Ask Your Question

mac80211's profile - activity

2019-04-17 13:24:47 -0500 received badge  Notable Question (source)
2019-04-12 11:31:51 -0500 received badge  Popular Question (source)
2019-04-02 21:36:00 -0500 answered a question Cannot ping router on provider network from controller node

Looks like I completely forgot about Layer 2 in this instance. I accidently hadn't set my VirtualBox interfaces to promiscuous mode. That way, essentially all traffic not directly directed to the controller (or compute node, respectively) interfaces got filtered.

Once I enabled permiscious mode for all interfaces, things magically started working.

2019-04-02 09:52:52 -0500 asked a question Cannot ping router on provider network from controller node

Hello everyone,

I am currently setting up a private OpenStack instance following the official installation guide. Unfortunately, it appears that I got stuck at properly configuring networking. I am aiming to have both a provider network as well as an internal network for self-service for instances. I might add that I am setting this up for learning purposes only - this is not something meant for production (considering that I am new to OpenStack in general, this would be insanity).

I have created one provider and one self-service network already, plus a router connecting both of them. Sadly, I am not able to ping neither the router nor the instances on the provider network (I have added a rule allowing ICMP packets to the 'default' security group already).

My configuration is as follows:

  • Management network: 10.0.0.0/24 (with 10.0.0.1 as gateway, enp0s3)
  • Provider network: 10.0.1.0/24 (with 10.0.1.1 as gateway, enp0s8)
  • 2 virtual machines: controller + compute, with 2 NICs each (1x management network, 1x provider network)
  • Controller node: 10.0.0.10 (management network), UP interface without IP (provider network)
  • Compute node: 10.0.0.20 (management network), UP Interface without IP (provider network)
  • OpenStack Rocky, running on Ubuntu 18.04.2 LTS
  • IPv4 packet forwarding is enabled on all VMs and the host machine
  • Both provider and management networks have internet access via NAT (using iptables) on the host machine

I have created the provider network and the self-service network, including the router, like this (following the installation guide 1:1):

openstack network create  --share --external --provider-physical-network provider --provider-network-type flat provider

openstack subnet create --network provider --allocation-pool start=10.0.1.2,end=10.0.1.254 --dns-nameserver 1.1.1.1 --gateway 10.0.1.1 --subnet-range 10.0.1.0/24 provider

openstack network create selfservice

openstack subnet create --network selfservice --dns-nameserver 1.1.1.1 --gateway 10.0.3.1 --subnet-range 10.0.3.0/24 selfservice

openstack router create router

openstack router add subnet router selfservice

openstack router set router --external-gateway provider

Both networks as well as the router appear to have been created successfully. Following the "Verify Operation" section in the guide, the appropriate network namespaces have been created.

root@controller:~# ip netns
qrouter-a4b91aae-4904-4391-9fc8-20affb512460 (id: 2)
qdhcp-0b0bc563-8554-4171-b321-751c9f957d23 (id: 1)
qdhcp-b7852a56-9c5d-4682-b65b-33cea1f47593 (id: 0)

Both subnets look fine to me, too:

root@controller:~# openstack subnet list
+--------------------------------------+-------------+--------------------------------------+-------------+
| ID                                   | Name        | Network                              | Subnet      |
+--------------------------------------+-------------+--------------------------------------+-------------+
| 3069f54e-6dc5-4cbf-bf87-ddf8939fe37c | selfservice | 0b0bc563-8554-4171-b321-751c9f957d23 | 10.0.3.0/24 |
| 30e0627d-e6e8-402d-8d47-27b2011f291c | provider    | b7852a56-9c5d-4682-b65b-33cea1f47593 | 10.0.1.0/24 |
+--------------------------------------+-------------+--------------------------------------+-------------+

The router I created has IP addresses assigned for both subnets:

root@controller:~# openstack port list --router router
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------+--------+
| ID                                   | Name | MAC Address       | Fixed IP Addresses                                                       | Status |
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------+--------+
| 79dc1dfd-fe84-4004-a32b-e736622f56b6 |      | fa:16:3e:b9:a5:cf | ip_address='10.0.3.1', subnet_id='3069f54e-6dc5-4cbf-bf87-ddf8939fe37c'  | ACTIVE |
| f7ec37be-fb71-42e8-b80d-2f8557e149d7 |      | fa:16:3e:0d:af:a3 | ip_address='10.0.1.22', subnet_id='30e0627d-e6e8-402d-8d47-27b2011f291c' | ACTIVE |
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------+--------+

However, as soon as I am trying to ping the router's provider network IP, things take a turn.

root@controller:~# ping -c ...
(more)
2019-04-02 09:52:51 -0500 asked a question Cannot ping router on provider network from controller node

Hello everyone,

I am currently setting up a private OpenStack instance following the official installation guide (https://docs.openstack.org/install-guide/ (https://docs.openstack.org/install-gu...)). Unfortunately, it appears that I got stuck at properly configuring networking. I am aiming to have both a provider network as well as an internal network for self-service for instances. I might add that I am setting this up for learning purposes only - this is not something meant for production (considering that I am new to OpenStack in general, this would be insanity).

I have created one provider and one self-service network already, plus a router connecting both of them. Sadly, I am not able to ping neither the router nor the instances on the provider network (I have added a rule allowing ICMP packets to the 'default' security group already).

My configuration is as follows:

  • Management network: 10.0.0.0/24 (with 10.0.0.1 as gateway, enp0s3)
  • Provider network: 10.0.1.0/24 (with 10.0.1.1 as gateway, enp0s8)
  • 2 virtual machines: controller + compute, with 2 NICs each (1x management network, 1x provider network)
  • Controller node: 10.0.0.10 (management network), UP interface without IP (provider network)
  • Compute node: 10.0.0.20 (management network), UP Interface without IP (provider network)
  • OpenStack Rocky, running on Ubuntu 18.04.2 LTS
  • IPv4 packet forwarding is enabled on all VMs and the host machine
  • Both provider and management networks have internet access via NAT (using iptables) on the host machine

I have created the provider network and the self-service network, including the router, like this (following the installation guide 1:1):

openstack network create  --share --external --provider-physical-network provider --provider-network-type flat provider

openstack subnet create --network provider --allocation-pool start=10.0.1.2,end=10.0.1.254 --dns-nameserver 1.1.1.1 --gateway 10.0.1.1 --subnet-range 10.0.1.0/24 provider

openstack network create selfservice

openstack subnet create --network selfservice --dns-nameserver 1.1.1.1 --gateway 10.0.3.1 --subnet-range 10.0.3.0/24 selfservice

openstack router create router

openstack router add subnet router selfservice

openstack router set router --external-gateway provider

Both networks as well as the router appear to have been created successfully. Following the "Verify Operation" section in the guide, the appropriate network namespaces have been created.

root@controller:~# ip netns
qrouter-a4b91aae-4904-4391-9fc8-20affb512460 (id: 2)
qdhcp-0b0bc563-8554-4171-b321-751c9f957d23 (id: 1)
qdhcp-b7852a56-9c5d-4682-b65b-33cea1f47593 (id: 0)

Both subnets look fine to me, too:

root@controller:~# openstack subnet list
+--------------------------------------+-------------+--------------------------------------+-------------+
| ID                                   | Name        | Network                              | Subnet      |
+--------------------------------------+-------------+--------------------------------------+-------------+
| 3069f54e-6dc5-4cbf-bf87-ddf8939fe37c | selfservice | 0b0bc563-8554-4171-b321-751c9f957d23 | 10.0.3.0/24 |
| 30e0627d-e6e8-402d-8d47-27b2011f291c | provider    | b7852a56-9c5d-4682-b65b-33cea1f47593 | 10.0.1.0/24 |
+--------------------------------------+-------------+--------------------------------------+-------------+

The router I created has IP addresses assigned for both subnets:

root@controller:~# openstack port list --router router
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------+--------+
| ID                                   | Name | MAC Address       | Fixed IP Addresses                                                       | Status |
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------+--------+
| 79dc1dfd-fe84-4004-a32b-e736622f56b6 |      | fa:16:3e:b9:a5:cf | ip_address='10.0.3.1', subnet_id='3069f54e-6dc5-4cbf-bf87-ddf8939fe37c'  | ACTIVE |
| f7ec37be-fb71-42e8-b80d-2f8557e149d7 |      | fa:16:3e:0d:af:a3 | ip_address='10.0.1.22', subnet_id='30e0627d-e6e8-402d-8d47-27b2011f291c' | ACTIVE |
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------+--------+

However, as soon as I am trying to ping the router's provider ... (more)