Ask Your Question
1

Instance Internet connection problems

asked 2014-05-29 08:01:00 -0600

hrzbrg gravatar image

Hi,

I have a 3 node setup with vagrant + VirtualBox which is similar to the official OpenStack Manuals. To give my instances access to the internet I added another bridged interface to my Network Node and an SANT rule. My network node is at 192.168.10.201 and my instances receive floating IPs from 192.168.10.10 to 20. I set the gateway of the external subnet to 192.168.10.201. So the traffic from the instances is received at the network node and from there to my labs LAN. The above mentioned SNAT rule is

iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -j SNAT --to-source <IP from bridge to lab LAN>

Now my problems start. From the instances I ruled out the usual GRE issues and set the MTU down. I can now ping hostnames successfully. But if I try to wget a file it takes ~30 secs to start the download and then is extremely slow. I can't figure out why it takes so long for the transfer to start. I would love some suggestions or maybe other ways to give my instances a proper internet connection. How did you make it in your testlab?

Thanks

edit retag flag offensive close merge delete

Comments

Hi, in my experience standard configuration for external subnet should set the gateway as your real gateway. Then you do not need any additional SNAT rule on your network node.

Have you tried that configuration and switched to the actual one for any reason?

Antonio G. gravatar imageAntonio G. ( 2014-05-29 08:12:07 -0600 )edit

Would this changes to iptables help
$ iptables -A FORWARD -d 192.168.10.0/24 -j ACCEPT
$ iptables -A FORWARD -s 192.168.10.0/24 -j ACCEPT
$ iptables -t nat -I POSTROUTING 1 -s 192.168.10.0/24 -o eth0 -j MASQUERADE

dbaxps gravatar imagedbaxps ( 2014-05-29 08:17:52 -0600 )edit

Antonio - Tried that, no internet than.

@dbaxps - Switching to these rules made the problem not better or worse.

hrzbrg gravatar imagehrzbrg ( 2014-05-29 08:51:53 -0600 )edit

I would try
$ tcpdump -vv -i eth0 ( on Neutron Server Node)
when VM does slow networking. I guess somewhere incorrect checksums should be captured
You better know your gateways and bridges to verify for bad checksums. Then disable checksums offloading on this interface.

dbaxps gravatar imagedbaxps ( 2014-05-29 09:03:00 -0600 )edit

On Compute Node when instance is running brctl show should report you qbr-xxxxxxxx bridge.

First thing to verify is the vm's bridge. For instance:
$ brctl show
bridge name bridge id STP enabled interfaces
qbr1492886c-c7 8000.46de29f7bcc9 no qvb1492886c-c7
qbr6cc9af1a-5f 8000.aa387a60beaa no qvb6cc9af1a-5f
qbrd18de1da-fd 8000.3a26a24a7968 no qvbd18de1da-fd
qbrfb873e61-0a 8000.b2fb77d43bd6 no qvbfb873e61-0a
tapfb873e61-0a
$tcpdump -vv -i qbrfb873e61-0a

dbaxps gravatar imagedbaxps ( 2014-05-29 10:47:25 -0600 )edit
add a comment

3 answers

Sort by ยป oldest newest most voted
4

answered 2014-05-30 10:33:52 -0600

hrzbrg gravatar image

Answering my own question \o/

What I did was confusing and I got it right now I think.

Controller Node: eth3 - 192.168.10.200

Network Node: eth3 - 192.168.10.201

Compute Node: eth3 - 192.168.10.203

For my external net I created a subnet:

neutron subnet-create --tenant-id <blabla> --name float_subnet_1 --allocation-pool start=192.168.10.10,end=192.168.10.20 --gateway 192.168.10.1 ext_net 192.168.10.0/24 --enable_dhcp=False

On the network node the br-ex is attached to eth3. Now on the host machine, where the three VirtualBoxes are running, I created an SNAT rule:

iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -j SNAT --to-source <IP of Host Machine in Lab LAN>

So the packets that come from the 192.168.10.0/24 network get the source address of the hypervisor machine. The packets run smoothly now, but I'm facing another problem. Maybe you will hear more about it in my next question. Stay tuned ;D

edit flag offensive delete link more
add a comment
1

answered 2014-07-30 06:21:11 -0600

phiche gravatar image

The equivalent of doing this on OSX (using pfctl instead of iptables) can be found here: https://forums.virtualbox.org/viewtopic.php?f=8&t=47959 (https://forums.virtualbox.org/viewtop...)

Not sure if there is a better way to do this using some vagrant magic perhaps?

edit flag offensive delete link more
add a comment
0

answered 2020-08-29 08:53:11 -0600

aksmew gravatar image

To connect with the internet you would have to setup a network in accordance to your ineternet network with br-ex bridge setup and dns setup.

kindly visit this blog step by step setup information guide

http://emieduco.com/blog/2020/07/07/internet-connectivity-in-openstack-virtual-machine-vm/ (http://emieduco.com/blog/2020/07/07/i...)

edit flag offensive delete link more
add a comment

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

subscribe to rss feed

Stats

Asked: 2014-05-29 08:01:00 -0600

Seen: 3,669 times

Last updated: Jul 30 '14

Related questions

Liberty: Internal DNS with Neutron

Cannot Ping/connect to floating ip from public network.

'ExtensionManager' object does not support item assignment

Failed to Associate Floating IP

quantum admin plugin for horizon

lbaas-agent high availablity

unable to associate floating ip into instance

Allowed address Pairs

Database table does not exists error

Error: Unable to connect to Neutro