openstack team mailing list archive

["Chathura M. Sarathchandra Magurawalage" <77.chathura@xxxxxxxxx>]

Thanks.

root@controller:~# iptables -t nat -L -n
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
quantum-l3-agent-PREROUTING  all  --  0.0.0.0/0            0.0.0.0/0

nova-api-PREROUTING  all  --  0.0.0.0/0            0.0.0.0/0

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
quantum-l3-agent-OUTPUT  all  --  0.0.0.0/0            0.0.0.0/0
nova-api-OUTPUT  all  --  0.0.0.0/0            0.0.0.0/0

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
quantum-l3-agent-POSTROUTING  all  --  0.0.0.0/0            0.0.0.0/0

nova-api-POSTROUTING  all  --  0.0.0.0/0            0.0.0.0/0
quantum-postrouting-bottom  all  --  0.0.0.0/0            0.0.0.0/0

nova-postrouting-bottom  all  --  0.0.0.0/0            0.0.0.0/0

Chain nova-api-OUTPUT (1 references)
target     prot opt source               destination

Chain nova-api-POSTROUTING (1 references)
target     prot opt source               destination

Chain nova-api-PREROUTING (1 references)
target     prot opt source               destination

Chain nova-api-float-snat (1 references)
target     prot opt source               destination

Chain nova-api-snat (1 references)
target     prot opt source               destination
nova-api-float-snat  all  --  0.0.0.0/0            0.0.0.0/0

Chain nova-postrouting-bottom (1 references)
target     prot opt source               destination
nova-api-snat  all  --  0.0.0.0/0            0.0.0.0/0

Chain quantum-l3-agent-OUTPUT (1 references)
target     prot opt source               destination
DNAT       all  --  0.0.0.0/0            192.168.2.152        to:10.5.5.3

Chain quantum-l3-agent-POSTROUTING (1 references)
target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            ! ctstate DNAT
ACCEPT     all  --  10.5.5.0/24          192.168.2.225

Chain quantum-l3-agent-PREROUTING (1 references)
target     prot opt source               destination
DNAT       tcp  --  0.0.0.0/0            169.254.169.254      tcp dpt:80 to:
192.168.2.225:8775
DNAT       all  --  0.0.0.0/0            192.168.2.152        to:10.5.5.3

Chain quantum-l3-agent-float-snat (1 references)
target     prot opt source               destination
SNAT       all  --  10.5.5.3             0.0.0.0/0
 to:192.168.2.152

Chain quantum-l3-agent-snat (1 references)
target     prot opt source               destination
quantum-l3-agent-float-snat  all  --  0.0.0.0/0            0.0.0.0/0

SNAT       all  --  10.5.5.0/24          0.0.0.0/0
 to:192.168.2.151

Chain quantum-postrouting-bottom (1 references)
target     prot opt source               destination
quantum-l3-agent-snat  all  --  0.0.0.0/0            0.0.0.0/0


I can not see anything going through qg-XXXX interface.

I have activated net.ipv4.ip_forward in /etc/sysctl.conf.

On 25 March 2013 13:03, Sylvain Bauza <sylvain.bauza@xxxxxxxxxxxx> wrote:

> Le 25/03/2013 12:49, Chathura M. Sarathchandra Magurawalage a écrit :
>
>
>> I have got one question on this. Does quantum directly request leases
>> from the gateway of the physical network before reserving them to allocate
>> to VMs?
>>
>>
>>
> Nope, not at all. It's up to the administrator to make sure the IP ranges
> for Openstack are not pooled by any other DHCP server. There is (as per my
> knowledge) no way to sync up in between quantum-l3-agent and other DHCP
> servers.
>
> Actually, contrary to fixed ip networks in Quantum, floating IP networks
> are not DHCP managed. Eligibility is made upon next IP address available in
> Quantum mysql database and directly injected into iptables, that's it.
>
> -Sylvain
>