openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #10699
Re: questions about IP addressing and network config
Jimmy,
Nova is designed to manage IP addresses.
That means that even with Flat manager it will be allocating IP addresses
for you,
storing them in DB. The difference btw FlatDHCP is Flat injects
/etc/network/interfaces to the instance,
not providing IP by DHCP. So, anti-spoofing rules should be the same (I
never checked though for Flat).
If you want to provide your own addresses to instances, I believe you will
need to extend nova code
to provide your custom IP address in API request, and then if it's not
already allocated, it should get allocated.
Regards,
On Fri, Apr 27, 2012 at 3:27 PM, Jimmy Tsai <cmingt@xxxxxxxxx> wrote:
> Thanks Vish & Mike.
>
> It works very well after flush the anti-spoofing rules , I change the IP
> address and bind alias IP to an interface,
> but when I restart nova-network and nova-compute , I can't ping neither
> the IP I changed nor the instances I haven't changed.
> I'll try to figure out what happened with that !!
>
> Even I change the IP address, I can't not see the correct address on
> Dashboard, because the record of nova.fixed_ips not changed.
> I should try with FlatManager to allocate static IP.
>
> Thanks,
> -Jimmy
>
>
> 2012/4/27 Mike Scherbakov <mihgen@xxxxxxxxx>
>
>>
>>
>> On Thu, Apr 26, 2012 at 10:31 PM, Vishvananda Ishaya <
>> vishvananda@xxxxxxxxx> wrote:
>>
>>>
>>> On Apr 25, 2012, at 7:31 PM, Jimmy Tsai wrote:
>>>
>>> >
>>> > Hi everyone,
>>> >
>>> > I'm running with Essex 2012.1,
>>> > and have some questions about the nova network operation,
>>> >
>>> > 1. Is it possible manually assigned IP address to a launched instance,
>>> my situation is :
>>> > after instance boot up (OS: CentOS 6.2), I changed the
>>> /etc/sysconfig/network-scripts/ifcfg-eth0 setting
>>> > from dhcp to static (the same subnet as created by command :
>>> nova-manage create network....), and restart the network service,
>>> > And then I couldn't ssh or ping the instance from other server with
>>> the same subnet.
>>> > What is the problem ? I checked the iptables policies on the compute
>>> host, and find nothing about the DROP packets.
>>> > I also tried to changed the record from nova.fixed_ips table and
>>> libvirt.xml of the instance, then reboot the instance, still not worked.
>>> > I used FlatDHCP as my network manager.
>>>
>>> You can't do this. Libvirt sets up no mac spoofing and no ip spoofing
>>> so the ip address needs to match the dhcp'd one. You should be able to
>>> switch to a static and use the same info that you get from dhcp though.
>>> >
>>> > 2. According to the first question, I have another requirement to set
>>> up a loopback IP address (lo:0) on the running instance, after setting was
>>> completed,I couldn't ping or ssh the loopback IP from the same subnet, and
>>> I tried to set a alias IP address with eth0:0, but still not get worked.
>>> > Any ideas with this ?
>>>
>>
>>> Not sure
>>>
>> I guess it's the same issue as with setting a different IP from what
>> dnsmasq provided. You can try ebtables -F; ebtables -t nat -F to flush
>> those anti spoofing rules.
>>
>
>>> >
>>> > 3. Is there any way to use 2 NICs with different subnets on instances?
>>> I want to separate the network traffic.
>>> > Now I'm running with one bridged interface (br100), and it works well.
>>> In order to backup the large log files,
>>> > I'm planing to use 2 NICs for the compute hosts, I want use 2 vNICs on
>>> instance, one for web service and the other for log backup,
>>> > I think I should create a new network for the second bridged
>>> interface, but I can't find any document to guild me.
>>>
>>> This is definitely possible with FlatManager (You could use cloud_config
>>> drive and some version of contrib/openstack-config converted to work with
>>> centos to set up the interfaces)
>>>
>>> It was possible at one point with FlatDHCPManager as well by creating
>>> multiple networks and using a specific combination of config options like
>>> use_single_default_gateway. I don' t know if anyone has tried this for a
>>> while so there may be issues with it. You might try creating a second
>>> network and setting use_single_default_gateway and see what happens.
>>>
>> Confirm that it works with Essex release.
>> If you don't specify use_single_default_gateway=true your default route
>> will be jumping from one interface to another. If you both subnets are
>> covered by --fixed_network, it's fine even without setting
>> the use_single_default_gateway.
>>
>>
>>> There are plans underway to support this by only dhcping the first
>>> interface and allowing a guest agent to set up the other interfaces, but it
>>> isn't in place yet.
>>>
>>> Vish
>>> _______________________________________________
>>> Mailing list: https://launchpad.net/~openstack
>>> Post to : openstack@xxxxxxxxxxxxxxxxxxx
>>> Unsubscribe : https://launchpad.net/~openstack
>>> More help : https://help.launchpad.net/ListHelp
>>>
>>
>>
>>
>> --
>> Mike Scherbakov
>>
>
>
--
Mike Scherbakov
Follow ups
References