Ask Your Question
0

Unable to Connect Instance to External Network

asked 2016-01-15 08:48:16 -0500

embedded gravatar image

Im getting into OpenStack, but cannot figure out, why i can't connect my vm to an external network. Infos: What i have done:

External Network: 172.16.64.0/23

Internal Network: 192.168.0.0/24

Set up Solaris 11.3 OpenStack Single System UAR. And configured the Networks like this:

# keystone tenant-list
+----------------------------------+---------+---------+
|                id                |   name  | enabled |
+----------------------------------+---------+---------+
| 0382766fea50433d8fc5c4605548231e |   demo  |   True  |
| 8cbae9fd55ba491c8019ace305f07b24 | service |   True  |
+----------------------------------+---------+---------+
# neutron net-create --provider:network_type=vlan --router:external=false --tenant-id 0382766fea50433d8fc5c4605548231e INT
# neutron subnet-create --disable-dhcp --name int_subnet --tenant-id 0382766fea50433d8fc5c4605548231e INT 192.168.0.0/24
# svcadm enable ipfilter
# ipadm set-prop -p forwarding=on ipv4
# evsadm set-controlprop -p vlan-range=1,200-300

# neutron router-create --tenant-id 8cbae9fd55ba491c8019ace305f07b24 gateway_router
# echo "router_id = 58845b01-9f0c-4eff-a327-ba4c0ac6aaec" >> /etc/neutron/l3_agent.ini
# svcadm enable neutron-l3-agent
# neutron net-create --provider:network_type=vlan --tenant-id 8cbae9fd55ba491c8019ace305f07b24 --provider:segmentation_id=1 --router:external=true EXT
# neutron subnet-create --tenant-id 8cbae9fd55ba491c8019ace305f07b24 --disable-dhcp --name ext_subnet EXT 172.16.64.0/23 --gateway_ip 172.16.64.5

# neutron router-gateway-set gateway_router EXT
# neutron router-interface-add gateway_router efcfd2a4-5c2f-48fb-9442-b598806ca484
# neutron floatingip-create --tenant-id 0382766fea50433d8fc5c4605548231e EXT

Everything pretty straight forward. Then i created an instance in the private Network and attached the floating ip of the external network. On the Controller Node, all the vnic's and adresses look good:

# ipadm
NAME              CLASS/TYPE STATE        UNDER      ADDR
l3e625b114d_b_0   ip         ok           --         --
   l3e625b114d_b_0/v4 static ok           --         172.16.64.7/23
   l3e625b114d_b_0/v4a static ok          --         172.16.64.9/32
l3i8988ed47_0_0   ip         ok           --         --
   l3i8988ed47_0_0/v4 static ok           --         192.168.0.1/24
lo0               loopback   ok           --         --
   lo0/v4         static     ok           --         127.0.0.1/8
   lo0/v6         static     ok           --         ::1/128
net0              ip         ok           --         --
   net0/v4        static     ok           --         172.16.65.249/23
   net0/v6        addrconf   ok           --         fe80::250:56ff:fe02:2170/10
root@OpenStack:~# dladm show-vnic
LINK            OVER           SPEED  MACADDRESS        MACADDRTYPE IDS
l3i8988ed47_0_0 l3stub0        40000  fa:16:3e:16:7a:8f fixed       VID:200
l3e625b114d_b_0 net0           1000   fa:16:3e:a5:34:e8 fixed       VID:0
instance-00000001/net0 l3stub0 40000  fa:16:3e:bc:45:22 fixed       VID:200

Nat is enabled:

# ipnat -l
List of active MAP/Redirect filters:
rdr l3i8988ed47_0_0 169.254.169.254/32 port 80 -> 192.168.0.1 port 9697 tcp
map l3e625b114d_b_0 192.168.0.0/24 -> 172.16.64.7/32
bimap l3e625b114d_b_0 192.168.0.2/32 -> 172.16.64.9/32

But i cannot ping the vm from outside, or ping any resources on the external network from the vm. Did i miss something?

Any help would be appreciated.

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
0

answered 2016-01-24 08:14:54 -0500

aric gravatar image

I encounter a same problem. It seem that the NAT dose not work. Can any hosts on the external network reach the vm by the floating ip?(i.e., ssh)

edit flag offensive delete link more

Comments

No the floating IP is not reachable from the external Network. Did you resolve the issue?

embedded gravatar imageembedded ( 2016-02-01 04:06:24 -0500 )edit

Do you deploy the openstack neutron on virtualbox?

aric gravatar imagearic ( 2016-09-10 18:50:28 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2016-01-15 08:45:51 -0500

Seen: 614 times

Last updated: Jan 24 '16