Ask Your Question
0

Not able to ping/ssh instances

asked 2015-03-10 06:39:54 -0500

Tanmoy gravatar image

updated 2015-03-10 08:23:09 -0500

dheeru gravatar image

I have succesfully installed openstack instance with Neutron using Devstack. Now I have a set of IPv4 addresses which I need to assign to my instances as floating IP and make them pingable / SSHable from out side the host.

Though I am able to assign the intended IP as Floating IP to my instances but neither they are pingable inside the host nor outside. I have modified the Security group rules to allow SSH and PING. Here is my network details -

stack@tanmoy:/etc/init.d$ neutron net-list
+--------------------------------------+-----------+------------------------------------------------------+
| id                                   | name      | subnets                                              |
+--------------------------------------+-----------+------------------------------------------------------+
| 1566fc4f-60a9-4170-b860-333a264f22d8 | my-public | 101675c6-7c92-4ea0-b361-7cade98fa5a2 10.158.XXX.0/24 |
| be6f76d4-954f-475e-853e-adb860508e9c | public    | 0604470a-761e-4913-998c-cc5413dcd5a6 172.24.4.0/24   |
| e816c35f-45a0-446b-b3ff-ca3196c98eb2 | private   | f4d617a7-e250-45fa-bb0a-95290cfafb20 10.0.0.0/24     |
+--------------------------------------+-----------+------------------------------------------------------+

stack@tanmoy:/etc/init.d$ neutron subnet-list
+--------------------------------------+----------------+-----------------+----------------------------------------------------+
| id                                   | name           | cidr            | allocation_pools                                   |
+--------------------------------------+----------------+-----------------+----------------------------------------------------+
| 0604470a-761e-4913-998c-cc5413dcd5a6 | public-subnet  | 172.24.4.0/24   | {"start": "172.24.4.2", "end": "172.24.4.254"}     |
| 101675c6-7c92-4ea0-b361-7cade98fa5a2 | ipcloud-dev    | 10.158.XXX.0/24 | {"start": "10.158.XXX.56", "end": "10.158.XXX.62"} |
| f4d617a7-e250-45fa-bb0a-95290cfafb20 | private-subnet | 10.0.0.0/24     | {"start": "10.0.0.2", "end": "10.0.0.254"}         |
+--------------------------------------+----------------+-----------------+----------------------------------------------------+

stack@tanmoy:/etc/init.d$ neutron router-list
+--------------------------------------+--------------+-----------------------------------------------------------------------------+
| id                                   | name         | external_gateway_info                                                       |
+--------------------------------------+--------------+-----------------------------------------------------------------------------+
| 811a483a-6faf-4dad-9d28-d51aa9530691 | ExternalLink | {"network_id": "1566fc4f-60a9-4170-b860-333a264f22d8", "enable_snat": true} |
| f71a6574-75c8-424e-ab57-ff0f9a20ef54 | router1      | {"network_id": "be6f76d4-954f-475e-853e-adb860508e9c", "enable_snat": true} |
+--------------------------------------+--------------+-----------------------------------------------------------------------------+

Please let me know if I am missing something..

edit retag flag offensive close merge delete

Comments

I hope you have checked about these :- 1. Whether your instance interface actually got the private ip through neutron's dhcp server 2. Whether you are able to ping instance's private ip using 'ip netns exec <qrouter-xyz> ping >private-ip>

osdiaj gravatar imageosdiaj ( 2015-03-10 07:29:14 -0500 )edit

osdiaj, I am not able to ping the instance after ip netns - stack@tanmoy:/var$ sudo ip netns exec qrouter-f71a6574-75c8-424e-ab57-ff0f9a20ef54 ping 10.158.XXX.60 PING 10.158.XXX.60 (10.158.XXX.60) 56(84) bytes of data. From 10.158.XXX.71 icmp_seq=1 Destination Host Unreachable

Tanmoy gravatar imageTanmoy ( 2015-03-10 07:59:47 -0500 )edit
1

do you added all the rules? like All-TCP, All-ICMP. do you enabled network forwarding?

dheeru gravatar imagedheeru ( 2015-03-10 08:25:20 -0500 )edit

Yes I added rules for ICMP,SSH,HTTP,HTTPS. How to enable network forwarding?

Tanmoy gravatar imageTanmoy ( 2015-03-10 08:32:56 -0500 )edit

I have enabled the network forwording by setting net.ipv4.ip_forward=1 at /etc/sysctl.conf of the host. Still no luck.

Tanmoy gravatar imageTanmoy ( 2015-03-10 08:43:37 -0500 )edit

2 answers

Sort by ยป oldest newest most voted
0

answered 2015-03-11 04:28:49 -0500

dheeru gravatar image

hey there,

try this

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
edit flag offensive delete link more

Comments

I tried this earlier.Did not work. After login to the instance console through horizon VNC, I ran ifconfig and found that the VM does not have any IPv4 addrress assigned. Why so? any idea ?

Tanmoy gravatar imageTanmoy ( 2015-03-11 06:07:39 -0500 )edit
0

answered 2015-03-11 05:39:54 -0500

Moe gravatar image

you have to edit your security groups rules and allow SSH protocol to work using port 22 I think this would help :)

edit flag offensive delete link more

Comments

Yes I did. I added rules for ICMP,SSH,HTTP,HTTPS.

Tanmoy gravatar imageTanmoy ( 2015-03-11 06:08:33 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-03-10 06:39:54 -0500

Seen: 1,000 times

Last updated: Mar 11 '15