Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

router is using SNAT like: -A quantum-l3-agent-POSTROUTING -s 10.0.1.0/24 -d 8.0.1.2/32 -j ACCEPT -A quantum-l3-agent-snat -s 10.0.1.0/24 -j SNAT --to-source 8.0.1.2

floatingip is using DNAT and SNAT like: sudo ip netns exec qrouter-4939a98b-4084-4fc0-9d28-0c3938f22f98 ip -4 addr add 8.0.1.3/32 brd 8.0.1.3 scope global dev {gw_iface} OUTPUT -d 8.0.1.3/32 -j DNAT --to-destination 10.0.1.3 PREROUTING -d 8.0.1.3/32 -j DNAT --to-destination 10.0.1.3 float-snat -s 10.0.1.5/32 -j SNAT --to-source 8.0.1.3

you can use the command to see iptables: sudo ip netns exec qrouter-4939a98b-4084-4fc0-9d28-0c3938f22f98 iptables-save