Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Neutron Internal DNS

I tried to get Neutron's internal DNS running but have some problems. I made two changes in the Neutron configuration as described in http://docs.openstack.org/mitaka/networking-guide/config-dns-int.html

neutron.conf: dns_domain = example.org.

ml2_conf.ini [ml2] extension_drivers = port_security,dns

I seemed to have connectivity problems to newly created VMs, therefore I removed the port_security extension and it worked again. Is port_security somehow related to dns?

To test the functionality, I created a network, subnet and router and tracked the contents to the respective dnsmasq hosts file:

fa:16:3e:d8:c4:13,host-192-168-102-2.example.org.,192.168.102.2
fa:16:3e:db:e4:a9,host-192-168-102-3.example.org.,192.168.102.3
fa:16:3e:df:55:19,host-192-168-102-1.example.org.,192.168.102.1

This looks alright to me. The three hosts represent two dns servers and the default gateway. Then I added an instance vie Horizon, found the corresponding neutron port and looked at the details:

+-----------------------+------------------------------------------------------------------------------------------------+
| Field                 | Value                                                                                          |
+-----------------------+------------------------------------------------------------------------------------------------+
| admin_state_up        | True                                                                                           |
| allowed_address_pairs |                                                                                                |
| binding:vnic_type     | normal                                                                                         |
| created_at            | 2017-01-28T14:13:23                                                                            |
| description           |                                                                                                |
| device_id             | fa852010-61ff-4b92-b404-2c09c7da9c06                                                           |
| device_owner          | compute:zone00                                                                                 |
| dns_assignment        | {"hostname": "dnstest-2", "ip_address": "192.168.102.5", "fqdn": "dnstest-2.example.org."} |
| dns_name              | dnstest-2                                                                                      |
| extra_dhcp_opts       |                                                                                                |
| fixed_ips             | {"subnet_id": "12a7b5d1-3e6b-4b59-8c56-dd7825cd4f48", "ip_address": "192.168.102.5"}           |
| id                    | 3e2352e9-27ce-4d34-a50f-5808e2477ce2                                                           |
| mac_address           | fa:16:3e:ae:00:1c                                                                              |
| name                  |                                                                                                |
| network_id            | 3b823d53-be85-418e-8b88-cad8217360ab                                                           |
| security_groups       | 35b2fb2e-b539-4338-998e-5289750580b2                                                           |
| status                | ACTIVE                                                                                         |
| tenant_id             | 70e60cbf343d486d944534025f824f76                                                               |
| updated_at            | 2017-01-28T14:13:39                                                                            |
+-----------------------+------------------------------------------------------------------------------------------------+

The port shows everthing as expected: dnstest-2.example.org but DNSmasq's hosts file was extended by this line:

fa:16:3e:ae:00:1c,host-192-168-102-5.openstacklocal,192.168.102.5

The hostname is "host-192-168-102-5" instead of "dnstest-2" and the domain is "openstacklocal" instead of "example.org.". Why does it seem to be working for stuff created on the network nodes but not for instances?

cheers Mathias