Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

routing between LAN and WAN interface is not working openstack VNF instance

Hi Openstack experts,

I have installed the master branch of Openstack (devstack) all in one machine configuration in Ubuntu 14.04 LTS. I am creating VM instance (VNF) in openstack that needs to provide the firewall and NAT service to my VM/host clients and the VM will have 2 interfaces LAN and WAN. I am using the openWRT VM. The VM instance is created with LAN interface using br-mgmt interface (192.168.120.1) and WAN interface is created with net0 interface (10.10.0.1). I was able to bring the openWRT VM with LAN with IP 192.160.120.5 and WAN with IP 10.10.0.5. If I ping the WAN IP(10.10.0.5) from ubuntu Host machine, ICMP requests are reaching LAN interface in openWRT VM and ICMP reply is not generated. So ping is failed with host is unreachable. Also I tried to ping the 10.10.0.1 also from host machine and this is LAN side IP of openstack router that is pointed to openWRT VM. I was thinking that lan to wan routing is working if the reply comes for this ip(10.10.0.1) from openWRT VM. The setup I am trying is something like this

->(LAN-192.168.120.5)OpenWRT VM(WAN-10.10.0.5)->(LAN-10.10.0.1)Openstack Router(WAN-External)->(outside world)

I tried to masquerading to WAN port as well in the OpenWRT VM. the routing is not working.

Then I throught it might be due to some issue in openWRT. So I tried the install the Ubuntu VM with 2 interfaces (LAN and WAN) and tried to make this as the router by setting ip_forward flag and masquerading. When I ping the 10.10.0.5 IP from ubuntu host machine, ICMP requests are coming to LAN interface of Ubuntu VM and I am seeing ICMP reply as well generated but the host is not seeing the ICMP replies and says it as host is unreachable. If I ping 10.10.0.1 IP (openstack router LAN side IP), ICMP requests are coming to ubuntu VM Lan interface and ICMP reply is not generated.

To check this concept, I tried to use the VirtualBox and created the OpenWRT VM with LAN and WAN interfaces. I created another ubuntu VM which will point LAN interface of OpenWRT VM and routing is working perfectly.

I feel that it might be due to some concepts in openstack. I am not sure whether some IP table rules in Ubuntu Host machine are blocking or dropping the packets or openstack doesnt support the instance with 2 interfaces and routing between interfaces. Can somebody from expert group to provide suggestion on how to make it working. It will be great help.

thanks kali