Neutron routing from isolated networks through a linux nat box

asked 2015-01-28 08:44:20 -0600

Razvan Dobre gravatar image

updated 2015-01-30 04:26:48 -0600

Hello

I have the following topology that I want to implement using Openstak Juno release.

----provider_network----router----public_subnet----linux_nat_box-----isolated_subnet----linux_box1

  • I have conectivity between linux_nat_box and linux_box1
  • On linux_nat_box I activated routing by: echo 1 > /prox/sys/net/ipv4/ip_forward
  • On linux_nat_box I activated NAT by: iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

ping 8.8.8.8 from linux_box1 reaches linux_nat_box eth0 (both echo requests and echo replies), they also leave linux_nat_box eth1 but at linux_box1 level I only see 'echo requests' but no 'echo reply' packages. For some reason traffic leaving linux_box1 does not return to the same box (request timed out).

Traffic from linux_nat_box to "internet" works without any issues, I'm using vxlan overlay networks.

Am I missing something here?

Thanks for your support!

edit retag flag offensive close merge delete

Comments

Any ideas? I tried with both centos and ubuntu and the result is the same: not working.

Razvan Dobre gravatar imageRazvan Dobre ( 2015-02-02 06:23:55 -0600 )edit