Ask Your Question
1

Specifying static IP for neutron router external gateway port

asked 2016-03-04 09:53:48 -0600

sxc731 gravatar image

Whilst it's easy to manually control the IP address assigned to a router's internal-facing port(s) I'm yet to find a way to achieve the same with the port used as the "External Gateway", whether from Horizon or the CLI.

One naive way from Horizon would have been to manually create the external port (using "Add Interface", specifying its IP as required, then attempt to set it using "Set Gateway"; alas this fails with Failed to set gateway: Bad router request: Router already has a port on subnet xxx. I've tried this approach with both Horizon and the neutron CLI with no luck.

edit retag flag offensive close merge delete
add a comment

2 answers

Sort by ยป oldest newest most voted
0

answered 2016-03-09 01:46:48 -0600

sxc731 gravatar image

Here's the solution I've found, since it doesn't look like neutron router-update allows this manipulation, I've resorted to using the REST API. With the Keystone token in $TOKEN, assuming RRR is the router's UUID, NNN the public network's and SSS the subnet thereon:

# Let's get the router's current config
curl -H "X-Auth-Token: ${TOKEN}" http://10.10.0.101:9696/v2.0/routers/RRR | python -m json.tool > /tmp/xxr
# Edit the output (/tmp/xxr) leaving just the sub-structure we want to alter (here I changed the IP address):
cat /tmp/xxr
{
    "router": {
        "external_gateway_info": {
            "network_id": "NNN",
            "enable_snat": true,
            "external_fixed_ips": [    
                {
                    "ip_address": "10.10.3.1",
                    "subnet_id": "SSS"
                }
            ]
        }
    }
}
# Let's apply it:
curl -XPUT -H "X-Auth-Token: ${TOKEN}" http://10.10.0.101:9696/v2.0/routers/RRR -d @/tmp/xxr
# finally let's check the change has been applied to both the router and corresponding port:
neutron router-show RRR
neutron port-list | grep 10.10.3.1

(don't forget to substitute your Neutron end-point URL and you should be good).

If you know of a less hacky solution, please do contribute!

edit flag offensive delete link more
add a comment
1

answered 2016-12-09 16:48:23 -0600

akaris gravatar image

Just for competeness because this came up in google as the first answer to my search request. It's possible to set the IP address of a router's gateway on its external network with neutron router-gateway-set --fixed-ip (...)

~~~ neutron help router-gateway-set usage: neutron router-gateway-set [-h] [--request-format {json,xml}] [--disable-snat] [--fixed-ip FIXED_IP] ROUTER EXTERNAL-NETWORK

Set the external network gateway for a router.

positional arguments: ROUTER ID or name of the router. EXTERNAL-NETWORK ID or name of the external network for the gateway.

optional arguments: -h, --help show this help message and exit --request-format {json,xml} The XML or JSON request format. --disable-snat Disable source NAT on the router gateway. --fixed-ip FIXED_IP Desired IP and/or subnet on external network: subnet_id=<name_or_id>,ip_address=<ip>. You can repeat this option. ~~~

edit flag offensive delete link more

Comments

Thanks, this is helpful. This particular feature must have been added in a newer version (I'm on Kilo). Definitely preferable to the hack I documented above although I kind of like the hack because it provides a way to alter many attributes, which the CLI may not (always) provide access to.

sxc731 gravatar imagesxc731 ( 2016-12-10 02:37:42 -0600 )edit
add a comment

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2016-03-04 09:53:48 -0600

Seen: 3,988 times

Last updated: Dec 09 '16

Related questions

cannot ping tenant router gateway

After rebooting OpenStack host, router configuration is lost?

ping a vm from external network [closed]

create security group

Instance Internet connection problems

Multiple floating ip pools

Problems with OVS: No Connectivity

Gateway always down [closed]

Floating IPs

ip netns - iptables