Using OpenStack with existing LAN Network

asked 2013-05-16 19:59:02 -0600

jzwiep gravatar image

We'd like to have OpenStack integrated with our existing LAN network. We want to assign a subnet not managed by our network's DHCP to nova-network. Right now, VMs spawn and aquire their addresses fine, but they can't ping any addresses outside of their subnet.

So we can ping other VMs, we can ping the compute/controller hosts, we can ping other machines that are assigned an address in the VM Subnet, machines can ping VMs, but we just can't get the VMs to be able to ping addresses outside of both their subnet and the OpenStack setup.

Any help would be greatly appreciated!

Our current setup:

OpenStack Essex


VM Subnet:


--root_helper=sudo nova-rootwrap

# vnc specific configuration

# network specific settings

# RabbitMQ settings


auto lo
iface lo inet loopback

auto eth1
iface eth1 inet dhcp

auto eth0
iface eth0 inet dhcp

auto br100
iface br100 inet dhcp
        bridge_stp off
        bridge_fd 0


sudo nova-manage network create camera_network --fixed_range_v4= --bridge_interface=br100 --num_networks=1 --network_size=256


br100     Link encap:Ethernet  HWaddr 3a:7c:6e:51:bf:1f
          inet addr:  Bcast:  Mask:
          inet6 addr: fe80::387c:6eff:fe51:bf1f/64 Scope:Link
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:1328 (1.3 KB)

eth0      Link encap:Ethernet  HWaddr d4:ae:52:bb:9f:2c
          inet addr:  Bcast:  Mask:
          RX packets:3845153 errors:0 dropped:237 overruns:0 frame:0
          TX packets:446 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:3487867583 ...
edit retag flag offensive close merge delete


Hi, thanks for the question. May I ask if there's a reason you need to keep running the Essex release? Just because there's been some improvements in Folsom and Grizzly that may make this situation easier ...

fifieldt gravatar imagefifieldt ( 2013-05-16 23:12:30 -0600 )edit

Same question, why Essex? For Folsom and Grizzly take a look here:

Alen Komljen gravatar imageAlen Komljen ( 2013-05-17 02:11:04 -0600 )edit

Essex is just what the current system happens to be running. Upgrading is definitely possible though. What kind of changes made in Folsom/Grizzly make this setup easier?

jzwiep gravatar imagejzwiep ( 2013-05-17 19:56:52 -0600 )edit

2 answers

Sort by ยป oldest newest most voted

answered 2013-07-24 20:59:05 -0600

jzwiep gravatar image

Managed to fix it.

I corrected the fixed_range in nova.conf to match nova's network, and added this config option:


This stops VM traffic from getting SNATTED (

edit flag offensive delete link more

answered 2013-05-18 01:57:15 -0600

Try same as I did with Folsom and Grizzly. Here are configuration changes:

edit flag offensive delete link more


I actually did find and follow that exactly while trying our initial configuration. It caused almost everything to work correctly except for VMs being able to ping outside of their subnet. Do you think that switching to Folsom or Grizzly would fix that?

jzwiep gravatar imagejzwiep ( 2013-05-18 12:50:18 -0600 )edit

Did you try to enable ip forwarding on controller node? Try that: echo 1 > /proc/sys/net/ipv4/ip_forward and restart networking

Alen Komljen gravatar imageAlen Komljen ( 2013-05-18 16:13:21 -0600 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2013-05-16 19:59:02 -0600

Seen: 1,311 times

Last updated: Jul 24 '13