How to access internet from VM instance in Openstack?

asked 2020-01-14 07:12:43 -0500

radeksk gravatar image

updated 2020-01-19 06:22:08 -0500

Hello everyone. I've been scratching my head for last 5 days, almost went to the end of Internet, read a lot of tutorials, made a lot of re installations an re configurations of openstack but at the and of the day could not resolve this problem... So i think you guys ( and girls ) are my last hope.

Okay to the point.

  • LAN - 192.168.0.0/24
  • Router IP (Gateway) - 192.168.0.1
  • MacOS Laptop - 192.168.0.192 / Has internet access
  • CentOS 7 running on VirtualBox with promiscuous mode set for all and with ip 192.168.0.22 / Has internet access

The problem is I cannot ping my physical router ( 192.168.0.1 ) nor access Internet from any of my VM instance and not even from external router ( linux namespace ). What is weird, I can ping VM instances (which have floating IP's) from my MacOS Laptop and CentOS7 VM. Also there is no problem to ssh them in both cases. In addition, firewalld is disabled on my host machine and ipv4 port forwarding is set to 1, port security setting are configured to allow traffic flow on port 80,20 and ICMP both Ingress and Egress.

Hope this set of configurations will help you find the bug.

My ip a command on CentOS 7: https://textuploader.com/16d1u (link text)

My packstack answer file: https://textuploader.com/16d1g (link text)

My /etc/sysconfig/network-scripts/ifcfg-br-ex configuration: https://textuploader.com/16d1p (link text)

My /etc/sysconfig/network-scripts/ifcfg-enp0s3 configuration: https://textuploader.com/16d1z (link text)

brctl show and ovs-vsctl show: https://textuploader.com/16d1i (link text)

neutron net-list: https://textuploader.com/16dta (link text)

Network topology: https://ibb.co/drJS3Bf (link text)

UPDATE 19.01.20

I've created a new external network in Openstack environment but this time as a gateway I used 192.168.0.22 which is my CentOS host ip (before I used 192.168.0.1) . After this, I can ping my physical router (192.168.0.1) from any place (VM instances, router namespace) but still cannot ping 8.8.8.8... When trying to, I get a "Redirect Host" message. -> https://pastebin.com/bSQhbkBc

edit retag flag offensive close merge delete

Comments

This is weird because normally people have the opposite problem - internet access ok, but no VM access from outside.

To get clues, I would check the routing tables on Centos and in the router's namespace. Also tcpdump'ing traffic in and outside the namespace.

Bernd Bausch gravatar imageBernd Bausch ( 2020-01-14 19:35:03 -0500 )edit

Thank's for replaying to this post @Bernd Bausch, also for idea of solving the problem. For me, routing table for centOS looks okay, check it here - https://textuploader.com/16dxk (link text)(CentOS), but i have a feeling something might be missing in qrouter table - https://textuploader.com/16dxl

radeksk gravatar imageradeksk ( 2020-01-15 07:24:02 -0500 )edit

Here is a tcpdump output from router's namespace https://textuploader.com/16dxg (link text). I pinged it both from virtual network as well as from physical one also: Mac < - >V Instance, V Instance -> Router's physical gateway, but I think it didn't capture it... Am I doing something wrong?

radeksk gravatar imageradeksk ( 2020-01-15 07:33:14 -0500 )edit

Make the gateway for the new external network which you have made same as your real gateway which as you mentioned is the router (192.168.0.1) so that the VM can go directly to router no need to host routing

bel var gravatar imagebel var ( 2020-01-22 06:39:42 -0500 )edit

Thank for the advice @bel var. After editing gateway only one thing changed, when I ping 8.8.8.8 from qrouter namespace I get weird response : https://pastebin.com/DkQj4Tcp

radeksk gravatar imageradeksk ( 2020-01-22 07:45:21 -0500 )edit