How to access an instance conncted to a VLAN

asked 2018-02-15

yas

I recently installed Openstack pike (using packstack). Network configuration works fine(flat networks, instances works fine). I did the following tasks:

  • Multiple VLANs should be created (done)
  • each VLAN has an instance (done)
  • Instances should ping and access "Network equipment" in the same VLAN (also done)

Each instance should be accessed through ssh from an external network. I faced a problem achieving this because the instances belong to VLANs (one instance per VLAN). each instance has a floating IP from the appropriate VLAN (to be able to communicate with equipment from the same VLAN). Is there any solution to access the instance from a machine that did not belong to the VLAN. (I cannot associate two floating IPs to the same instance)

Thank you

I am confused. You created an EXTERNAL network VLANs? Is this network mapped to the br-ex? Is this network mapped to the physnet1?

The Floating IPs should belong to an externally accessible network. From your description it looks like it's not.

Peter Tselios ( 2018-02-15 15:31:44 -0600 )

yes it is. Multiple External Networks (of type VLAN) are created. VLAN with Segmentation ID=100 and VLAN with segmentation ID =101. each of which is linked to a private Openstack network through a router. Each instance has a floating IP.

yas ( 2018-02-16 04:01:47 -0600 )

In another word, each instance belongs to a VLAN. It can ping physical equipment that belongs to its VLAN (I have no problem doing that). My problem is that I cannot access the instance from an external network. I am looking for a solution how to access to a VM in a VLANx through ssh

yas ( 2018-02-16 04:04:39 -0600 )

The machine we use to access VMs should not be in any VLAN and must access all VMs connected to different VLANs. I am looking for a solution because I cannot associate two floating IP to an instance.

yas ( 2018-02-16 04:07:36 -0600 )

1 answer

answered 2018-02-22

yas

updated 2018-02-22 05:01:21 -0600

The solution is to create another network provider. do the necessary changes (configuration files)

  • Launch an instance connected to the VLANi

  • Attach an interface to link the instance to the new created network

  • add a second floating ip ( (add second floating ip to an instance)) do not tey to add a floating ip address from Horizon it does not allow you to do that.
  • add a second routing table to be able to ssh the instance ( (configure multiple Floating IP for one instance))
  • Sometimes you need to reduce the mtu (maximum transport unit) of the instance NIC (in case when the ping works but the ssh won't)

    sudo ip link set mtu 1400 dev NIC_name

This configuration is tested and it works for me. Hope this help someone in the future

