openstack team mailing list archive

[Christian Parpart <trapni@xxxxxxxxx>]

Hey guys,

I'm having an OpenStack Essex installation with one central gateway node,
that now
has two uplinks.

The first uplink is the one we had earlier, too, and is available from
the nova-network's node ethernet device vlan380 while the second
uplink is available from vlan381. The hosts default route points to
the router behind vlan380 however.

I then set up a second routing table to allow traffic from/to the second
uplink via:

echo 2 uplink2 >> /etc/iproute2/rt_tables
ip route add 192.192.192.192/27 dev vlan381 table uplink2
ip route add default via 192.192.192.193 dev vlan381 table uplink2
ip rule add from 192.192.192.192/27 table uplink2


Now I can assign any IP to the second uplink's interface and it just works
from outside in and inside out.

I now added most of the new IPs to the OpenStack into a new pool, called
public381,
allocated and associated one of those new IPs to an instance.

But as soon as I now try to ping from inside out or from outside world
into the given public (floating) IP it just fails I do not know how to
solve it.

Checking the nova-network's node configuration, I see:

root@nova-network1:~# ip addr show | grep 192.192.192
    inet 192.192.192.202/32 scope global vlan381

root@nova-network1:~# iptables -t nat -L | grep 192.192.192
DNAT       all  --  anywhere             192.192.192.202       to:10.10.49.4
DNAT       all  --  anywhere             192.192.192.202       to:10.10.49.4
SNAT       all  --  test1.cloud.dc       anywhere
 to:192.192.192.202

So it seems that the floating IP and SNAT/DNAT rules got properly assigned.

What may I be missing ?

Best regards,
Christian.