Ask Your Question
0

"Gateway is not valid on subnet" when enabling Neutron in Devstack

asked 2014-10-25 17:48:18 -0600

job gravatar image

updated 2014-10-25 21:26:21 -0600

Devstack stable/juno

Local.conf:

SERVICE_TOKEN=azertytoken
ADMIN_PASSWORD=nomoresecrete
MYSQL_PASSWORD=stackdb
RABBIT_PASSWORD=stackqueue
SERVICE_PASSWORD=$ADMIN_PASSWORD
FLOATING_RANGE=172.16.49.32/27
FIXED_RANGE=10.0.0.0/24
FIXED_NETWORK_SIZE=256
FLAT_INTERFACE=eth0
LOGFILE=$DEST/logs/stack.sh.log
SCREEN_LOGDIR=$DEST/logs/screen
LOGDAYS=2
SWIFT_HASH=66a3d6b56c1f479c8b4e70ab5c2000f5
SWIFT_REPLICAS=1
SWIFT_DATA_DIR=$DEST/data
IMAGE_URLS+=",http://cloud.fedoraproject.org/fedora-20.x86_64.qcow2"

With this basic config, everyting seemed OK. After that I tried enabling Neutron but when I do ./stack the error appears. I just added to local.conf.

disable_service n-net
enable_service q-svc
enable_service q-agt
enable_service q-dhcp
enable_service q-l3
enable_service q-meta
enable_service tempest

The gateway and devstack are out of the FLOATING_RANGE subnet by design. It worked with nova-network but, with neutron, It just doesn't. I even tried setting FLOATING_RANGE as the whole subtnet (172.16.49.0/24) but VM didn't get connectivity at all.

One more issue: when I enable neutron, public network is only present in admin project and private network is only present in demo project.

Any piece of advice would be appreciated.

Thanks

edit retag flag offensive close merge delete

3 answers

Sort by ยป oldest newest most voted
0

answered 2014-10-26 00:21:55 -0600

job gravatar image

updated 2014-10-26 00:24:41 -0600

I ended up defining a gateway inside FLOATING_RANGE subnet.

FLOATING_RANGE=172.16.49.32/27
PUBLIC_NETWORK_GATEWAY=172.16.49.33

Then I had to check the default security group to have access to VMs. And finally, I added in the devstack host an IPtables rule for Internet access in the VMs as pointed out in several websites:

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Thanks,

edit flag offensive delete link more
2

answered 2014-10-25 23:51:15 -0600

SamYaple gravatar image

You can set force_gateway_on_subnet = False in the neutron.conf but I dont think that is what you are trying to do here as it will only help if you do some tricky network things (which I can almost guarantee you are not).

You want to do things different in neutron.

First you need to setup an external network. In the real world this would be an actual slice of the Internet, publicly routable ipv4 addresses. In your test lab it will be 172.16.49.32/27 Of note on this, you need to actually create the external as 172.16.49.0/24 with an allocation range start=172.16.49.32 end=172.16.49.63. Tweak those values to whatever your network looks like.

Next, you setup an internal network. This will be that 10.0.0.0/24 network (or whatever you want).

Once you setup your external and internal, then you need a router to attach to the external network and your internal network. From here you have duplicated what is happening behind the scenes with nova-network. Your instances, by default, don't consume an ip from your floating ip range, but you can still assign a floating ip from 172.16.49.32/27 to on of your 10.0.0.x instances.

If I am not understanding your issue with neutron correctly, let me know.

Unfortunately, I do not know how to do any of this through devstack. My guess would be you want ot create that external network through devstack, and then manually create the internal one.

edit flag offensive delete link more

Comments

Thanks, Sam. I think you've got it right. I wanted to do that config once from devstack init, automatically, and to understand how to approach it automatically with Neutron.

job gravatar imagejob ( 2014-10-26 00:18:58 -0600 )edit
0

answered 2016-01-07 04:50:48 -0600

Hi,

Late answer, may be useful for others. I believe you should use PUBLIC_NETWORK_GATEWAY in your local.conf. I had ran into similar issue. A quick grep found out how gateway was assigned on line 1296 (as of now).

lib/neutron-legacy:72:PUBLIC_NETWORK_GATEWAY=${PUBLIC_NETWORK_GATEWAY:-172.24.4.1}
lib/neutron-legacy:91:IPV6_PUBLIC_NETWORK_GATEWAY=${IPV6_PUBLIC_NETWORK_GATEWAY:-2001:db8::2}
lib/neutron-legacy:850:            v6_gateway=$(ip -6 a s dev $OVS_PHYSICAL_BRIDGE | grep  IPV6_PUBLIC_NETWORK_GATEWAY | awk '{ print $2 }')
lib/neutron-legacy:1296:    subnet_params+="--gateway $PUBLIC_NETWORK_GATEWAY "
lib/neutron-legacy:1310:    subnet_params+="--gateway $IPV6_PUBLIC_NETWORK_GATEWAY "
edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

Stats

Asked: 2014-10-25 17:48:18 -0600

Seen: 2,660 times

Last updated: Oct 26 '14