Neutron cannot allocate ip on external network

asked 2016-01-06

Bertrand88

Hi, I have a setup with 3 machines: 1 controller (nova controller, and neutron controller), and 2 compute nodes. They are at version Liberty. I can create VM, and they can ping each others on their private network (VXLAN). My problem is that VM I create do not have access to the outside.

I know I have to create a public network, and a router to link networks. And then set the gateway of the router. What I guess the problem is, is that I cannot allocate an ip on the physical network my machines are connected to, because of security policy.

Is it mandatory for the router to allocate an ip on the external network? Should I map the OpenStack external network to the physical network? Is it possible for my VM to get access to the outside using another way?

answered 2016-01-06

without a route from your physical machine to the network its connected on you are out of luck. If the network you are connected to supports DHCP you can try this creation of a flat network with no dhcp so your machines will allocate on the same network as your physical. remember external in openstack is a physical network in general. Not public internet access

Create "external" network

 neutron net-create external_net --provider:network_type flat --provider:physical_network bond0  --router:external --shared

Create subnet. my example uses a network that is with a gateway of You can find this information on your physical host with ifconfig. My DHCP is false becasue the "external" netowrk serves DHCP

neutron subnet-create --name external_subnet --enable_dhcp=False --gateway= external_network

Create Router

neutron router-create external_router

Set Router Gateway

neutron router-gateway-set external_router external_net

Add external interface to router

neutron router-interface-add external_router external_subnet
Hi, thanks for your answer. My problem is that I cannot (not even outside OpenStack) get an IP on the physical network. I got IP for my 3 machines, but I am not allowed to get others. I was expecting Neutron to be able to use the IP of the Neutron machine for the gateway

Bertrand88 ( 2016-01-07 )

