Instance not accessible from public network

asked 2017-01-08 04:14:04 -0500

Sumit gravatar image

Hello There,

I am working on Openstack neuton release and not able to access instance public IP outside of Network node. I am a beginner and Following are some data points about the problem.

  1. My setup consists of separate node for Compute, Network & Compute running on Cent OS 7.
  2. I am able to ping the Public IP(172.18.20.184) assigned to my Instance(cirros) from the Network node, but public IP of instance not reachable from other nodes.
  3. From inside the instance I am able to ping public IP of my router name space(qrouter-xxx)(172.18.20.185) and From router name space also I am able to ping the floating public IP assigned to the Instance.
  4. I have already added the physical port of Network Node ( "eno16777984") in br-ex.
  5. I need to access my instance from outside of Network node, but not able to access.

Pasting some command outputs as reference points:

"osv-vsctl show" from network node:

[root@networknode neutron]# ovs-vsctl show
57ad0003-a110-4064-8158-f0f962a3cb2a
    Manager "ptcp:6640:127.0.0.1"
        is_connected: true
    Bridge br-ex
        Controller "tcp:127.0.0.1:6633"
            is_connected: true
        fail_mode: secure
        Port "eno16777984"
            Interface "eno16777984"
        Port br-ex
            Interface br-ex
                type: internal
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
    Bridge br-int
        Controller "tcp:127.0.0.1:6633"
            is_connected: true
        fail_mode: secure
        Port "qr-b69d96ae-a6"
            tag: 1
            Interface "qr-b69d96ae-a6"
                type: internal
        Port "qg-3ac492ee-e6"
            tag: 2
            Interface "qg-3ac492ee-e6"
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "tap0c2eba90-75"
            tag: 1
            Interface "tap0c2eba90-75"
                type: internal
        Port br-int
            Interface br-int
                type: internal
    Bridge br-tun
        Controller "tcp:127.0.0.1:6633"
            is_connected: true
        fail_mode: secure
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
        Port "vxlan-c0a87b03"
            Interface "vxlan-c0a87b03"
                type: vxlan
                options: {df_default="true", in_key=flow, local_ip="192.168.123.2", out_key=flow, remote_ip="192.168.123.3"}

ovs_version: "2.5.0"

"ip addr show" from network node:

[root@networknode neutron]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eno16777984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master ovs-system state UP qlen 1000
    link/ether 00:50:56:8f:59:ad brd ff:ff:ff:ff:ff:ff
    inet6 fe80::250:56ff:fe8f:59ad/64 scope link
       valid_lft forever preferred_lft forever
3: eno33557248: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
    link/ether 00:50:56:8f:68:64 brd ff:ff:ff:ff:ff:ff
    inet 192.168.123.2/24 brd 192.168.123.255 scope global eno33557248
       valid_lft forever preferred_lft forever
    inet6 fe80::250:56ff:fe8f:6864/64 scope link
       valid_lft forever preferred_lft forever
4: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN ...
(more)
edit retag flag offensive close merge delete
add a comment