[Openstack] [OpenStack] Second Public IP for VM on Another Public Network does not work properly

Ludwig Tirazona ljtirazona at gmail.com
Wed Aug 17 09:08:46 UTC 2016


Hello,


Has anybody had this experience/problem as well?

---------------
OVERVIEW

I have two separate public networks, each with their entirely separate
IP block.

I need a VM to have Floating IPs on both of these networks.

I am on OpenStack Liberty.
--------------

ACTIONS

I create two routers and two private subnets in my Project, one for each
public network.

I create an instance attached to subnet1, and give it a floating IP on
PubNet1.

Everything is working fine.

I attach a second interface for subnet2 to the VM. I give it the static
address that Neutron-DHCP would have given it, were it using DHCP.

Everything is working fine.

>From the "Access & Security" > "Floating IPs" interface on Horizon, I
assign a Floating IP from PubNet2 to the VM's interface on subnet2.


--------------

PROBLEM

Here's where things get wonky:

Although the Floating IP assignment request completes successfully,
connections to the VM on the PubNet2 floating IP do not reach the VM.
-------------------


DETAILS

I have a wide-open Security Group for the VM, allowing everything in and
out.

On the VM, I have configured a static route to PubNet2 through the
subnet2 gateway.

>From the VM, I can ping my PubNet2 router's PubNet2 IP, and the PubNet2
gateway as well. I can't ping the VM's PubNet2 Floating IP.


I see the VM's 2nd Floating IP on the qrouter's network namespace on my
Network Node.

I do the following:

ip netns exec qrouter-<PubNet2 router ID> ping <PubNet2 Router Public IP>

that pings successfully.

ip netns exec qrouter-<PubNet2 router ID> ping <VM PubNet2 Floating IP >

that fails to ping. Even through I see it's on the same network
namespace interface ast the PubNet2 Router Public IP.


-------------------------------

I hope I was able to describe the problem accurately, but concisely as well.

Does anybody have an idea as to what the problem might be?

Is what I'm even attempting supposedly possible with Neutron-Liberty?

What can I try?




Thanks in advance!




More information about the Openstack mailing list