[Openstack] Openstack instance not able to ping google.com

yatin kumbhare yatinkumbhare at gmail.com
Mon Dec 29 17:19:40 UTC 2014


I guess the, masquerade should be on br100

Regards,
yatin

On Mon, Dec 29, 2014 at 9:23 PM, Kyle R <k.w.ritchie0 at gmail.com> wrote:

> What do your security rules look like for that project/tenant?
>
> On Mon, Dec 29, 2014 at 9:51 AM, somshekar kadam <som_kadam at yahoo.co.in>
> wrote:
>
>> Hello All,
>>
>> I have openstack instance able to ping compute/controller and other hosts
>> in the network.
>> Not able to ping google.com
>> My external network is 10.10.126.xx
>>
>> able to ping 10.10.126.1 gateway
>>
>> able to ping host controller 10.10.126.62 which also nova compute
>> able to ping other hosts 10.10.126.54 and other machines in network.
>> able to ping br100 and virbr0
>>
>> enabled /etc/sysctl.conf to contain the following: net.ipv4.ip_forward=1
>> and also enabled masquerading in the iptables
>> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
>>
>> internal IP of instance is 10.4.128.2 and floating IP assigned is
>> 10.10.126.129
>> On instance route command
>> [root at newtry fedora]# route -n
>> Kernel IP routing table
>> Destination     Gateway         Genmask         Flags Metric Ref    Use
>> Iface
>> 0.0.0.0         10.4.128.3      0.0.0.0         UG    0      0        0
>> eth0
>> 10.4.128.0      0.0.0.0         255.255.240.0   U     0      0        0
>> eth0
>> [root at newtry fedora]#
>>
>> on the controller machine
>> stack at celestial-PC-1:~$ route -n
>> Kernel IP routing table
>> Destination     Gateway         Genmask         Flags Metric Ref    Use
>> Iface
>> 0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0
>> wlan0
>> 10.4.128.0      0.0.0.0         255.255.240.0   U     0      0        0
>> br100
>> 10.10.126.0     0.0.0.0         255.255.255.0   U     0      0        0
>> br100
>> 192.168.1.0     0.0.0.0         255.255.255.0   U     9      0        0
>> wlan0
>> 192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0
>> virbr0
>> stack at celestial-PC-1:~$
>>
>>
>>
>> on instance
>> [root at newtry fedora]# ip addr
>> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group
>> default
>>     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>>     inet 127.0.0.1/8 scope host lo
>>        valid_lft forever preferred_lft forever
>>     inet6 ::1/128 scope host
>>        valid_lft forever preferred_lft forever
>> 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
>> state UP group default qlen 1000
>>     link/ether fa:16:3e:20:e6:e5 brd ff:ff:ff:ff:ff:ff
>>     inet 10.4.128.2/20 brd 10.4.143.255 scope global eth0
>>        valid_lft forever preferred_lft forever
>>     inet6 fe80::f816:3eff:fe20:e6e5/64 scope link
>>        valid_lft forever preferred_lft forever
>> [root at newtry fedora]#
>>
>>
>> what is missing not able to ping google.com from instance
>> please help on this with your valuable suggestions
>>
>> thanks in advance
>>
>>
>> Regards
>> Neelu
>>
>>
>>
>>
>> _______________________________________________
>> Mailing list:
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> Post to     : openstack at lists.openstack.org
>> Unsubscribe :
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>
>>
>
> _______________________________________________
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to     : openstack at lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20141229/2dfbaa36/attachment.html>


More information about the Openstack mailing list