Neutron Vpnaas
Hi all! i'm trying to configure a VPN in Neutron. I'm using Ubuntu 12.04 and Cloud Archive Package. I configured the VPN following this link :
https://wiki.openstack.org/wiki/Neutron/VPNaaS/HowToInstall (https://wiki.openstack.org/wiki/Neutr...)
root@:~# neutron vpn-service-list +--------------------------------------+-------+--------------------------------------+--------+ | id | name | router_id | status | +--------------------------------------+-------+--------------------------------------+--------+ | b47bdcbe-5339-41ac-b53b-329872586377 | MyVPN | 676e62ec-c58a-4d58-84e3-6a5c6a2aa732 | DOWN | +--------------------------------------+-------+--------------------------------------+--------+
VPN stay down and in the log, i can find this trace.
2013-11-04 13:07:41.720 8115 TRACE neutron.services.vpn.device_drivers.ipsec 2013-11-04 13:07:41.887 8115 WARNING neutron.openstack.common.loopingcall [-] task run outlasted interval by 1.875024 sec 2013-11-04 13:10:13.830 10188 ERROR neutron.common.legacy [-] Skipping unknown group key: firewall_driver 2013-11-04 13:10:19.347 10188 ERROR neutron.services.vpn.device_drivers.ipsec [-] Failed to enable vpn process on router 676e62ec-c58a-4d58-84e3-6a5c6a2aa732 2013-11-04 13:10:19.347 10188 TRACE neutron.services.vpn.device_drivers.ipsec Traceback (most recent call last): 2013-11-04 13:10:19.347 10188 TRACE neutron.services.vpn.device_drivers.ipsec File "/usr/lib/python2.7/dist-packages/neutron/services/vpn/device_drivers/ipsec.py", line 241, in enable 2013-11-04 13:10:19.347 10188 TRACE neutron.services.vpn.device_drivers.ipsec self.start() 2013-11-04 13:10:19.347 10188 TRACE neutron.services.vpn.device_drivers.ipsec File "/usr/lib/python2.7/dist-packages/neutron/services/vpn/device_drivers/ipsec.py", line 382, in start 2013-11-04 13:10:19.347 10188 TRACE neutron.services.vpn.device_drivers.ipsec '--virtual_private', virtual_private 2013-11-04 13:10:19.347 10188 TRACE neutron.services.vpn.device_drivers.ipsec File "/usr/lib/python2.7/dist-packages/neutron/services/vpn/device_drivers/ipsec.py", line 311, in _execute 2013-11-04 13:10:19.347 10188 TRACE neutron.services.vpn.device_drivers.ipsec check_exit_code=check_exit_code) 2013-11-04 13:10:19.347 10188 TRACE neutron.services.vpn.device_drivers.ipsec File "/usr/lib/python2.7/dist-packages/neutron/agent/linux/ip_lib.py", line 458, in execute 2013-11-04 13:10:19.347 10188 TRACE neutron.services.vpn.device_drivers.ipsec check_exit_code=check_exit_code) 2013-11-04 13:10:19.347 10188 TRACE neutron.services.vpn.device_drivers.ipsec File "/usr/lib/python2.7/dist-packages/neutron/agent/linux/utils.py", line 62, in execute 2013-11-04 13:10:19.347 10188 TRACE neutron.services.vpn.device_drivers.ipsec raise RuntimeError(m) 2013-11-04 13:10:19.347 10188 TRACE neutron.services.vpn.device_drivers.ipsec RuntimeError: 2013-11-04 13:10:19.347 10188 TRACE neutron.services.vpn.device_drivers.ipsec Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'qrouter-676e62ec-c58a-4d58-84e3-6a5c6a2aa732', 'ipsec', 'pluto', '--ctlbase', '/var/lib/neutron/ipsec/676e62ec-c58a-4d58-84e3-6a5c6a2aa732/var/run/pluto', '--ipsecdir', '/var/lib/neutron/ipsec/676e62ec-c58a-4d58-84e3-6a5c6a2aa732/etc', '--use-netkey', '--uniqueids', '--nat_traversal', '--secretsfile', '/var/lib/neutron/ipsec/676e62ec-c58a-4d58-84e3-6a5c6a2aa732/etc/ipsec.secrets', '--virtual_private', '%v4:192.168.1.0/24,%v4:10.0.0.0/24'] 2013-11-04 13:10:19.347 10188 TRACE neutron.services.vpn.device_drivers.ipsec Exit code: 99 2013-11-04 13:10:19.347 10188 TRACE neutron.services.vpn.device_drivers.ipsec Stdout: '' 2013-11-04 13:10:19.347 10188 TRACE neutron.services.vpn.device_drivers.ipsec Stderr: '/usr/bin/neutron-rootwrap: Unauthorized command: ip netns exec qrouter-676e62ec-c58a-4d58-84e3-6a5c6a2aa732 ipsec pluto --ctlbase /var/lib/neutron/ipsec/676e62ec-c58a-4d58-84e3-6a5c6a2aa732/var/run/pluto --ipsecdir ...