Instances cannot reach extnet default gw (via floating IP's)

asked 2020-08-12 12:30:16 -0500

frippe1975 gravatar image

Setup is CentOS7 and Openstack release is Rocky.

The setup was working when I decided to add a VLAN provider network which I think is related. Problem now is that existing instances that had floating ip's on extnet cannot be reached from outside neutron host.

  • Default Gateway = 192.168.0.1
  • Neutron host = 192.168.0.5
  • Floating IP range = 192.168.0.150 - 192.168.0.200

The neutron host can reach the floating IP's and the default GW but if I try to ping from the default GW or any other 192.168.0.x addresses they cannot reach instances (because traffic is not coming back successfully).


Pinging from instance to neutron host works

[centos@ubiquity ~]$ ping 192.168.0.5
PING 192.168.0.5 (192.168.0.5) 56(84) bytes of data.
64 bytes from 192.168.0.5: icmp_seq=1 ttl=63 time=0.226 ms


Pinging default gw does not

--- 192.168.0.5 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.226/0.226/0.226/0.000 ms
[centos@ubiquity ~]$ ping 192.168.0.1
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.


[root@neutron01~(keystone_admin)]# neutron router-list -F id -F name
+--------------------------------------+-----------+
| id                                   | name      |
+--------------------------------------+-----------+
| 38310758-de06-46c9-bf50-3ca19d574914 | router-10 |
+--------------------------------------+-----------+

Network namespace of router-10

 [root@neutron01~(keystone_admin)]# ip netns
qrouter-38310758-de06-46c9-bf50-3ca19d574914 (id: 3)

Namespace can ping the ubiquity instance

[root@neutron01~(keystone_admin)]# ip netns exec qrouter-38310758-de06-46c9-bf50-3ca19d574914 ping 192.168.0.162
PING 192.168.0.162 (192.168.0.162) 56(84) bytes of data.
64 bytes from 192.168.0.162: icmp_seq=1 ttl=64 time=0.782 ms
64 bytes from 192.168.0.162: icmp_seq=2 ttl=64 time=0.224 ms

But not the default GW

[root@neutron01~(keystone_admin)]# ip netns exec qrouter-38310758-de06-46c9-bf50-3ca19d574914 ping 192.168.0.1
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
^C
--- 192.168.0.1 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 3999ms

Can ping the neutron host IP (on br-ex)

[root@neutron01~(keystone_admin)]# ip netns exec qrouter-38310758-de06-46c9-bf50-3ca19d574914 ping 192.168.0.5
PING 192.168.0.5 (192.168.0.5) 56(84) bytes of data.
64 bytes from 192.168.0.5: icmp_seq=1 ttl=64 time=0.067 ms
64 bytes from 192.168.0.5: icmp_seq=2 ttl=64 time=0.059 ms

Not really sure how this got this way. Any hints is really appreciated!

edit retag flag offensive close merge delete

Comments

Are you able to rollback to the working state and then reproduce this? The floating IPs have been there before, so which network did you try to add?

eblock gravatar imageeblock ( 2020-08-14 06:56:42 -0500 )edit