When iptables is active i can't ping floating ip ,but when iptables is disable, floaing ip, private ip and every thing work perfect !!

asked 2015-11-25 02:14:59 -0500

sara-kh gravatar image

updated 2015-11-25 02:17:46 -0500

I have installed openstack juno. Controller and network services are on one node and the other nodes are used for computing.
I use LinuxBridge as network plugging for openstack.

The tenant network type is vlan,

Physical network type is flat,

enp3s0f0 interface is used for external network on network node and enp3s0f1 for vm traffic on all compute nodes.

Firewall_driver in linuxbridged is neutron.agent.linux.iptables_firewall.IptablesFirewallDriver.

When iptables is active i can't ping floating ip ,but when iptables is disable, floaing ip, private ip and every thing work perfect !!

Vm traffic when iptables is disable is like : (compute node ==VM ---> enp3s0f1 ----------> )-----> (network node==enp3s0f1---->enp3s0f0 ----> internet)

(I check that with tcpdump command and i did not write brq... interface here for simplicity.)

Vm traffic when iptables is active is like : (compute node ==VM ---> enp3s0f1 ----------> enp3s0f0 -----> internet) no traffic pass through network node.

I checked security groups assigned to vms.

thank you in advance for your guidance.

edit retag flag offensive close merge delete