Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Unable to Connect Instance to External Network

Im getting into OpenStack, but cannot figure out, why i can't connect my vm to an external network. Infos: What i have done:

External Network: 172.16.64.0/23

Internal Network: 192.168.0.0/24

Set up Solaris 11.3 OpenStack Single System UAR. And configured the Networks like this:

# keystone tenant-list
+----------------------------------+---------+---------+
|                id                |   name  | enabled |
+----------------------------------+---------+---------+
| 0382766fea50433d8fc5c4605548231e |   demo  |   True  |
| 8cbae9fd55ba491c8019ace305f07b24 | service |   True  |
+----------------------------------+---------+---------+
# neutron net-create --provider:network_type=vlan --router:external=false --tenant-id 0382766fea50433d8fc5c4605548231e INT
# neutron subnet-create --disable-dhcp --name int_subnet --tenant-id 0382766fea50433d8fc5c4605548231e INT 192.168.0.0/24
# svcadm enable ipfilter
# ipadm set-prop -p forwarding=on ipv4
# evsadm set-controlprop -p vlan-range=1,200-300

# neutron router-create --tenant-id 8cbae9fd55ba491c8019ace305f07b24 gateway_router
# echo "router_id = 58845b01-9f0c-4eff-a327-ba4c0ac6aaec" >> /etc/neutron/l3_agent.ini
# svcadm enable neutron-l3-agent
# neutron net-create --provider:network_type=vlan --tenant-id 8cbae9fd55ba491c8019ace305f07b24 --provider:segmentation_id=1 --router:external=true EXT
# neutron subnet-create --tenant-id 8cbae9fd55ba491c8019ace305f07b24 --disable-dhcp --name ext_subnet EXT 172.16.64.0/23 --gateway_ip 172.16.64.5

# neutron router-gateway-set gateway_router EXT
# neutron router-interface-add gateway_router efcfd2a4-5c2f-48fb-9442-b598806ca484
# neutron floatingip-create --tenant-id 0382766fea50433d8fc5c4605548231e EXT

Everything pretty straight forward. Then i created an instance in the private Network and attached the floating ip of the external network. On the Controller Node, all the vnic's and adresses look good:

# ipadm
NAME              CLASS/TYPE STATE        UNDER      ADDR
l3e625b114d_b_0   ip         ok           --         --
   l3e625b114d_b_0/v4 static ok           --         172.16.64.7/23
   l3e625b114d_b_0/v4a static ok          --         172.16.64.9/32
l3i8988ed47_0_0   ip         ok           --         --
   l3i8988ed47_0_0/v4 static ok           --         192.168.0.1/24
lo0               loopback   ok           --         --
   lo0/v4         static     ok           --         127.0.0.1/8
   lo0/v6         static     ok           --         ::1/128
net0              ip         ok           --         --
   net0/v4        static     ok           --         172.16.65.249/23
   net0/v6        addrconf   ok           --         fe80::250:56ff:fe02:2170/10
root@OpenStack:~# dladm show-vnic
LINK            OVER           SPEED  MACADDRESS        MACADDRTYPE IDS
l3i8988ed47_0_0 l3stub0        40000  fa:16:3e:16:7a:8f fixed       VID:200
l3e625b114d_b_0 net0           1000   fa:16:3e:a5:34:e8 fixed       VID:0
instance-00000001/net0 l3stub0 40000  fa:16:3e:bc:45:22 fixed       VID:200

Nat is enabled:

# ipnat -l
List of active MAP/Redirect filters:
rdr l3i8988ed47_0_0 169.254.169.254/32 port 80 -> 192.168.0.1 port 9697 tcp
map l3e625b114d_b_0 192.168.0.0/24 -> 172.16.64.7/32
bimap l3e625b114d_b_0 192.168.0.2/32 -> 172.16.64.9/32

But i cannot ping the vm from outside, or ping any resources on the external network from the vm. Did i miss something?

Any help would be appreciated.