Neutron cannot allocate ip on external network

Hi, I have a setup with 3 machines: 1 controller (nova controller, and neutron controller), and 2 compute nodes. They are at version Liberty. I can create VM, and they can ping each others on their private network (VXLAN). My problem is that VM I create do not have access to the outside.

I know I have to create a public network, and a router to link networks. And then set the gateway of the router. What I guess the problem is, is that I cannot allocate an ip on the physical network my machines are connected to, because of security policy.

Is it mandatory for the router to allocate an ip on the external network? Should I map the OpenStack external network to the physical network? Is it possible for my VM to get access to the outside using another way?

edit retag close merge delete

Sort by » oldest newest most voted

without a route from your physical machine to the network its connected on you are out of luck. If the network you are connected to supports DHCP you can try this creation of a flat network with no dhcp so your machines will allocate on the same network as your physical. remember external in openstack is a physical network in general. Not public internet access

Create "external" network

 neutron net-create external_net --provider:network_type flat --provider:physical_network bond0  --router:external --shared


Create subnet. my example uses a network that is 10.1.13.0/24 with a gateway of 10.1.13.1. You can find this information on your physical host with ifconfig. My DHCP is false becasue the "external" netowrk serves DHCP

neutron subnet-create --name external_subnet --enable_dhcp=False --gateway=10.1.13.1 external_network 10.1.13.0/24


Create Router

neutron router-create external_router


Set Router Gateway

neutron router-gateway-set external_router external_net


neutron router-interface-add external_router external_subnet

more

Hi, thanks for your answer. My problem is that I cannot (not even outside OpenStack) get an IP on the physical network. I got IP for my 3 machines, but I am not allowed to get others. I was expecting Neutron to be able to use the IP of the Neutron machine for the gateway

( 2016-01-07 03:50:18 -0600 )edit