connecting instance to the external network
I'm using three-node achitecture and following through Openstack Guide for Ubuntu:mitaka.
I configured two networks:1 external network and ext-subnet(192.168.0.0/24), and test network and subnet as an internal network(200.0.0.0/24), and a logical router to connect two. I created instances successfully with floating IP(192.168.0.107) & fixed IP(200.0.0.5). but from any node I cant either ping or ssh to floating IP. Instance's log shows instance boots up,but shows I think I misconfigured L3 agent or ml2 agent in some wrong way, but dont know how to fix it. There seems to be no errors in log files. From network-node I can ping the logical router gateway(192.168.0.100). and from instance, i can also ping logical router gateway(192.168.0.100). but can not to network-node, either to physical router(192.160.0.1) I'm only a beginner here and in network, so please help. I will update any information needed more.
On network-node
vi /etc/neutron/l3-agent
interfacedriver=neutron.agent.linux.interface.OVSInterfaceDriver
gateway_external_network_id=x-x-x-x-x
external_interface_bridge=
vi /etc/neutron/pluging/ml2/ml2_conf.ini
[ml2]
type_drivers=flat,vlan,gre,vxlan
tenant_network_types=gre
mechanism_drivers=openvswitch
extension_drivers=port_security
[ml2_type_flat]
flat_networks=external
[ml2_type_gre]
tunnel_id_range=1:1000
[secuirty group]
firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIpatablesFirewallDriver
enable_security_group=true
enable_ipset=true
and network node only have two physical interfaces. one as an internal network with other nodes, and one for external network
vi /etc/network/interfaces
auto p3p1
iface p3p1 inet static
address 10.0.0.2
network 10.0.0.0
broadcast 10.0.0.255
auto wlan0
iface wlan0 inet manual
pre-up wpa_supplicant -D wext -i wlan0 -c /etc/wpa_supplicant.conf -B
up ip link set dev $IFACE up
down up link set dev $IFACE down
post-down killall -q wpa_supplicant
auto br ex
iface br-ex inet dhcp
route
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192.168.0.1 0.0.0.0 UG 0 0 0 br-ex
10.0.0.0 * 255.255.255.0 U 0 0 0 p3p1
192.168.0.0 * 255.255.255.0 U 0 0 0 br-ex
network-node@network-node:~$ sudo iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
neutron-openvswi-PREROUTING all -- anywhere anywhere
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
neutron-openvswi-OUTPUT all -- anywhere anywhere
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
neutron-openvswi-POSTROUTING all -- anywhere anywhere
neutron-postrouting-bottom all -- anywhere anywhere
Chain neutron-openvswi-OUTPUT (1 references)
target prot opt source destination
Chain neutron-openvswi-POSTROUTING (1 references)
target prot opt source destination
Chain neutron-openvswi-PREROUTING (1 references)
target prot opt source destination
Chain neutron-openvswi-float-snat (1 references)
target prot opt source destination
Chain neutron-openvswi-snat (1 references)
target prot opt source destination
neutron-openvswi-float-snat all -- anywhere anywhere
Chain neutron-postrouting-bottom (1 references)
target prot opt source destination
neutron-openvswi-snat all -- anywhere anywhere /* Perform source NAT on outgoing traffic. */
On sidenote, vnc is also not working, thinking ...
