Ask Your Question
0

Cannot access internet from external router namespace

asked 2015-02-09 04:16:19 -0500

fhussain gravatar image

updated 2015-02-09 08:58:12 -0500

Hi,

I have an all-in-one installation of devstack with a single-NIC machine. I can ping external router(172.24.4.2) from the host machine(i.e. the one on which devstack is installed) and I can ping the host machine from the router namespace:

sudo ip netns exec ping qrouter-5ab36503-1ae4-4e26-b01f-cc409e4149db ping 10.3.87.102

The problem is that I cannot ping the external world e.g. google.com from the router namespace.

sudo ip netns exec ping qrouter-5ab36503-1ae4-4e26-b01f-cc409e4149db ping google.com

How can I check what is wrong?

#sudo ovs-vsctl show

 Bridge "br-eth1"
        Port "eth1-br-proxy"
            Interface "eth1-br-proxy"
        Port "br-eth1"
            Interface "br-eth1"
                type: internal
    Bridge br-int
        fail_mode: secure
        Port "qr-acc7af1a-f5"
            tag: 1
            Interface "qr-acc7af1a-f5"
                type: internal
        Port "qvoe27adc03-d6"
            tag: 1
            Interface "qvoe27adc03-d6"
        Port "qvoff2035ab-dd"
            tag: 1
            Interface "qvoff2035ab-dd"
        Port "qvo22974bcf-c7"
            tag: 1
            Interface "qvo22974bcf-c7"
        Port "tap03ba9df0-0e"
            tag: 1
            Interface "tap03ba9df0-0e"
                type: internal
        Port br-int
            Interface br-int
                type: internal
    Bridge "br-eth0"
        Port "eth0"
            Interface "eth0"
        Port "proxy-br-eth1"
            Interface "proxy-br-eth1"
        Port "br-eth0"
            Interface "br-eth0"
                type: internal
        Port proxy-br-ex
            Interface proxy-br-ex
    Bridge br-ex
        Port "qg-ba84c0dd-3f"
            tag: 0
            Interface "qg-ba84c0dd-3f"
                type: internal
        Port br-ex
            Interface br-ex
                type: internal
    ovs_version: "1.4.6"     



     # ifconfig -a

  eth0      Link encap:Ethernet  HWaddr 28:6e:d4:88:c6:fc
          inet6 addr: fe80::2a6e:d4ff:fe88:c6fc/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:402960 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2084 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:108669938 (108.6 MB)  TX bytes:256183 (256.1 KB)
          Interrupt:79

br-eth0   Link encap:Ethernet  HWaddr 28:6e:d4:88:c6:fc
          inet addr:10.3.87.102  Bcast:10.3.87.255  Mask:255.255.255.0
          inet6 addr: fe80::2a6e:d4ff:fe88:c6fc/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:403847 errors:0 dropped:0 overruns:0 frame:0
          TX packets:560 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:114393678 (114.3 MB)  TX bytes:67810 (67.8 KB)

  br-ex     Link encap:Ethernet  HWaddr 12:30:d9:ac:53:4e
          inet addr:172.24.4.1  Bcast:0.0.0.0  Mask:255.255.255.0
          inet6 addr: fe80::1030:d9ff:feac:534e/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:13021 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2965 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1353877 (1.3 MB)  TX bytes:1100691 (1.1 MB)

br-int Link encap:Ethernet  HWaddr 62:e8:ef:5a:92:49
              inet6 addr: fe80::60e8:efff:fe5a:9249/64 Scope:Link
              UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
              RX packets:549 errors:0 dropped:0 overruns:0 frame:0
              TX packets:46 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:78941 (78.9 KB)  TX bytes:8678 (8.6 KB)


        eth1-br-proxy Link encap ...
(more)
edit retag flag offensive close merge delete

Comments

Post ovs-vsctl show && ifconfig

dbaxps gravatar imagedbaxps ( 2015-02-09 05:50:53 -0500 )edit

@dbaxps I have edited the question to post the output of ovs-vsctl show and ifconfig.

fhussain gravatar imagefhussain ( 2015-02-09 06:49:14 -0500 )edit

You have several bridges defined here (br-ex, br-eth0, and br-eth1.). To which bridge is your router namespace connected?

larsks gravatar imagelarsks ( 2015-02-09 08:39:13 -0500 )edit

How can I check this?

fhussain gravatar imagefhussain ( 2015-02-09 08:45:00 -0500 )edit

How did you create your external network(s)? How did you attach them to your router? What does the output of ip address show inside the router namespace look like?

larsks gravatar imagelarsks ( 2015-02-09 08:49:35 -0500 )edit

1 answer

Sort by ยป oldest newest most voted
0

answered 2015-02-12 03:28:14 -0500

fhussain gravatar image

updated 2015-02-12 03:28:54 -0500

The problem has been solved. Now the Internet can be accessed from the namespace of external router as well as from the VM instances connected to the external router. The problem was that NAT was not enabled on the host machine, which is enabled by this command:

# sudo iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

Note: eth1 is the interface through which my host machine is connected to the Internet.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-02-09 04:16:19 -0500

Seen: 998 times

Last updated: Feb 12 '15