Ask Your Question
0

map VM floating IP to outside IP, to access VM instance.

asked 2017-03-01 18:13:20 -0500

  • I have the following single host Openstack RDO and everything works fine.
  • I can connect from any host in the network to both CLI and Horizon.
  • Created a VM inside Openstack and assigned a floating IP, which works as expected.

    image description

    openstack server list

+--------------------------------------+---------+--------+-------------------------------+------------+ | ID
| Name | Status | Networks
| Image Name | +--------------------------------------+---------+--------+-------------------------------+------------+ | 0b1f4d14-3a20-4585-9614-3c7fc96005ca | cirros1 | ACTIVE | net11=11.0.0.11, 172.24.4.235 | cirros | +--------------------------------------+---------+--------+-------------------------------+------------+

I can access the VM from withing Openstack using the floating IP, but because the "public" IP is from 172.24.4.0/28 is not accessible from the outside network 192.168.0.0/24.

I added a couple of IP tables to map the VM floating IP (port 22) to the another IP from the outside network (192.168.0.109 port 2222)

iptables -A FORWARD -i eno16777736 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -t nat -A POSTROUTING -o br-ex -s 172.24.4.235 -j SNAT --to-source 192.168.0.109
iptables -t nat -A PREROUTING -i eno16777736 -d 192.168.0.109 -p tcp --dport 2222 -j DNAT --to-destination 172.24.4.235:2222

It dosn't work !

I suspect the iptables, any help?

IP inf.

image description

edit retag flag offensive close merge delete

Comments

This indeed solved the issue. Thanks @bernd-bausch. If you repost your solution as an answer I will mark it as "Solution".

AJ NOURI gravatar imageAJ NOURI ( 2017-03-03 07:45:38 -0500 )edit

1 answer

Sort by ยป oldest newest most voted
1

answered 2017-03-03 08:12:10 -0500

Bernd Bausch gravatar image

Reposted as answer to get brownie points :)

If you can set up a new all-in-one server, consider connecting it to the external network from the onset: https://www.rdoproject.org/networking...

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2017-03-01 18:13:20 -0500

Seen: 258 times

Last updated: Mar 03