Ask Your Question
0

ping: sendmsg: operation not permitted in Neutron when pinging instances

asked 2013-10-22 09:54:07 -0500

Anand gravatar image

updated 2013-10-24 01:00:23 -0500

Hi,

I have installed single node openstack from devstack and booted two cirros machine instances. I am using OVS plugin for my work.

The instances are able to ping the outside world including public IP address as 69.171.224.42 (facebook) and 74.125.224.72 (google). However, when i ping from the host machine to the instances i get an error message ping: sendmsg: operation not permitted

The configuration is as follows:

Configuration of the router: Interface towards external bridge, br-ext, : 172.24.4.226

Interface towards integration bridge, br-int, : 192.168.0.1

I am able to ping the ip address 192.168.0.1 and 172.24.4.226 from the host machine.

Configuration of the Instances:

Instance #1 IP address: 192.168.0.3

Instance #2 IP address: 192.168.0.1

Default Security Group Rules:

Rule ALL TCMP and ALL ICMP Direction Ingress.

The machines are assigned fixed IP address from network 192.168.0.0 and I am able to ping 192.168.0.1 from the host machine.

According to route-n command The Gateway for an address in the network 192.168.0.0. is 172.24.4.226.

If anyone could help on this, i would really appreciate it. Thank you.

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
0

answered 2013-10-22 13:34:53 -0500

updated 2013-10-22 13:35:58 -0500

You should try adding new (Allow all) security group with TCP 1-65535 UDP 1-65535 ICMP -1 -1. Also take a look at nova.conf. Do you have

security_group_api = neutron
firewall_driver = nova.virt.firewall.NoopFirewallDriver
edit flag offensive delete link more

Comments

This is what i have in the nova.conf : security_group_api = neutron firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver Are there any changes that i need to make to nova.conf ? I created a new security group with the above mentioned changes but the problem still persists.

Anand gravatar imageAnand ( 2013-10-24 00:59:47 -0500 )edit

Security groups are implemented by both neutron and nova, so try to change firewall_driver to Noop to disable them in nova '' Quantum now has support for security groups. In the case that Quantum supports security groups then the nova configuration file should be updated to support this: [DEFAULT] security_group_api = quantum firewall_driver = nova.virt.firewall.NoopFirewallDriver ''

laboshinl gravatar imagelaboshinl ( 2013-10-24 01:24:17 -0500 )edit

Thank you :)

Anand gravatar imageAnand ( 2013-10-29 08:03:53 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

3 followers

Stats

Asked: 2013-10-22 09:54:07 -0500

Seen: 2,196 times

Last updated: Oct 24 '13