Ask Your Question

Floating IPs

asked 2016-01-28 08:56:49 -0600

Daniel Ruiz gravatar image


I'm getting problems with my little openstack cloud. My scenario is this:

  1. one server (controller + network in the same machine) with 3 NICs (managment, data and external network). In this case, managment and external share the same physical network but in configuration files, managment interface has an IP and external has no IP address.
  2. two computes with 2 NICs (managment and data network).

After creating a private (tenant) network, instances running on both compute can ping each other with no problem.

neutron net-create demo-net
neutron subnet-create demo-net --name demo-subnet --gateway

However, after creating a public network and assigning an floating IP, this IP is assigned and associated correctly, but I can't ping and I can't ssh to the floating IP. I have added SSH and ICMP in my security group...

neutron net-create ext-net --shared --router:external True --provider:physical_network external --provider:network_type flat
neutron subnet-create ext-net --name ext-subnet --no-gateway --allocation-pool start=STARTING_POOL_FLOATING,end=ENDING_POOL_FLOATING --disable-dhcp PUBLIC_NETWORK
neutron router-create demo-router
neutron router-interface-add demo-router demo-subnet
neutron router-gateway-set demo-router ext-net

As I have commented before, PUBLIC_NETWORK is the same for eth0 and eth2 (both network and wired to the same switch). The only difference is in the configuration file "ifcfg-ethX": for "0" there is an IPADDR and NETWORK and for "2" there are no parameters (only PROMISC="yes" because I have read that external interface needs to be in promiscuos mode).

If I run ping through netns, it runs: "ip netns qrouter-XXX exec ping FLOATING_IP" Also, I can run a bash: "ip netns qrouter-XXX exec /bin/bash" and I go to "somewhere" where I can see private and floating IP, with 2 interfaces (a qr-xxxx-yy and a qg-xxxx-yy). First of that has the private IP and second one has the public (floating IP).

What am I doing wrong in configuration? I need to get access through floating IPs. How can I debug more information?

Thanks a lot!!!

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted

answered 2016-01-28 20:28:37 -0600

Gnan gravatar image

Hey Daniel,

Try this command on eth0(public network) - iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Once I faced similar issue and resolved by configuring the nat as above. Foloating ip range is same as eth0 in my case.

Regards Gnan

edit flag offensive delete link more

answered 2016-01-29 02:47:19 -0600

Daniel Ruiz gravatar image

Yeahh!!! Thanks!!! with that iptables rules I can connect to the floating IP. I have checked that applying the rule to eth0 or eth2, in both cases, I can do SSH.


edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2016-01-28 08:56:49 -0600

Seen: 408 times

Last updated: Jan 29 '16