It seems Compute node is not able to reach the Instance via its tap interface. Thanks

Security Groups are fine, instances do have an IP address assigned with an IP from the external network. the packet reaches the Compute Node's NIC but not on the Instance's Tap interface. Thanks

i followed the article for vlan tagging on the server side. (

So thats why br-ex.14 was created. is it required if i have to connect my VMs on external network of segmentation id 14.

The installation was done via RDO packstack and OVS bridge br-ex was created with a NIC(eth1) on the compute node as a port to the OVS Bridge.

Any step that i am missing over here, or any direction you would like to point me in.

Have already gone through ( but didnt work out.

Please suggest, would really appreciate.

Thanks in advance.

Hi Bernd, Greetings!! Really appreciate your response.

The Physical network name I decided is "vlan" and have checked the correct bridge mapping in

/etc/neutron/plugins/ml2/openvswitch_agent.ini bridge_mappings =vlan:br-ex

I have also updated the command as above, but still not successful

2016-11-18 09:18:44 -0600 asked a question Openstack Neutron VLan Networking Issue

I am facing Neutron Vlan networking issue in Openstack Mitaka, that is am not able to make my instance reachable from my physical vlan network after attaching them directly to the vlan network i created in Openstack with the segmentation id of my physical vlan network.

2 Node setup :- 1 compute node + 1 compute/controller/network node Separate NICs for Management(eth0) & Overlay/Instance Traffic(eth1, br-ex OVS bridge mapped)

Here are the steps i followed:-

a) Physical Switch Trunk mode configuration done on switch port to which NIC on Compute/Network node is connected for Instance/Overlay traffic. It allows vlan 14 to flow.

b) ifcfg-br-ex.14 created on both nodes to allow vlan 14 tagged traffic

c) ml2_conf.ini on Network/Controller node

type_drivers = vlan,gre
tenant_network_types = vlan,gre
mechanism_drivers =openvswitch
path_mtu = 0

network_vlan_ranges =vlan:14:14


firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
enable_security_group = True

d) openvswitch_agent.ini on both nodes


integration_bridge = br-int
tunnel_bridge = br-tun
bridge_mappings =vlan:br-ex


firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

e) Create network

neutron net-create vlan_X --shared --provider:network_type vlan --provider:segmentation_id 14 --provider:physical_network vlan ­­router:external

f) Create Subnet

neutron subnet-create --name subnet_X --gateway 172.29.X.1 --disable-dhcp --allocation-pool start=172.29.X.250,end=172.29.X.253 vlan_X 172.29.X.0/24 --dns-nameserver 172.29.X.2 --host_routes type=dict list=true destination=,nexthop=172.29.X.1

Note:Some IP details hidden

h) After which i launch an instance on vlan_X, it is not reachable from my external vlan network.

Any step i am missing? Please suggest, it will really help me.

Please let know for more info.

2016-11-09 23:19:12 -0600 answered a question Ping issue in flat networking / two nodes / icehouse

What type of Network are you creating? is it vlan? if it is vlan then you need to ensure that vlan segmentation id is recognized with a subnet on the physical switch to which both the Controller and the compute is connected, so that the vlan traffic is allowed to flow on the switch

2016-09-26 01:50:58 -0600 answered a question glance image-create return fail:500 Internal Server Error

It seems that you may be using CEPH as a backend for Glance...There are some basic requirements for this, make sure that you have set proper permissions in the CEPH keyring. please validate your settings using the below articles:- ( (

2016-09-26 00:59:49 -0600 answered a question Need a Help..Please help me on below installation error

You will have to troubleshoot rabbitmq-server service individually before running the packstack again..Check if you have set CONFIG_AMQP_ENABLE_SSL=n, otherwise sometimes it is found after enabling AMQP SSL it is required to modify the default port for SSL in /etc/rabbitmq/rabbitmq.config, as it also tries to listen on 5672.

You can also tail /var/log/rabbitmq/<>.log while starting the rabbitmq-server service for any more informtion.

Regards, Rishi

2016-05-05 10:03:37 -0600 asked a question Need help on using Openstack Swift on Windows compatible client!! Any document that i can follow for using object storage clients like cyberduck, cloudberry for openstack etc.???

I am able to authenticate using swift client, but i need to find a way through which i can connect swift object storage using any windows client. If there is any documentation or working steps please point me in the right direction:-

[root@stack ~]# swift stat -v StorageURL: http://controller:8080/v1/AUTH_ccecafa8cf6540569733415a2cba3c44 (http://controller:8080/v1/AUTH_ccecaf...) Auth Token: 4434ef77b5944fe6b114f3ba8917041f Account: AUTH_ccecafa8cf6540569733415a2cba3c44 Containers: 3 Objects: 2 Bytes: 212 Containers in policy "policy-0": 3
Objects in policy "policy-0": 2 Bytes in policy "policy-0": 212 X-Account-Project-Domain-Id: default X-Timestamp: 1461569024.20409 X-Trans-Id: tx1c3f79cffd5141ddab351-00572b4c56 Content-Type: text/plain; charset=utf-8 Accept-Ranges: bytes

The error that i am getting using cloudberry explorer for openstack is :- The underlying connection was closed: An unexpected error occurred on a send.

The error that i am getting using cyberduck is :- AuthenticationRequired 407

[root@stacktest01 ~]# swift auth -v
export OS_AUTH_URL=http://172.##.##.###:35357/v3
export OS_PASSWORD=redh
export OS_PROJECT_DOMAIN_ID=default
export OS_PROJECT_NAME=admin
export OS_TENANT_NAME=admin
export OS_USER_DOMAIN_ID=default
export OS_USERNAME=admin

Please guide me in the right direction, it will be much appreciated.

Thanks in advance. :)