Hi diul,

Your networking might be broken in several points:

1) If you're unable to ping from your instances then perhaps your l3 agent is not working properly. There might be multiple reasons for this. It might not be receiving notifications from the quantum server, or quantum-rootwrap is complaining, for instance. The logs will be able to tell you more. 2) If you're not able to ping but you can see the tap interface on the network node then the issue might be on the wire. If you're doing isolation with VLANs, ensure the physical switch ports are trunked. If you're doing GRE, ensure the local ip for each host is correctly configured (this is the IP where the GRE tunnels are terminated). Also, it won't harm checking IP configuration for the tap interface corresponding to the internal router interface. 3) If you can ping then the first thing to check is the SNAT rule for going to your external gateway. This rule should SNAT to the IP address on the external network which has been picked for your router. 4) If you can ping, and the SNAT rules are fine, then perhaps the issue is in br-ex or in the nexthop for One test you can do is to manually configure an IP in the public network range on some other host and try and ping the external gateway of your router. If it does not reply, you might want to check again the connection between br-ex and the physical network. If you can reach your external network in this way, you should probably check that the route for is correctly configured and its nexthop is reachable.

Hope this helps, Salvatore