I'm using three-node achitecture and following through Openstack Guide for Ubuntu:mitaka.

I configured two networks:1 external network and ext-subnet(192.168.0.0/24), and test network and subnet as an internal network(200.0.0.0/24), and a logical router to connect two. I created instances successfully with floating IP(192.168.0.107) & fixed IP(200.0.0.5). but from any node I cant either ping or ssh to floating IP. Instance's log shows instance boots up,but shows I think I misconfigured L3 agent or ml2 agent in some wrong way, but dont know how to fix it. There seems to be no errors in log files. From network-node I can ping the logical router gateway(192.168.0.100). and from instance, i can also ping logical router gateway(192.168.0.100). but can not to network-node, either to physical router(192.160.0.1) I'm only a beginner here and in network, so please help. I will update any information needed more.

On network-node

vi /etc/neutron/l3-agent

interfacedriver=neutron.agent.linux.interface.OVSInterfaceDriver
gateway_external_network_id=x-x-x-x-x
external_interface_bridge=

vi /etc/neutron/pluging/ml2/ml2_conf.ini

 [ml2]
 type_drivers=flat,vlan,gre,vxlan
 tenant_network_types=gre
 mechanism_drivers=openvswitch
 extension_drivers=port_security
[ml2_type_flat]
flat_networks=external
[ml2_type_gre]
tunnel_id_range=1:1000
[secuirty group]
firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIpatablesFirewallDriver
enable_security_group=true
enable_ipset=true

and network node only have two physical interfaces. one as an internal network with other nodes, and one for external network

vi /etc/network/interfaces

auto p3p1
iface p3p1 inet static
  address 10.0.0.2
  network 10.0.0.0
  broadcast 10.0.0.255

auto wlan0
iface wlan0 inet manual
  pre-up wpa_supplicant -D wext -i wlan0 -c /etc/wpa_supplicant.conf -B
  up ip link set dev $IFACE up
  down up link set dev $IFACE down
  post-down killall -q wpa_supplicant

auto br ex
iface br-ex inet dhcp

route

Destination   Gateway       Genmask       Flags   Metric   Ref   Use   Iface
default         192.168.0.1   0.0.0.0          UG       0           0      0     br-ex
10.0.0.0        *                  255.255.255.0 U         0           0      0     p3p1
192.168.0.0   *                  255.255.255.0 U         0           0      0    br-ex

network-node@network-node:~$ sudo iptables -t nat -L

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
neutron-openvswi-PREROUTING  all  --  anywhere             anywhere            

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
neutron-openvswi-OUTPUT  all  --  anywhere             anywhere            

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
neutron-openvswi-POSTROUTING  all  --  anywhere             anywhere            
neutron-postrouting-bottom  all  --  anywhere             anywhere            

Chain neutron-openvswi-OUTPUT (1 references)
target     prot opt source               destination         

Chain neutron-openvswi-POSTROUTING (1 references)
target     prot opt source               destination         

Chain neutron-openvswi-PREROUTING (1 references)
target     prot opt source               destination         

Chain neutron-openvswi-float-snat (1 references)
target     prot opt source               destination         

Chain neutron-openvswi-snat (1 references)
target     prot opt source               destination         
neutron-openvswi-float-snat  all  --  anywhere             anywhere            

Chain neutron-postrouting-bottom (1 references)
target     prot opt source               destination         
neutron-openvswi-snat  all  --  anywhere             anywhere             /* Perform source NAT on outgoing traffic. */

On sidenote, vnc is also not working, thinking ... (more)