Ask Your Question

Revision history [back]

Use as comment. Please, obtain analog of this report on your network node

ubuntu@ubuntu-system:~/devstack$ sudo ip netns exec qrouter-ad60fdb9-db42-4e8f-b533-b9527124ca30  iptables -S -t nat
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT
-N neutron-l3-agent-OUTPUT
-N neutron-l3-agent-POSTROUTING
-N neutron-l3-agent-PREROUTING
-N neutron-l3-agent-float-snat
-N neutron-l3-agent-snat
-N neutron-postrouting-bottom
-A PREROUTING -j neutron-l3-agent-PREROUTING
-A OUTPUT -j neutron-l3-agent-OUTPUT
-A POSTROUTING -j neutron-l3-agent-POSTROUTING
-A POSTROUTING -j neutron-postrouting-bottom
-A neutron-l3-agent-OUTPUT -d 192.168.10.153/32 -j DNAT --to-destination 10.254.1.5
-A neutron-l3-agent-OUTPUT -d 192.168.10.154/32 -j DNAT --to-destination 10.254.1.6
-A neutron-l3-agent-OUTPUT -d 192.168.10.156/32 -j DNAT --to-destination 10.254.1.8
-A neutron-l3-agent-OUTPUT -d 192.168.10.155/32 -j DNAT --to-destination 10.254.1.7
-A neutron-l3-agent-POSTROUTING ! -i qg-fbff8595-eb ! -o qg-fbff8595-eb -m conntrack ! --ctstate DNAT -j ACCEPT
-A neutron-l3-agent-PREROUTING -d 192.168.10.153/32 -j DNAT --to-destination 10.254.1.5
-A neutron-l3-agent-PREROUTING -d 192.168.10.154/32 -j DNAT --to-destination 10.254.1.6
-A neutron-l3-agent-PREROUTING -d 192.168.10.156/32 -j DNAT --to-destination 10.254.1.8
-A neutron-l3-agent-PREROUTING -d 192.168.10.155/32 -j DNAT --to-destination 10.254.1.7
-A neutron-l3-agent-PREROUTING -d 169.254.169.254/32 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 9697
-A neutron-l3-agent-float-snat -s 10.254.1.5/32 -j SNAT --to-source 192.168.10.153
-A neutron-l3-agent-float-snat -s 10.254.1.6/32 -j SNAT --to-source 192.168.10.154
-A neutron-l3-agent-float-snat -s 10.254.1.8/32 -j SNAT --to-source 192.168.10.156
-A neutron-l3-agent-float-snat -s 10.254.1.7/32 -j SNAT --to-source 192.168.10.155
-A neutron-l3-agent-snat -j neutron-l3-agent-float-snat
-A neutron-l3-agent-snat -o qg-fbff8595-eb -j SNAT --to-source 192.168.10.150
-A neutron-postrouting-bottom -m comment --comment "Perform source NAT on outgoing traffic." -j neutron-l3-agent-snat