Ask Your Question
0

Unable to ping a floating ip of a instance, port status of the floating ip is N/A

asked 2016-06-23 04:15:34 -0500

YaoL gravatar image

updated 2016-06-28 02:24:56 -0500

I'm building a mitaka version environment. Following are the nodes I'm working on.

2 virtual machines with nova-compute service on them 2 physical machines with nova-compute service on them

1 virtual machine with nova-api,schedular,.etc services on it 1 virtual machine with neutron-server service on it 2 virtual machines with neutron-l3,metadata,dhcp,linuxbridge-agents on them

The internal network is a vxlan based network of 192.168.1.0/24 the external network is a vlan based network with vlan id of 3135 and ip pool of 10.0.2.160 - 10.0.2.190 (trying to get openstack instances on nova-compute-nodes accessible from an existing vlan).

After I setup the network, router, port, instances, I can do following things: 1. ping an instance of 192.168.1.2 from another of 192.168.1.3 2. associate a floating ip of 10.0.2.162 to instance 192.168.1.2 and floating ip 10.0.2.163 to instance 192.168.1.3 3. ping the router gateway of 10.0.2.161 from instance1 with its floating ip 10.0.2.162 4. unable to ping 10.0.2.162 to 10.0.2.163

I've checked with the bridges set up on KVM and neutron-l3,linuxbridge-agents like following

KVM

bridge name bridge id STP enabled interfaces

brq752298c0-bb 8000.e2da954a029b no tap559ffb91-dc vxlan-100 virbr0 8000.525400f9e8f1 yes virbr0-nic

neutron-node

bridge name bridge id STP enabled interfaces

brq33b694a2-74 8000.0050569e7545 no eth2.3135 tap310df407-18 tap3d35c2bc-5a

brq752298c0-bb 8000.6eca2367b9f9 no tap952bd101-d2 vxlan-100

virbr0 8000.525400c184ab yes virbr0-nic

and it seems that the problem is with the port status of the floating ip

+-----------------------+-----------------------------------------------------------------------------------+ | Field | Value | +-----------------------+-----------------------------------------------------------------------------------+ | admin_state_up | True | | allowed_address_pairs | | | binding:host_id | | | binding:profile | {} | | binding:vif_details | {} | | binding:vif_type | unbound | | binding:vnic_type | normal | | created_at | 2016-06-23T06:33:19 | | description | | | device_id | 71c7618e-477c-41c7-bbea-939ecba455c5 | | device_owner | network:floatingip | | dns_name | | | extra_dhcp_opts | | | fixed_ips | {"subnet_id": "df7de4ca-1374-4a6b-bc5d-9bd0b54fa27f", "ip_address": "10.0.2.162"} | | id | d49e0780-15b8-4874-875f-ba0fe33e5840 | | mac_address | fa:16:3e:fb:9b:04 | | name | | | network_id | 33b694a2-743e-4133-afef-4e709a7a89f2 | | port_security_enabled | False | | security_groups | | | status | N/A | | tenant_id | | | updated_at | 2016-06-23T06:35:30 | +-----------------------+-----------------------------------------------------------------------------------+

Any suggestions are appreciated

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
1

answered 2016-07-05 23:15:42 -0500

james-denton gravatar image

Floating IP ports are really just reservations - I wouldn't worry too much about the status of the port itself.

I would start by looking at your security group rules and ensure that the floating IPs are allowed as source addresses for the respective rules. If you go with the standard rule set, only the 'remote group' may be set as an allowed source, which means only the fixed IPs are accounted for and not the respective floating IPs. Try adding an ICMP rule allowing 0.0.0.0/0 for now and see if that works.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2016-06-23 04:15:34 -0500

Seen: 1,406 times

Last updated: Jul 05 '16