Hi,

I'm currently looking to host OpenStack on an AWS instance. I have installed Openstack-Kilo (Single node setup) in Ubuntu 14.04(HVM Ec2 Instance) with OpenVswitch/GRE/Neutron networking and QEMU emulator for computing.

I can provision new VMs and ping the router Gateway from the VM. Also, can ping the VM's floating IP from the Controller.

But the problem is to access the internet from the VM. Notably pinging 8.8.8.8 from "ip netns exec router-xxxxx" also not reaching the gateway.

I have 3NICs attached to my EC2 instance. In that eth2 is mapped with br-ex OVS bridge, eth1 for VM tunnnel network, and eth0 for openstack Management network.

Important:

In available 3NICs, I can access the internet thru only one NIC at a time. I.e., Any one NIC is accessible to internet. For example, If I assigned the default gateway to eth0, then executing "ping 8.8.8.8 -I eth1" will failed to access the internet.

Notably, If I assigned default gateway to br-ex or eth2 (external network NIC), then no NIC is accessible to internet.

I have listed the VPC/OVS-Br/Route information below:

**AWS VPC Details:**

VPC CIDR: 172.16.0.0/16
VPC Subnet CIDR: 172.16.0.0/16

**VPC Route Table:**
Destination         Target          Status      Propagated
172.16.0.0/16       local           Active      No
0.0.0.0/0       internet-GateWay    Active      No


**AWS Instance Details:**

VM_Name: Openstack_Kilo_Controller
NIC details:
Name        Private_IP          Public_IP
eth0        172.16.24.177       36.H.H.33
eth1        172.16.15.184       36.H.H.22
eth2        172.16.2.27


**VM routing table information**:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use  Iface
default          172.16.0.1      0.0.0.0             UG    0      0        0      eth0
172.16.0.0          *               255.255.0.0        U     0      0        0      eth1
172.16.0.0          *               255.255.0.0        U     0      0        0      eth0
192.168.122.0       *             255.255.255.0    U     0      0        0      virbr0

Cat /etc/network/interface file:

#Management Network
auto eth0
iface eth0 inet static
address 172.16.24.177
netmask 255.255.0.0
gateway 172.16.0.1


# The external network interface
auto eth2
iface eth2 inet manual
        up ip link set dev $IFACE up
        down ip link set dev $IFACE down


#Tunnel network
auto eth1
iface eth1 inet static
address 172.16.15.184
netmask 255.255.0.0

vim /etc/neutron/plugins/ml2/ml2_conf.ini

[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types = gre
mechanism_drivers = openvswitch

[ml2_type_flat]
flat_networks = external

[ml2_type_gre]
tunnel_id_ranges = 1:1000

[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

[ovs]
local_ip = 172.16.15.184
bridge_mappings = external:br-ex

[agent]
tunnel_types = gre

ovs-vsctl show output:

1e33e3bd-ee07-4ded-86da-49d34068f7a8
    Bridge br-tun
        fail_mode: secure
        Port br-tun
            Interface br-tun
                type: internal
        Port "gre-ac1018b1"
            Interface "gre-ac1018b1"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="172.16.15.184", out_key=flow, remote_ip="172.16.24.177"}
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun ...