Ask Your Question

Revision history [back]

I believe box has to have eth0 and eth1

1.Interface 'eth1' should be connected to the local net
Interface 'eth0' should be connected to the public network ( not Neutron L3  external subnet)
AIO install should be bind to IP of eth1 subnet (

After setup :-
$ ovs-ctl add-port br-ex eth1
So, eth1 become OVS port of br-ex with no IP.

If just one command
$ iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
won't help, then try "double nat hack" :-

/etc/neutron/l3_agent.ini should have
gateway_external_network_id = neutron-public-network-id

start on neutron-l3-agent

 iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
 ip addr add dev br-ex
 while read private public ; do
   test "$public" || continue
     iptables -t nat -A POSTROUTING -s $private/32 -j SNAT --to-source $public
     iptables -t nat -A PREROUTING  -d $public/32 -j DNAT --to-destination $private
 done <<EOF
 your-floating-ip  public-ip-you-need 
 your-floating-ip belongs

2.If it won't work then manage like suggested in

Just update for one box ( Andrew did for Cluster ) . View Andrew's answer file solution :-

CONFIG_NOVA_VNCPROXY_HOST= (IP from public network)

I realise that second approach is based on RH's puppet technology and requires translation to Ubuntu.