neutron floating ip not working inbound (but works outbound) [closed]

asked 2014-08-22 12:47:56 -0500

network_ninja gravatar image

Installed openstack using 3-node architecture (neutron networking) as described here: http://docs.openstack.org/icehouse/install-guide/install/apt/content/install_dashboard.html (http://docs.openstack.org/icehouse/in...)

Installed Keystone/Glance/Nova/Neutron/Horizon/Cinder/Heat/Ceilometer as described in the guide, with one exception that I didn't add a 4th Cinder "block" node, but just added it onto the compute node.

The architecture looks like this: http://i.imgur.com/L8C9y6O.png (Openstack Arch)

my 'ext-net' is the 'External' (v902) network in the drawing, which is 172.20.98.0/24. I assigned an allocation list from 172.20.98.100 to .200. I can see on my demo account a few floating IP's:

http://i.imgur.com/xrEOiV3.png (floating IP's)

Floating IP 172.20.98.112 is assigned to the 10.10.10.2 ifxed IP. Here is my network topology as seen from horizon (I tried to cut out the non-relevant pieces) http://i.imgur.com/fjyzGbQ.png (net_topo)

You can see 10.10.10.2 assigned to the 'simple' instance interface, of which router2 is also on as 10.10.10.1. Pinging out from 'simple' to an IP routed to through the 'ext-net' running a TCPdump properly shows the pings coming in as 172.20.98.112 (the floating IP). This is a TCPDump from the external machine that the 'simple' instance is pinging.

[08/22/14 10:14:10] > sudo tcpdump -vvv -ttt -en -i eth0 host 172.20.98.112 tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 00:00:00.000000 00:26:99:e7:d1:48 > 00:50:56:81:76:81, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 62, id 58221, offset 0, flags [DF], proto ICMP (1), length 84) 172.20.98.112 > 172.20.96.100: ICMP echo request, id 20737, seq 44, length 64

This is from the 'simple' instance, showing pings are successful (in both directions, the responses are received) http://i.imgur.com/sUX3j03.png (pings_from_simple)

However, pinging 172.20.98.112 from the external node is not successful.

[08/22/14 10:14:20] > ping 172.20.98.112 PING 172.20.98.112 (172.20.98.112) 56(84) bytes of data. ^C --- 172.20.98.112 ping statistics --- 11 packets transmitted, 0 received, 100% packet loss, time 10079ms

So my question is why doesn't this work? What could I be missing here? I've traced the ping from the external net into the network node blitz em3, being tunneled (GRE) from blitz em2 (10.0.1.21) over to compute em2 (10.0.1.31) and the frame is received on a TCPDUMP on glacius01 (compute). However, a tcpdump on the VM itself does NOT show the ping reaching the instance.

Any help would be greatly appreciated.

edit retag flag offensive reopen merge delete

Closed for the following reason duplicate question by smaffulli
close date 2014-08-22 15:51:56.884653