On Wed, May 6, 2015 at 10:56 PM, Andrew Bogott <abogott at wikimedia.org> wrote: > Since time immemorial, I've accepted as a fact of life that routing from > a nova instance to another instance via floating ip is impossible. We've > coped with this via a hack in dnsmasq, setting an alias to rewrite public > IPs to the corresponding internal IP. Have you checked this serverfault question[0]? The issue is different though: VM not being able to contact its own floating iP, but maybe it's related. It also contains links to relevant bugs. We have a Folsom deployment where we patched nova-network to add the proper SNAT and DNAT rules to fix this, and I can confirm that I can ssh from a VM to the other using the public IP. I would post the patch but since you are running Icehouse they are probably not relevant. [0]: http://serverfault.com/questions/460348/why-cant-openstack-vm-reach-itself-via-its-floating-ip .a. -- antonio.s.messina at gmail.com antonio.messina at uzh.ch +41 (0)44 635 42 22 S3IT: Service and Support for Science IT http://www.s3it.uzh.ch/ University of Zurich Winterthurerstrasse 190 CH-8057 Zurich Switzerland