Open Stack

 It seems that the chains

 - Chain nova-network-OUTPUT
 - Chain nova-network-POSTROUTING
 - Chain nova-network-PREROUTING
 - Chain nova-network-float-snat

 are not populated correctly every time I start an instance.

 Any ideas why this is happening?


 Best,


 G.


 On Sat, 31 May 2014 14:09:13 +0300, Georgios Dimitrakakis wrote:
> Hi!
>
> For some days now I am trying to figure out what is the problem and
> IceHouse instances don't get internet access (you can have a look
> here:
> 
> https://www.mail-archive.com/openstack@lists.openstack.org/msg07138.html
> )
>
> Today I 've discovered that I have to put a NAT-firewall rule in the
> compute node every time I start an instance. The rule that is needed
> is:
>
> iptables -t nat -I POSTROUTING -o  eth0 -j MASQUERADE
>
>
> If I put the rule and then I start an instance then the instance
> doesn't have internet connectivity unless I put the rule again. The
> same applies if I start a second instance! All of them are loosing
> internet-connectivity. Putting the rule again and all of them are
> connected again. And the same happens again and again.
>
> Is this a bug somewhere??? Am I missing something??
>
> You all understand that it's not convenient at all to have to execute
> this every time an instance is started!
>
> Looking forward to hear your thoughts!
>
> Regards,
>
>
> G.

--