Who can explain about fixed ip with external network

asked 2014-07-11 10:10:15 -0500

sprhawk

I'm curiously about relationship between fixed and external network.

My network setup is here:

The instances of test and test2 are assigned fixed "public ip", but none of which has an working ethernet device in the system.

The instances of test3 and test4 are assigned with fixed "private ip" and assigned floating public ip address. both private ip address and public address are working.

How to explain it?

answered 2014-07-14 05:42:12 -0500

SGPJ

Please refer to this blog link for better network understanding.

answered 2014-07-11 10:50:03 -0500

dbaxps

Regarding L3 routing (test3&&test4) , view

[root@icehouse1 ~(keystone_admin)]# ip netns exec qrouter-ecf9ee4e-b92c-4a5b-a884-d753a184764b iptables -S -t nat
-N neutron-l3-agent-OUTPUT
-N neutron-l3-agent-POSTROUTING
-N neutron-l3-agent-PREROUTING
-N neutron-l3-agent-float-snat
-N neutron-l3-agent-snat
-N neutron-postrouting-bottom
-A PREROUTING -j neutron-l3-agent-PREROUTING
-A OUTPUT -j neutron-l3-agent-OUTPUT
-A POSTROUTING -j neutron-l3-agent-POSTROUTING
-A POSTROUTING -j neutron-postrouting-bottom
-A neutron-l3-agent-OUTPUT -d -j DNAT --to-destination
-A neutron-l3-agent-OUTPUT -d -j DNAT --to-destination
-A neutron-l3-agent-OUTPUT -d -j DNAT --to-destination
-A neutron-l3-agent-POSTROUTING ! -i qg-908c1363-66 ! -o qg-908c1363-66 -m conntrack ! --ctstate DNAT -j ACCEPT
-A neutron-l3-agent-PREROUTING -d -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 9697
-A neutron-l3-agent-PREROUTING -d -j DNAT --to-destination
-A neutron-l3-agent-PREROUTING -d -j DNAT --to-destination
-A neutron-l3-agent-PREROUTING -d -j DNAT --to-destination
-A neutron-l3-agent-float-snat -s -j SNAT --to-source
-A neutron-l3-agent-float-snat -s -j SNAT --to-source
-A neutron-l3-agent-float-snat -s -j SNAT --to-source
-A neutron-l3-agent-snat -j neutron-l3-agent-float-snat
-A neutron-l3-agent-snat -s -j SNAT --to-source
-A neutron-postrouting-bottom -j neutron-l3-agent-snat

test3 && test4 where created attached to private DHCP network and assigned floating IP addresses. test2 and test probably were created with no connection to any private network and assigned floating IPs. I never did this L3 routing avoiding , but I remember Shankar once mentioned that this flat architecture is possible

You mean we can assign only a fixed public ip address to instances without a floating public ip address ?

sprhawk ( 2014-07-11 10:54:29 -0500 )

Is it working for you ? If "yes" it means we can.

dbaxps ( 2014-07-11 10:59:09 -0500 )

it is not for the moment.

sprhawk ( 2014-07-14 22:09:18 -0500 )

