_data_format: RAW
>        user_data: |
>          #!/bin/bash
>          ifup eth1
>          dhclient eth1
>
>    h2:
>      type: OS::Nova::Server
>      properties:
>        name: { str_replace: { params: { $stack_name: { get_param:
> 'OS::stack_name' } }, template: '$stack_name-h2' } }
>        key_name: { get_resource: key }
>        image: "trusty"
>        flavor: "m1.tiny"
>        config_drive: "true"
>        networks:
>          - network: { get_resource: ctrl_net }
>
>    h3:
>      type: OS::Nova::Server
>      properties:
>        name: { str_replace: { params: { $stack_name: { get_param:
> 'OS::stack_name' } }, template: '$stack_name-h3' } }
>        key_name: { get_resource: key }
>        image: "trusty"
>        flavor: "m1.tiny"
>        config_drive: "true"
>        networks:
>          - network: { get_resource: int_net }
>
> outputs:
>      key:
>          description: The private key to login to these images with
> (try heat output-show <NAME> key | sed -e 's?"??g' -e 's?\\n?\n?g' >
> ~/.ssh/<NAME>_rsa)
>          value: { get_attr: [ key, private_key] }
>
> --------------<snip>--------------
>
> _______________________________________________
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to     : openstack at lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>

More information about the Openstack mailing list