← Back to team overview

openstack team mailing list archive

Re: Fwd: [Grizzly][Quantum] Floating IP is not reachable

 

We will need to look at iptables on your network node.
If you run iptables -n -tnat --list you should see a couple of DNAT/SNAT
rules for forwarding traffic netween 9.126.108.127.

In any case, bear in mind that the default security group does not allow
ICMP. If you have not enabled it, it might as well be that this is reason
for your issue.

Salvatore


On 30 May 2013 15:36, Anil Vishnoi <vishnoianil@xxxxxxxxx> wrote:

> Forwarding again with some hope for response :)
>
>
> ---------- Forwarded message ----------
> From: Anil Vishnoi <vishnoianil@xxxxxxxxx>
> Date: Thu, May 30, 2013 at 3:14 AM
> Subject: [Grizzly][Quantum] Floating IP is not reachable
> To: "openstack@xxxxxxxxxxxxxxxxxxx" <openstack@xxxxxxxxxxxxxxxxxxx>
>
>
>
> Hi All,
>
> I have a setup where controller/network node is running on one server and
> i have another server as a compute node. I am able to launch the VM and VM
> gets its private IP from its respective DHCP server as well. VM is
> connected to its private network. Private network is attached to the router
> and external network is set as a gateway for the router. I am able to
> associate floating ip to the VM as well.
>
> But when i ping this floating ip from internet, i am not able to ping.
> Although i am able to ping the gateway ip of the router. I checked the ARP
> entry for the floating ip, and its successfully resolving the arp for this
> floating ip.
>
> I can see this address in the router name space as well.
>
> # ip netns exec qrouter-3d7dfce4-c19a-4448-b276-1631690a403c ip addr
> 14: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
>     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>     inet 127.0.0.1/8 scope host lo
>     inet6 ::1/128 scope host
>        valid_lft forever preferred_lft forever
> 15: qr-e018e6ed-37: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500
> qdisc noqueue state UNKNOWN
>     link/ether fa:16:3e:f5:73:c5 brd ff:ff:ff:ff:ff:ff
>     inet 1.1.1.1/24 brd 1.1.1.255 scope global qr-e018e6ed-37
>     inet6 fe80::f816:3eff:fef5:73c5/64 scope link
>        valid_lft forever preferred_lft forever
> 19: qg-d75a619f-ac: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500
> qdisc noqueue state UNKNOWN
>     link/ether fa:16:3e:2e:c6:4b brd ff:ff:ff:ff:ff:ff
>     inet 9.126.108.126/24 brd 9.126.108.255 scope global qg-d75a619f-ac
>     inet 9.126.108.127/32 brd 9.126.108.127 scope global qg-d75a619f-ac
>  <<
>     inet6 fe80::f816:3eff:fe2e:c64b/64 scope link
>        valid_lft forever preferred_lft forever
>
>
> So i can ping 9.126.108.126 but i am not able to ping 9.126.108.127. Also
> both of these IP actually resolves to the same MAC address, is it expected
> ? I added rules in the default security group to allow TCP/UDP/ICMP traffic.
>
> Please let me know if anybody has any clue on whats going on here , and
> how can i further debug it. Please let me know if you need any other
> details.
> --
> Thanks
> Anil
>
>
>
> --
> Thanks
> Anil
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
>
>

Follow ups

References