openstack team mailing list archive

Thread
Date

Re: [openstack] how to configure quantum so that two private network can ping each other?

To: Yuling_C@xxxxxxxx
From: 彭勇 <ppyy@xxxxxxxxxx>
Date: Sat, 15 Jun 2013 17:21:13 +0800
Cc: "openstack@xxxxxxxxxxxxxxxxxxx" <openstack@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <0B87C97B6D8E0B43BAF497C2B90FA0F3E1543EA4B6@AUSX7MCPC101.AMER.DELL.COM>
Sender: ppyy@xxxxxxxxxx

which OS do you use?

if you use RDO on RHEL, please refer to:

https://access.redhat.com/site/documentation//en-US/Red_Hat_OpenStack/3/html/Release_Notes/ch03.html

When the openvswitch quantum plugin is used, and Nova is configured with


libvirt_vif_driver = nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver

the necessary forwarding rules are not created automatically and the Red
Hat Enterprise Linux firewall blocks forwarding of network traffic. Hence
traffic between VMs located on different compute nodes is blocked.
Workarounds to avoid blocking traffic between VMs located on different
compute nodes:

   1. If using nova security groups, add the following iptables rule on
   each compute node:

   #iptables -t filter -I FORWARD -i qbr+ -o qbr+ -j ACCEPT# service
iptables save

   Either reboot, or restart nova-compute after adding this rule, since the
   rules nova-compute adds at startup must precede this rule.
   2. If not using Nova security groups, an alternative solution is to set:


   libvirt_vif_driver =
nova.virt.libvirt.vif.LibvirtOpenVswitchVirtualPortDriver




2013/6/15 <Yuling_C@xxxxxxxx>

>  Hi All,
>
> From openstack documentation, it seems that if we need to create routers
> in order to have two private network ping each other. However, I followed
> the instruction on the website
> http://docs.openstack.org/trunk/openstack-network/admin/content/l3_workflow.html,
> but still could not get the ping working through two private networks.
>
> Here is what I did:
>
> 1. I'm using the Vlan mode for OVS network type.
> 2. I created one network net1 in one subnet.
> 3. I created another network net2 in another subnet.
> 4. I created a router and attached the two subnet interfaces to the router.
> 5. I created two VM instances on net1 and net2 respectively.
> 6. However, I still was not able to ping from vm1 to vm2.
>
> Any idea?
>
> Thanks,
>
> YuLing
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
>



-- 
Peng Yong

Follow ups

Re: [openstack] how to configure quantum so that two private network can ping each other?
From: Yuling_C, 2013-06-15

References

[openstack] how to configure quantum so that two private network can ping each other?
From: Yuling_C, 2013-06-15