Problem solved. In this test/lab cloud, we're using vmware to host the network node. Putting the esx's virtual switch in promiscuous mode did the trick.
On Tue, May 5, 2015 at 3:54 PM, Gustavo Randich <gustavo.rand...@gmail.com> wrote: > Hi everybody, > > I've just configuerd DVR in Kilo. Everything is fine, except that > instances with no floating-ip cannot reach external network. > > NETWORKS > neutron net-create ext-net1 --router:external --provider:physical_network > external --provider:network_type flat > neutron subnet-create ext-net1 10.180.0.0/16 --name ext-subnet1 > --allocation-pool start=10.180.100.1,end=10.180.100.100 --disable-dhcp > --gateway 10.180.255.254 > neutron net-create demo-net > neutron subnet-create demo-net 10.0.1.0/24 --name demo-subnet > --gateway 10.0.1.1 > neutron router-create demo-router > neutron router-interface-add demo-router demo-subnet > neutron router-gateway-set demo-router ext-net1 > > I suspect the cause of the problem is that the SNAT namespace in my > Network Node cannot reach the external network's gateway. Should the SNAT > namespace in Network Node "see" the external network gateway via de "qg" > interface? E.g.: > > # ip netns exec snat-e6284aff-67eb-4c0b-9983-b7c9e0a0cbbc ping -I > qg-fcdb6430-0c 10.180.255.254 > ... > 2 packets transmitted, 0 received, 100% packet loss, time 1007ms > > I can see the ARP request on the network node's physical interface, but no > reply. > > # tcpdump -envi eth0 arp or icmp > 14:09:29.500350 fa:16:3e:3b:d2:67 > ff:ff:ff:ff:ff:ff, ethertype ARP > (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has > 10.180.255.254 tell 10.180.100.1, length 28 > 14:09:30.500494 fa:16:3e:3b:d2:67 > ff:ff:ff:ff:ff:ff, ethertype ARP > (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has > 10.180.255.254 tell 10.180.100.1, length 28 > ... > (NO REPLY) > > Thanks! > > > NETWORK NODE SNAT NAMESPACE > # ip netns exec snat-e6284aff-67eb-4c0b-9983-b7c9e0a0cbbc ip a > ... > 9: sg-f7ee7649-81: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc > noqueue state UNKNOWN group default > link/ether fa:16:3e:0e:2d:37 brd ff:ff:ff:ff:ff:ff > inet 10.0.1.3/24 brd 10.0.1.255 scope global sg-f7ee7649-81 > valid_lft forever preferred_lft forever > inet6 fe80::f816:3eff:fe0e:2d37/64 scope link > valid_lft forever preferred_lft forever > 10: qg-fcdb6430-0c: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc > noqueue state UNKNOWN group default > link/ether fa:16:3e:3b:d2:67 brd ff:ff:ff:ff:ff:ff > inet 10.180.100.1/16 brd 10.180.255.255 scope global qg-fcdb6430-0c > valid_lft forever preferred_lft forever > inet6 fe80::f816:3eff:fe3b:d267/64 scope link > valid_lft forever preferred_lft forever > > # ip netns exec snat-e6284aff-67eb-4c0b-9983-b7c9e0a0cbbc arp -an > ... > ? (10.180.255.254) at <incomplete> on qg-fcdb6430-0c > > > >
_______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
