Ping issue with virtual router

asked 2015-09-11 09:18:40 -0500

anonymous user

Anonymous

updated 2015-09-14 00:25:04 -0500

Hi all, I'm trying to use a virtual router inside my Openstack tenant. I created an instance of the router (Vyatta5600) and connected it to two different networks (dc1 - 10.1.0.0/24 and dc2 - 10.2.0.0/24).

image description

I then connected two different cirros clients on those networks, setting the corresponding Vyatta interface as their deafult GW. I use default security group configured to allow all inbound/outbound traffic (ICMP, TCP,UDP). From both clients I could ping the default GW.

Pinging from one client to the other one does not work, nor do pinging the vyatta interface on the opposite network.

Is there anything special I should enable at the OS level.

Thanks!

UPDATE

Same thing happens if I change the vyatta instance with a Linux instance acting as a router (as explained in this link)

UPDATE 2

In this post i found this:

Be aware that the security groups implementation places anti-spoofing rules to prevent a VM sending packets that do not have the source mac or IP address that Neutron assigned to it. Do iptables-save on the compute nodes to see them.

Could it be this thecause of the problem? If yes, is there the possibility to change that behaviour?

edit retag flag offensive close merge delete

Comments

What version of OpenStack do you have ?

salvorapi gravatar imagesalvorapi ( 2015-09-14 09:09:30 -0500 )edit