Ask Your Question
2

cannot ping external gateway

asked 2014-07-23 21:53:53 -0500

laocius gravatar image

updated 2014-07-24 07:37:14 -0500

dbaxps gravatar image

Hi, I have installed icehouse with ovs vlan configuration.

The problem is I can ping the public IP address of my router but cannot ping external gateway from my instance.

My instance has internal IP 192.48.1.51 and a floating IP 135.252.167.187. My router has subnet 192.48.1.0/24 and gateway 135.252.167.186

ip netns exec qrouter-e3119ff4-2fac-4226-9e63-009cfce8ac4c ping 135.252.167.1

PING 135.252.167.1 (135.252.167.1) 56(84) bytes of data.

From 135.252.167.186 icmp_seq=2 Destination Host Unreachable

From 135.252.167.186 icmp_seq=3 Destination Host Unreachable



[root@ih-controller neutron]# ip netns list

qdhcp-9053301a-68a1-432d-8236-a5683d9bc938

qrouter-24953470-825f-4d21-ada7-a184a1a284e9

qrouter-def819d1-8df8-48e0-9e86-781dbd59ccb1

qrouter-e3119ff4-2fac-4226-9e63-009cfce8ac4c

qdhcp-a9d5784b-55af-43e9-bf2d-65e124eb0aa5

qdhcp-3faf6489-42ca-455f-970e-af90e90008ba

qdhcp-d1eff285-c53a-41d5-913f-953a3b7d10ad

[root@ih-controller neutron]# ip netns exec qrouter-e3119ff4-2fac-4226-9e63-009cfce8ac4c ifconfig

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:4 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:448 (448.0 b)  TX bytes:448 (448.0 b)

qg-256b404e-50 Link encap:Ethernet  HWaddr FA:16:3E:2A:D3:D0  
          inet addr:135.252.167.186  Bcast:135.252.167.255  Mask:255.255.255.0
          inet6 addr: fe80::f816:3eff:fe2a:d3d0/64 Scope:Link
          UP BROADCAST RUNNING  MTU:1500  Metric:1
          RX packets:191469 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1293 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:16274751 (15.5 MiB)  TX bytes:123922 (121.0 KiB)

qr-c87773a3-79 Link encap:Ethernet  HWaddr FA:16:3E:03:42:C3  
          inet addr:192.48.1.254  Bcast:192.48.1.255  Mask:255.255.255.0
          inet6 addr: fe80::f816:3eff:fe03:42c3/64 Scope:Link
          UP BROADCAST RUNNING  MTU:1500  Metric:1
          RX packets:1286 errors:0 dropped:0 overruns:0 frame:0
          TX packets:41 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:124478 (121.5 KiB)  TX bytes:1986 (1.9 KiB)








[root@ih-controller neutron]# neutron router-list

+--------------------------------------+------------+-------------------------------------------------------------
----------------+
| id                                   | name       | external_gateway_info                                                       |
+--------------------------------------+------------+-----------------------------------------------------------------------------+
| e3119ff4-2fac-4226-9e63-009cfce8ac4c | router_ext | {"network_id": "0b78bc26-0374-47ed-8f0b-66d18e3bd86b", "enable_snat": true} |
+--------------------------------------+------------+-----------------------------------------------------------------------------+
edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted
1

answered 2014-07-24 00:41:29 -0500

Kashyap Kopparam gravatar image

updated 2014-07-24 10:28:56 -0500

smaffulli gravatar image

Can you ping the host on which the virtual router is configured. If so, you might need to add a MASQUERADE rule to the firewall running on the host machine which will allow traffic from the neutron network to the external network. I'm sorry for not providing the exact rule that you need to add. :) It could be something like

 iptables -t nat -I POSTROUTING 1 -s 1 192.48.1.0/24 -o eth0 -j MASQUERADE

Reading Fragmented floating IP pools and multiple AS hack may also help.

edit flag offensive delete link more
0

answered 2014-07-24 11:18:45 -0500

dbaxps gravatar image

@smaffulli, Content :-

iptables -t nat -I POSTROUTING 1 -s 1 192.48.1.0/24 -o eth0 -j MASQUERADE

View Fragmented floating IP pools and multiple AS hack was posted by myself at least 3-4 hr ago as two comments.

Next time I will do screnshots
 of comments been done.
edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2014-07-23 21:53:53 -0500

Seen: 989 times

Last updated: Jul 24 '14