[Openstack] Problem with firewall port and dnsmasq (dhcp)

wodel youchi wodel.youchi at gmail.com
Wed Jan 25 10:24:18 UTC 2017


I am a newbie on openstack, this is my first LAB, and my knowledge on
networking is not so good :-p

I have two physical machines, and I use them to build a lab following the
install guide on CentOS 7.

all my nodes are VMs and compute nodes use nested-kvm.

my two physical machines are connected together with a layer-2 swicth 1Gb/s.

I used option two for my network configuration, i.e. self-service network.

So far, everything is working good, except that my test VM (cirros) can't
get an IP address on the internal network, the dashboard shows that the VM
has an IP, but ifconfig shows nothing.

After some searching and googling around, I find the problem, but I
couldn't fix it.

The problem comes from the firewall of the controller node (firewalld),
when disabled, the VM test gets it IP address.

I tried to open the port 67 on both tcp and udp, but without luck, I am
using two ethernet ports on the controller, eth0 for management and eth1
for the provider network, the firewall applies it's rules on both ports,
but there are other ports/bridges/taps/vxlan created by openstack, I don't
know if the rules have to applied to them or not!!!

I don't know what to do, beside disable the firewall, but I don't think
it's a good idea.

Thanks in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20170125/a0d589a3/attachment.html>

More information about the Openstack mailing list