Ask Your Question

Who can explain about fixed ip with external network

asked 2014-07-11 10:10:15 -0500

sprhawk gravatar image

I'm curiously about relationship between fixed and external network.

My network setup is here:

The instances of test and test2 are assigned fixed "public ip", but none of which has an working ethernet device in the system.

The instances of test3 and test4 are assigned with fixed "private ip" and assigned floating public ip address. both private ip address and public address are working.

How to explain it?

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted

answered 2014-07-14 05:42:12 -0500

SGPJ gravatar image

Please refer to this blog link for better network understanding.

edit flag offensive delete link more

answered 2014-07-11 10:50:03 -0500

dbaxps gravatar image

Regarding L3 routing (test3&&test4) , view

[root@icehouse1 ~(keystone_admin)]# ip netns exec qrouter-ecf9ee4e-b92c-4a5b-a884-d753a184764b iptables -S -t nat
-N neutron-l3-agent-OUTPUT
-N neutron-l3-agent-POSTROUTING
-N neutron-l3-agent-PREROUTING
-N neutron-l3-agent-float-snat
-N neutron-l3-agent-snat
-N neutron-postrouting-bottom
-A PREROUTING -j neutron-l3-agent-PREROUTING
-A OUTPUT -j neutron-l3-agent-OUTPUT
-A POSTROUTING -j neutron-l3-agent-POSTROUTING
-A POSTROUTING -j neutron-postrouting-bottom
-A neutron-l3-agent-OUTPUT -d -j DNAT --to-destination
-A neutron-l3-agent-OUTPUT -d -j DNAT --to-destination
-A neutron-l3-agent-OUTPUT -d -j DNAT --to-destination
-A neutron-l3-agent-POSTROUTING ! -i qg-908c1363-66 ! -o qg-908c1363-66 -m conntrack ! --ctstate DNAT -j ACCEPT
-A neutron-l3-agent-PREROUTING -d -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 9697
-A neutron-l3-agent-PREROUTING -d -j DNAT --to-destination
-A neutron-l3-agent-PREROUTING -d -j DNAT --to-destination
-A neutron-l3-agent-PREROUTING -d -j DNAT --to-destination
-A neutron-l3-agent-float-snat -s -j SNAT --to-source
-A neutron-l3-agent-float-snat -s -j SNAT --to-source
-A neutron-l3-agent-float-snat -s -j SNAT --to-source
-A neutron-l3-agent-snat -j neutron-l3-agent-float-snat
-A neutron-l3-agent-snat -s -j SNAT --to-source
-A neutron-postrouting-bottom -j neutron-l3-agent-snat

test3 && test4 where created attached to private DHCP network and assigned floating IP addresses. test2 and test probably were created with no connection to any private network and assigned floating IPs. I never did this L3 routing avoiding , but I remember Shankar once mentioned that this flat architecture is possible

edit flag offensive delete link more


You mean we can assign only a fixed public ip address to instances without a floating public ip address ?

sprhawk gravatar imagesprhawk ( 2014-07-11 10:54:29 -0500 )edit

Is it working for you ? If "yes" it means we can.

dbaxps gravatar imagedbaxps ( 2014-07-11 10:59:09 -0500 )edit

it is not for the moment.

sprhawk gravatar imagesprhawk ( 2014-07-14 22:09:18 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2014-07-11 10:10:15 -0500

Seen: 153 times

Last updated: Jul 14 '14