[neutron]cannot assign floating ip

asked 2014-09-30 18:28:54 -0600

xchang
11 ●1 ●1 ●2

Hi all,

Neutron router's gateway set as an external IP, which I can ping from default ns and qrouter ns. Set up an internal network and added it to the router, Launched an instance, connected it to the internal network. Tried to assign a floating IP to the instance, succeeded. No error messages. But when I do ifconfig in the instance, it showed that floating IP was not assigned.

I can provide more details if needed.

Thanks, XC

edit retag flag offensive close merge delete

add a comment

0

answered 2014-09-30 19:20:11 -0600

larsks
5629 ●24 ●62 ●101 http://redhat.com/

When you assign a floating ip to an instance, that ip is never visible from inside the instances. Floating ip addresses are realized as NAT rules inside the appropriate qrouter namespace. For example, on my system, I have an external network named "ext-nat" that uses 192.168.200.0/24. If I assign a floating address to an instance:

$ nova floating-ip-create
+-----------------+-----------+----------+---------+
| Ip              | Server Id | Fixed Ip | Pool    |
+-----------------+-----------+----------+---------+
| 192.168.200.248 |           | -        | ext-nat |
+-----------------+-----------+----------+---------+

And then assign that to an instance:

$ nova floating-ip-associate test0 192.168.200.248

I will then see that address associated with an interface in the qrouter namespace:

$ sudo ip netns exec qrouter-92a5e69a-8dcf-400a-a2c2-46c775aee06b ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
9: qr-416ca0b2-c8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default 
    link/ether fa:16:3e:54:51:50 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.1/24 brd 10.0.0.255 scope global qr-416ca0b2-c8
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe54:5150/64 scope link 
       valid_lft forever preferred_lft forever
15: qg-2cad0370-bb: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default 
    link/ether fa:16:3e:f8:f4:c4 brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.10/24 brd 192.168.200.255 scope global qg-2cad0370-bb
       valid_lft forever preferred_lft forever
    inet 192.168.200.248/32 brd 192.168.200.248 scope global qg-2cad0370-bb
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fef8:f4c4/64 scope link 
       valid_lft forever preferred_lft forever

And I will see NAT rules in the namespace as well:

$ sudo ip netns exec qrouter-92a5e69a-8dcf-400a-a2c2-46c775aee06b iptables -t nat -S neutron-l3-agent-float-snat
-N neutron-l3-agent-float-snat
-A neutron-l3-agent-float-snat -s 10.0.0.125/32 -j SNAT --to-source 192.168.200.248

But in the instance itself, I will only ever see the fixed ip address:

$ ssh fedora@192.168.200.248
Warning: Permanently added '192.168.200.248' (ECDSA) to the list of known hosts.
Last login: Tue Sep 30 17:57:33 2014 from 192.168.200.1
[fedora@test0 ~]$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether fa:16:3e:5f:6d:d4 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.125/24 brd 10.0.0.255 scope global dynamic eth0
       valid_lft 63443sec preferred_lft 63443sec
    inet6 fe80::f816:3eff:fe5f:6dd4/64 scope link 
       valid_lft forever preferred_lft forever

edit flag offensive delete link

Comments

Thanks, larsks.

I guess the issue that I am having right now is with private network's DHCP. I launched an instance with just a private network. But still the IP address wasn't assigned to the vm. And ovs-vsctl show 's result is http://pastebin.com/4Nk59pf6 .

xchang ( 2014-09-30 20:09:49 -0600 )edit

As mentioned above, Floating ips will not be visible when you do ifconfig. Are you able to see it in openstack console Access & Security > Floating IPs ? If floating ip is assigned, it'll also show to show to which server it's assigned

Vinoth K G ( 2014-10-01 02:29:30 -0600 )edit

Not sure on neutron, but with nova-network, if you assigned floating ip to a instance, nothing happens on the instance, thus you can not see the new ip you assigned to the vm when you run ifconfig. In fact, all the work was done by nova-network on the compute node to setup the NAT rules between the

hanzhf ( 2014-10-08 02:30:15 -0600 )edit

add a comment

0

answered 2014-10-08 02:18:47 -0600

hanzhf
1

Not sure on neutron, but with nova-network, if you assigned floating ip to a instance, nothing happens on the instance, thus you can not see the new ip you assigned to the vm when you run ifconfig. In fact, all the work was done by nova-network on the compute node to setup the NAT rules between the floating ip and the fixed ip of the instance.

edit flag offensive delete link

add a comment

[neutron]cannot assign floating ip

2 answers

Comments

Get to know Ask OpenStack

Question Tools

Stats

Related questions

Feedback About This Page

OpenStack

Community

Documentation

Branding & Legal

[neutron]cannot assign floating ip edit

2 answers

Comments

Get to know Ask OpenStack

Question Tools

Stats

Related questions

Feedback About This Page

OpenStack

Community

Documentation

Branding & Legal

[neutron]cannot assign floating ip