Hi,
I am building an openstack all-in-one environment in a CentOS7.4 machine. For
some reason I have only one network interface(eth0) and one ip address, so I
created a linux bridge(br0), and forwarded datas to eth0 using iptables command:
iptables -t nat -A POSTROUTING -s {bridge virtual ip} -j SNAT --to {eth0 ip}
But it seems not work.
When I ping to 8.8.8.8 from br0 and run tcpdump, I can see that datas can be
forwared to eth0 and be sent to 8.8.8.8, but when datas are sent back to eth0,
they can not be forwarded to br0.
Ip forwarding, net.bridge.bridge-nf-call-iptables and
net.bridge.bridge-nf-call-ip6tablesare set to 1.
If I close security group by setting securitygroup = false, this rule works
fine, but if I use iptables -F instead, the rule is not work. Does the
securitygroup have a magic to trap iptables?
BR
Don_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
