Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Determining remote IP from within VM


When you're inside a VM (KVM in our case) with a floating IP and you receive a connection from a remote machine it always appears as though the IP address is the default gateway of the VM regardless of where the connection is coming from.

For example.

A VM is launched and is given a floating IP.


You ssh to that VM from a completely different network with a machine with the IP

On the VM you run tcpdump.

root@i-000004f7:~# tcpdump tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 16:14:51.076673 IP i-000004f7.novalocal.ssh > 16:14:51.077239 IP i-000004f7.novalocal.56502 > 53009+ PTR? (39) 16:14:51.077667 IP > i-000004f7.novalocal.ssh 16:14:51.083420 IP > i-000004f7.novalocal.56502: 53009 NXDomain* 0/0/0 (39) 16:14:51.083565 IP i-000004f7.novalocal.48465 > 26532+ PTR? (39) 16:14:51.083942 IP > i-000004f7.novalocal.48465: 26532* 1/0/0 PTR i-000004f7.novalocal. (73) 16:14:51.086649 IP i-000004f7.novalocal.ssh > 16:14:51.087937 IP > i-000004f7.novalocal.ssh 16:14:51.096715 IP i-000004f7.novalocal.ssh > 16:14:51.097941 IP > i-000004f7.novalocal.ssh

tcpdump is showing the ssh connection you've made from So even though you're connecting from the remote address appears to be

Is there a way with OpenStack to determine the remote IP address from within the VM (in Cactus or a future release)?

If not, could it be done manually such that it wouldn't interfere with the iptables rules that OpenStack creates?

BTW, we're using OpenStack Cactus and VLANManager.

Thanks, Everett