Ask Your Question

Neutron Unable to access Floating IP from from outside world.

asked 2014-05-30 08:28:42 -0500

Deeptanshu gravatar image

updated 2014-05-30 17:01:57 -0500

smaffulli gravatar image

We are using the Neutron version on Icehouse. We are able to ping the Google or any other domain inside the Instance. We are not able to ping floating IP allocated to the instance from the outside world. Our core network is configured correctly as we are able to ping Public IP gateway on the neutron.

edit retag flag offensive close merge delete

3 answers

Sort by ยป oldest newest most voted

answered 2014-06-03 01:58:38 -0500

SGPJ gravatar image

By going through this issue; I suspect the issue could be in ICMP & SSH rules with security group. Check whether you have both ingress & egress for rules and then try to ping/ ssh from outside.


edit flag offensive delete link more




You are right.We have enabled these rules . Now we are able to access floating IP.

Issue is resolved!

Deeptanshu gravatar imageDeeptanshu ( 2014-06-03 02:01:38 -0500 )edit

Troubleshooting your stuff I was unable to expect the errors of such a kind. Sorry

dbaxps gravatar imagedbaxps ( 2014-06-03 03:11:06 -0500 )edit

No problem!!

Thanks for your suggestions.

Deeptanshu gravatar imageDeeptanshu ( 2014-06-03 04:59:41 -0500 )edit

answered 2014-05-31 11:31:28 -0500

Bhupender Kumar gravatar image

updated 2014-05-31 11:32:33 -0500

Working with Deeptanshu on this issue and let me tell you why provided solution not working for us: Things seems fine with all, what is the concern created instance is able to have NAT configuration and Internet is working on new instance. But with icehouse we are not able to access that floating IP from outside.

edit flag offensive delete link more

answered 2014-05-30 08:56:01 -0500

dbaxps gravatar image

updated 2014-05-30 17:01:30 -0500

smaffulli gravatar image

Here are some ideas for you to debug networking issues:

$neutron router-list
$ip netns | grep your-router-id
$ip netns exec qrouter-your-router-id ip a
$ip netns exec qrouter-your-router-id ip ping -c 5 your-instance-floating-IP
$ip netns exec qrouter-your-router-id ifconfig
$ip netns exec qrouter-your-router-id iptables -S -t nat
$ip netns exec qrouter-your-router-id route -n
$ovs-vsctl show ( on Neutron Server)
$neutron agent-list ( on Neutron Server)

Make sure gateway for external subnet belongs public subnet.

edit flag offensive delete link more


Hi, Please find the result of the commands :-

neutron router-list

+--------------------------------------+------------+-----------------------------------------------------------------------------+ | id | name | external_gateway_info | +--------------------------------------+------------+-----------------------------------------------------------------------------+ | 4aeaac60-fc5a-4abd-87d3-0d90d357cb44 | Wan_Router | {"network_id": "8edbe7e2-1683-430e-92a9-9772129ff305", "enable_snat": true} |


ip netns | grep 4aeaac60-fc5a-4abd-87d3-0d90d357cb44


root@network:~# ip netns exec qrouter-4aeaac60-fc5a-4abd-87d3-0d90d357cb44 ip a

1: lo: <loopback,up,lower_up> mtu 65536 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet scope host lo

   valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

   valid_lft forever preferred_lft forever

75: qg-a69cc010-46: <broadcast,up,lower_up> mtu 1500 qdisc noqueue state UNKNOWN

link/ether fa:16:3e:d0:e7:4c brd ff:ff:ff:ff:ff:ff

inet x.x.x.x/23 brd x.x.x.255 scope global qg-a69cc010-46

   valid_lft forever preferred_lft forever

inet x.x.x.x/32 brd x.x.x.x scope global qg-a69cc010-46

   valid_lft forever preferred_lft forever

inet6 fe80::f816:3eff:fed0:e74c/64 scope ...
Deeptanshu gravatar imageDeeptanshu ( 2014-06-02 00:59:39 -0500 )edit

Shoul look like :-

[root@icehouse1 ~(keystone_admin)]# ip netns exec qrouter-2462467b-ea0a-4a40-a093-493572010694 ifconfig
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet  netmask
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

qg-3787602d-29: flags=67<UP,BROADCAST,RUNNING>  mtu 1500
        inet  netmask  broadcast
        inet6 fe80::f816:3eff:feca:62ea  prefixlen 64  scopeid 0x20<link>
        ether fa:16:3e:ca:62:ea  txqueuelen 0  (Ethernet)
        RX packets 81167  bytes 10232593 (9.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 6643  bytes 731247 (714.1 KiB)
        TX errors 0  dropped ...
dbaxps gravatar imagedbaxps ( 2014-06-02 01:36:14 -0500 )edit

Please, post command been used to create external network && subnet
What means x.x.x.x ? You just hide IP or it really looks like this ?

dbaxps gravatar imagedbaxps ( 2014-06-02 01:41:31 -0500 )edit

Hi, Thanks for update!

What we are missing in our configuration ? Please suggest.

Deeptanshu gravatar imageDeeptanshu ( 2014-06-02 01:42:28 -0500 )edit

Please, post command been used to create external network && subnet

dbaxps gravatar imagedbaxps ( 2014-06-02 01:43:46 -0500 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2014-05-30 08:28:42 -0500

Seen: 1,516 times

Last updated: Jun 03 '14