can't ping from controller node to external network

asked 2014-05-09 02:54:25 -0500

siouffy gravatar image

updated 2014-05-09 02:55:19 -0500

Hi everybody, I've installed a two node OpenStack cluster. A Controller node and Compute node using legacy nova-network. I followed the tutorial on the website. Im running the controller and compute nodes as virtual machines each has ubuntu 14.04 (LTS) server installed. OpenStack version : icehouse

Problem1 (Solved): At the beginning I could not ping the vm instances from the compute node (operation not permitted), neither could ping from one vm instance to another, but i changed nova.conf (at the compute node) to allow same network traffic (which was set false in the tutorial) --> this worked .

Problem now I still can't ping from controller node to the external network. So not the vm instances nor the compute node (on external network interface) could be pinged from the controller, but i can do the opposite. I can ping the controller from the compute node and from any of the vm instances.

Notes: - The vm instanced are connected to the internet.
-The controller can ping the compute on the managment interface


Netowrk Configuration (Controller)

#management interface
auto eth0
iface eth0 inet static
address 192.168.242.11
netmask 255.255.255.0
gateway 192.168.242.2
dns-nameservers 192.168.242.2

Network Configuration (compute1)

#management interface
auto eth0
iface eth0 inet static
address 192.168.242.31
netmask 255.255.255.0
gateway 192.168.242.2
dns-nameservers 192.168.242.2

#external network interface
auto eth0:0
iface eth0:0 inet manual
up ip link set dev $IFACE up
down ip link set dev $IFACE down


nova.conf (compute -network part)

network_api_class = nova.network.api.API
security_group_api = nova
firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver
network_manager = nova.network.manager.FlatDHCPManager
network_size = 254
allow_same_net_traffic = True
multi_host = True
send_arp_for_ha = True
share_dhcp_address = True
force_dhcp_release = True
flat_network_bridge = br100
flat_interface = eth0:0
public_interface = eth0:0


configured security groups to allow all ICMP (-1 -1)


any clue what could be my problem ?

edit retag flag offensive close merge delete