Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Use floating IP of instances in outgoing packages

Hi all,

in our current cloud setting, we have a separate controller node which serves as a network node, too. The set up is basically done as described in the official installation guide for OpenStack Juno with Open vSwitch, L3, ML2, etc.. The virtual machines (instances) are running on compute nodes with gre tunnels to the network node.

If a TCP connection is established from somewhere in the internet to an VM, its floating IP is used in the IP headers of the sent packages. But when the VM initiates an TCP connection the IP of the network node is used in the IP headers.

Is it possible to always use the floating IP of the VM? If so, how can I configure the services to work as wished?

Regards, Daniel

Use floating IP of instances in outgoing packages

Hi all,

in our current cloud setting, we have a separate controller node which serves as a network node, too. The set up is basically done as described in the official installation guide for OpenStack Juno with Open vSwitch, L3, ML2, etc.. The virtual machines (instances) are running on compute nodes with gre tunnels to the network node.

If a TCP connection is established from somewhere in the internet to an VM, its floating IP is used in the IP headers of the sent packages. But when the VM initiates an TCP connection the IP of the network node is used in the IP headers.

Is it possible to always use the floating IP of the VM? If so, how can I configure the services to work as wished?

Regards, Update:

If I run iptables-save on the network node, I see the following nat rule:

-A POSTROUTING -o external-network-interface -j MASQUERADE

If I understand this rule correctly, the floating IPs of all messages leaving the computer via the external network interface are replaced by the IP of the network node. How can this individual rule be dropped without changing any other rule?

How can I configure neutron or any other service such that this rule does not occur any more?

Regards,

Daniel