Ask Your Question
1

Neutron Unable to access Floating IP from from outside world.

asked 2014-05-30 08:28:42 -0600

Deeptanshu gravatar image

updated 2014-05-30 17:01:57 -0600

smaffulli gravatar image

We are using the Neutron version on Icehouse. We are able to ping the Google or any other domain inside the Instance. We are not able to ping floating IP allocated to the instance from the outside world. Our core network is configured correctly as we are able to ping Public IP gateway on the neutron.

edit retag flag offensive close merge delete

3 answers

Sort by ยป oldest newest most voted
1

answered 2014-06-03 01:58:38 -0600

SGPJ gravatar image

By going through this issue; I suspect the issue could be in ICMP & SSH rules with security group. Check whether you have both ingress & egress for rules and then try to ping/ ssh from outside.

Thanks.

edit flag offensive delete link more

Comments

1

Hi,

You are right.We have enabled these rules . Now we are able to access floating IP.

Issue is resolved!

Deeptanshu gravatar imageDeeptanshu ( 2014-06-03 02:01:38 -0600 )edit

Troubleshooting your stuff I was unable to expect the errors of such a kind. Sorry

dbaxps gravatar imagedbaxps ( 2014-06-03 03:11:06 -0600 )edit

No problem!!

Thanks for your suggestions.

Deeptanshu gravatar imageDeeptanshu ( 2014-06-03 04:59:41 -0600 )edit
0

answered 2014-05-31 11:31:28 -0600

Bhupender Kumar gravatar image

updated 2014-05-31 11:32:33 -0600

Working with Deeptanshu on this issue and let me tell you why provided solution not working for us: Things seems fine with all, what is the concern created instance is able to have NAT configuration and Internet is working on new instance. But with icehouse we are not able to access that floating IP from outside.

edit flag offensive delete link more
0

answered 2014-05-30 08:56:01 -0600

dbaxps gravatar image

updated 2014-05-30 17:01:30 -0600

smaffulli gravatar image

Here are some ideas for you to debug networking issues:

$neutron router-list
$ip netns | grep your-router-id
$ip netns exec qrouter-your-router-id ip a
$ip netns exec qrouter-your-router-id ip ping -c 5 your-instance-floating-IP
$ip netns exec qrouter-your-router-id ifconfig
$ip netns exec qrouter-your-router-id iptables -S -t nat
$ip netns exec qrouter-your-router-id route -n
$ovs-vsctl show ( on Neutron Server)
$neutron agent-list ( on Neutron Server)

Make sure gateway for external subnet belongs public subnet.

edit flag offensive delete link more

Comments

Hi, Please find the result of the commands :-

neutron router-list

+--------------------------------------+------------+-----------------------------------------------------------------------------+ | id | name | external_gateway_info | +--------------------------------------+------------+-----------------------------------------------------------------------------+ | 4aeaac60-fc5a-4abd-87d3-0d90d357cb44 | Wan_Router | {"network_id": "8edbe7e2-1683-430e-92a9-9772129ff305", "enable_snat": true} |

+--------------------------------------+------------+-----------------------------------------------------------------------------+

ip netns | grep 4aeaac60-fc5a-4abd-87d3-0d90d357cb44

qrouter-4aeaac60-fc5a-4abd-87d3-0d90d357cb44


root@network:~# ip netns exec qrouter-4aeaac60-fc5a-4abd-87d3-0d90d357cb44 ip a

1: lo: <loopback,up,lower_up> mtu 65536 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

   valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

   valid_lft forever preferred_lft forever

75: qg-a69cc010-46: <broadcast,up,lower_up> mtu 1500 qdisc noqueue state UNKNOWN

link/ether fa:16:3e:d0:e7:4c brd ff:ff:ff:ff:ff:ff

inet x.x.x.x/23 brd x.x.x.255 scope global qg-a69cc010-46

   valid_lft forever preferred_lft forever

inet x.x.x.x/32 brd x.x.x.x scope global qg-a69cc010-46

   valid_lft forever preferred_lft forever

inet6 fe80::f816:3eff:fed0:e74c/64 scope ...
(more)
Deeptanshu gravatar imageDeeptanshu ( 2014-06-02 00:59:39 -0600 )edit

Shoul look like :-

[root@icehouse1 ~(keystone_admin)]# ip netns exec qrouter-2462467b-ea0a-4a40-a093-493572010694 ifconfig
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

qg-3787602d-29: flags=67<UP,BROADCAST,RUNNING>  mtu 1500
        inet 192.168.1.50  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::f816:3eff:feca:62ea  prefixlen 64  scopeid 0x20<link>
        ether fa:16:3e:ca:62:ea  txqueuelen 0  (Ethernet)
        RX packets 81167  bytes 10232593 (9.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 6643  bytes 731247 (714.1 KiB)
        TX errors 0  dropped ...
(more)
dbaxps gravatar imagedbaxps ( 2014-06-02 01:36:14 -0600 )edit

Please, post command been used to create external network && subnet
What means x.x.x.x ? You just hide IP or it really looks like this ?

dbaxps gravatar imagedbaxps ( 2014-06-02 01:41:31 -0600 )edit

Hi, Thanks for update!

What we are missing in our configuration ? Please suggest.

Deeptanshu gravatar imageDeeptanshu ( 2014-06-02 01:42:28 -0600 )edit

Please, post command been used to create external network && subnet

dbaxps gravatar imagedbaxps ( 2014-06-02 01:43:46 -0600 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2014-05-30 08:28:42 -0600

Seen: 1,427 times

Last updated: Jun 03 '14