Thanks for the reply, it was really helpful. In my case the problem was exactly where Felix said - nova-network left some rules in iptables. And yeap (might help someone in debug), redirect to metadata service happens on network node in qrouter namespace: # ip netns exec qrouter-c7e7ea00-a362-4f4f-9a1c-a54ac86eb3be iptables -t nat -L ... Chain neutron-l3-agent-PREROUTING (1 references) target prot opt source destination REDIRECT tcp -- anywhere 169.254.169.254 tcp dpt:http redir ports 9697 ... 2014-06-15 8:41 GMT+03:00 Mark Kirkwood <mark.kirkwood at catalyst.net.nz>: > On 15/06/14 03:00, Sergey Motovilovets wrote: > >> Another problem is metadata service. I've tried like everything I found >> regarding neutron<->metadata configuration, without any success. I just >> can't connect to 169.254.169.254 from virtual machines, though they get >> configured by dhcp, can ping each other in their subnet and I can >> allocate floating IPs to them. >> >> > Do you get connection hang or interval server error? If the latter > see https://bugzilla.redhat.com/show_bug.cgi?id=950201 > > I ran into this as I had neutron_region_name misspelled in nova.conf and > metadata_agent.conf (I'm using Ubuntu 14.04 packages). > > regards > > Mark > > > _______________________________________________ > Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/ > openstack > Post to : openstack at lists.openstack.org > Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/ > openstack > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140615/c20247de/attachment.html>