[Openstack] Giving openstack VMs internet access from second interface

Trey Lawrence trey at spell.run
Fri Mar 31 21:00:26 UTC 2017


On our bare-metal servers, we have three network interfaces:
eth0: open to the internet and has fixed public ip for each of our nodes
eth1: openstack internal network
eth2: DHCP without internet access that we're using for our external
provider network

We can set up the VMs on eth2 without any trouble, but we're running into
problems bridging over to eth0 to give them internet access. *Ideally, I'd
like to have a floating ip from eth2 assigned to VMs, but to use the VM's
hypervisor host's eth0 interface for internet access. Is there an easy way
to do this?*

So far I've tried adding a second provider network over eth0, and just
creating another network. But that doesn't seem to be working. Below are
the commands I'm using:
# This works
openstack network create eth2 \
    --provider-physical-network physnet1 \
    --provider-network-type flat \
openstack subnet create eth2 \
    --network eth2 \
    --subnet-range \
openstack network create eth2-private \
    --provider-network-type vxlan
openstack subnet create eth2-private \
    --network eth2-private \
    --subnet-range \
openstack router create router
openstack router add subnet router eth2-private
openstack router set router --external-gateway eth2

# This doesn't work. Network is created, but doesn't have internet access.
# I check using the following command:
# ip netns exec {internet router} ping
openstack network create eth0 \
    --provider-physical-network physnet2 \
    --provider-network-type flat \
openstack subnet create eth0 \
    --network eth0 \
    --subnet-range $public_subnet.0/24 \
    --gateway $public_subnet.221 \
openstack network create eth0-private \
    --provider-network-type vxlan
openstack subnet create eth0-private \
    --network eth0-private \
    --subnet-range \
    --gateway \
openstack router create internet
openstack router add subnet internet eth0-private
openstack router set internet --disable-snat --external-gateway eth0

Any help is appreciated, thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20170331/de16a0c7/attachment.html>

More information about the Openstack mailing list