Ask Your Question

can not ping router or vms on private network that I created in openstack

asked 2017-12-04 15:47:07 -0500

jcorkey gravatar image

updated 2017-12-05 10:54:16 -0500

I did a multinode deployment of openstack with kolla on a one control node and one compute node. Because I used kolla to deploy, all openstack services are running in docker containers which is confusing me about how exactly I should trouble shoot this problem.

I can allocate a floating ip to an instance but I can not ssh or ping the floating ip assigned to the instance.

I have add the following security groups as well:

Egress  IPv6    Any Any ::/0    -   
Egress  IPv4    Any Any   -   
Egress  IPv4    ICMP    Any   -   
Ingress IPv4    ICMP    Any   -   
Egress  IPv4    TCP 1 - 65535   -   
Ingress IPv4    TCP 22 (SSH)   -   
Ingress IPv4    TCP 53 (DNS)    -   SecurityGLV 
Ingress IPv4    TCP 80 (HTTP)   -   SecurityGLV 
Ingress IPv4    TCP 443 (HTTPS)   -   
Ingress IPv4    UDP 1 - 65535   -   
Egress  IPv4    UDP 1 - 65535   -

both compute node and control node can ping each other but I cannot ping my vm's floating ip. I went into the console of the vm through the horizon dashboard and tried to ping the public network and the gateway but had no success. The only thing I can successfully ping from the vm instance is the router I created in openstack and other openstack vm's.

Here is info on the control node where all networking services are running:

[root@openstackcontroller ~]# ip netns


in my globals.yml I set em1 as my network_interface and I set em2 as my neutron_external_interface

[root@openstackcontroller ~]# nmcli d

DEVICE          TYPE         STATE         CONNECTION
docker0         bridge       connected     docker0
em1             ethernet     connected     em1
vxlan_sys_4789  vxlan        disconnected  --
em3             ethernet     unavailable   --
em4             ethernet     unavailable   --
p5p1            ethernet     unavailable   --
p5p2            ethernet     unavailable   --
p5p3            ethernet     unavailable   --
p5p4            ethernet     unavailable   --
em2             ethernet     unmanaged     --
lo              loopback     unmanaged     --
br-ex           openvswitch  unmanaged     --
br-int          openvswitch  unmanaged     --
br-tun          openvswitch  unmanaged     --
ovs-system      openvswitch  unmanaged     --

here is the em2 configuration on control node and compute node that I think br-ex uses?


ovs-vsctl show on Control node

[root@openstackcontroller neutron]# docker exec -ti openvswitch_vswitchd ovs-vsctl show
    Manager "ptcp:6640:"
        is_connected: true
    Bridge br-ex
        Controller "tcp:"
            is_connected: true
        fail_mode: secure
        Port "em2"
            Interface "em2"
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
    Bridge br-tun
        Controller "tcp:"
            is_connected: true
        fail_mode: secure
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
        Port br-tun
            Interface br-tun
                type: internal
        Port "vxlan-ac1c0906"
            Interface "vxlan-ac1c0906"
                type: vxlan
                options: {df_default="true", in_key=flow, local_ip="", out_key=flow, remote_ip=""}
    Bridge br-int
        Controller "tcp:"
            is_connected: true
        fail_mode: secure
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port int-br-ex
            Interface int-br-ex
                type: patch ...
edit retag flag offensive close merge delete

1 answer

Sort by » oldest newest most voted

answered 2017-12-13 11:00:14 -0500

jcorkey gravatar image

All I had to do to fix this was to go into horizon and create the Public network as a Flat provider network type by going to the Admin>Network>networks on the left hand panel and create the public network from there NOT from the Project>Network>networks panel.

Here's the steps I followed:

   Under Admin>Network in the left hand panel select “Networks”
   Select the "+Create Network"
   Provide Network name for public network under "Network Name"
   Select a project from the dropdown list “Project_NAME”
   Select a provider network type. This is IMPORTANT. Select “Flat” for the type and enter “physnet1” for the physical network. [](http://)
   Check "Enable Admin State"
   Check “External Network”
   Check “Create Subnet”
   Enable the Create Subnet checkbox if not already done.
   Select "Next"
   Provide "Subnet Name"
   Provide "Public Network Address"
   Provide its "Gateway IP"
   Leave the rest default and select "Next"
   Under "Subnet Details"> Allocation Pools, provide a range of subnets that will be used for floatingIPs and Select "Create"
edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools



Asked: 2017-12-04 15:47:07 -0500

Seen: 2,372 times

Last updated: Dec 13 '17