[Openstack-operators] Neutron Liberty - Can't ssh or ping thru Floating IP
Hi all;
I think I know what to do in the case of Nova, but with Liberty I installed
Neutron Option 2 networking and I can't seem to get floating IPs to work
properly. I can create and associate, but ca not SSH or PING thru to the
private net.
This is a basic setup via the Openstack instructions. The public net /
subnet seem to work just fine. Can crate a Demo instance on Public and ssh
to it. But can not create a Demo instance on Private, associate floating
IP, and SSH.
Is the floaging IP port itself blocking? Demo instance has all the proper
security groups. Don't think it's the fault of the instance.
Session details
Thanks in advance;
-Chris
source demo-openrc.sh
neutron floatingip-create public
[root@maersk src]# source demo-openrc.sh
[root@maersk src]# neutron floatingip-list
+--+--+-+-+
| id | fixed_ip_address |
floating_ip_address | port_id |
+--+--+-+-+
| 898a3257-a41a-48e5-8922-44939c049643 | |
172.22.10.13| |
+--+--+-+-+
[root@maersk src]# neutron port-list
+--+--+---+-+
| id | name | mac_address |
fixed_ips
|
+--+--+---+-+
| 2e2666c7-4fef-4bc0-8ea5-dc02831a9717 | | fa:16:3e:b6:89:c0 |
{"subnet_id": "6eb927e5-095f-4c8c-bd3c-cb959414", "ip_address":
"192.168.10.1"} |
| b079c4ec-893e-4ec5-a033-f6e9dedde828 | | fa:16:3e:d3:87:7a |
{"subnet_id": "aea716c1-e1e2-430b-85c0-5ec975e3a287", "ip_address":
"172.22.10.11"} |
| eab0e97e-845b-4ed5-8f40-b1d16ccbfa44 | | fa:16:3e:06:64:b4 |
{"subnet_id": "6eb927e5-095f-4c8c-bd3c-cb959414", "ip_address":
"192.168.10.3"} |
| f383c60f-8d99-409c-8510-aeef3640f9bf | | fa:16:3e:f6:b3:c6 |
{"subnet_id": "6eb927e5-095f-4c8c-bd3c-cb959414", "ip_address":
"192.168.10.2"} |
+--+--+---+-+
[root@maersk src]# neutron floatingip-associate 172.22.10.13
eab0e97e-845b-4ed5-8f40-b1d16ccbfa44
Floating IP 172.22.10.13 could not be found
[root@maersk src]# neutron floatingip-associate
898a3257-a41a-48e5-8922-44939c049643 eab0e97e-845b-4ed5-8f40-b1d16ccbfa44
Associated floating IP 898a3257-a41a-48e5-8922-44939c049643
[root@maersk src]# nova list
+--++++-++
| ID | Name | Status |
Task State | Power State | Networks |
+--++++-++
| f21c04d5-d217-493a-89ca-b71361c27d99 | Private Net Float Test | ACTIVE |
- | Running | private=192.168.10.3, 172.22.10.13 |
| c2d8c226-066d-403e-8771-2292d587a6df | test | ACTIVE |
- | Running | public=172.22.10.11|
+--++++-++
[root@maersk src]# ping 172.22.10.13
PING 172.22.10.13 (172.22.10.13) 56(84) bytes of data.
>From 172.22.10.99 icmp_seq=1 Destination Host Unreachable
>From 172.22.10.99 icmp_seq=2 Destination Host Unreachable
>From 172.22.10.99 icmp_seq=3 Destination Host Unreachable
>From 172.22.10.99 icmp_seq=4 Destination Host Unreachable
^C
--- 172.22.10.13 ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 2999ms
pipe 4
[root@maersk src]# ssh 172.22.10.13
ssh: connect to host 172.22.10.13 port 22: No route to host
[root@maersk src]# ssh 172.22.10.11
The authenticity of host '172.22.10.11 (172.22.10.11)' can't be established.
RSA key fingerprint is 1a:54:41:d8:72:6f:53:4c:e2:8f:95:8c:5c:1f:23:f7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.22.10.11' (RSA) to the list of known hosts.
Please login as 'cirros' user, not as root
^CConnection to 172.22.10.11 closed.
- Christopher T. Hull
333 Orchard Ave, Sunnyvale CA. 94085
(415) 385 4865
chrishul...@gmail.com
http://chrishull.com
___
OpenStack-operators mailing list
OpenStack-operators@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
Re: [Openstack-operators] Neutron Liberty - Can't ssh or ping thru Floating IP
A little more basic info on this problem.
I can't ping the router gateway (as defined in the setup instructions). I
can ping and ssh to all other instances on the public net.
Are instances the only things that have security groups associated with
them? I believe I setup Demo to default with ICMP and port 22, as
described.
Could my ATT router (which also provides DHCP, out of range of my public
virtual net) be doing something? It sees at least some of my instances.
-Chris
- Christopher T. Hull
333 Orchard Ave, Sunnyvale CA. 94085
(415) 385 4865
chrishul...@gmail.com
http://chrishull.com
On Sun, Mar 13, 2016 at 11:11 AM, Christopher Hull
wrote:
> Hi all;
> I think I know what to do in the case of Nova, but with Liberty I
> installed Neutron Option 2 networking and I can't seem to get floating IPs
> to work properly. I can create and associate, but ca not SSH or PING thru
> to the private net.
>
> This is a basic setup via the Openstack instructions. The public net /
> subnet seem to work just fine. Can crate a Demo instance on Public and ssh
> to it. But can not create a Demo instance on Private, associate floating
> IP, and SSH.
>
> Is the floaging IP port itself blocking? Demo instance has all the
> proper security groups. Don't think it's the fault of the instance.
>
>
>
> Session details
>
> Thanks in advance;
> -Chris
>
> source demo-openrc.sh
> neutron floatingip-create public
>
> [root@maersk src]# source demo-openrc.sh
> [root@maersk src]# neutron floatingip-list
>
> +--+--+-+-+
> | id | fixed_ip_address |
> floating_ip_address | port_id |
>
> +--+--+-+-+
> | 898a3257-a41a-48e5-8922-44939c049643 | |
> 172.22.10.13| |
>
> +--+--+-+-+
> [root@maersk src]# neutron port-list
>
> +--+--+---+-+
> | id | name | mac_address |
> fixed_ips
> |
>
> +--+--+---+-+
> | 2e2666c7-4fef-4bc0-8ea5-dc02831a9717 | | fa:16:3e:b6:89:c0 |
> {"subnet_id": "6eb927e5-095f-4c8c-bd3c-cb959414", "ip_address":
> "192.168.10.1"} |
> | b079c4ec-893e-4ec5-a033-f6e9dedde828 | | fa:16:3e:d3:87:7a |
> {"subnet_id": "aea716c1-e1e2-430b-85c0-5ec975e3a287", "ip_address":
> "172.22.10.11"} |
> | eab0e97e-845b-4ed5-8f40-b1d16ccbfa44 | | fa:16:3e:06:64:b4 |
> {"subnet_id": "6eb927e5-095f-4c8c-bd3c-cb959414", "ip_address":
> "192.168.10.3"} |
> | f383c60f-8d99-409c-8510-aeef3640f9bf | | fa:16:3e:f6:b3:c6 |
> {"subnet_id": "6eb927e5-095f-4c8c-bd3c-cb959414", "ip_address":
> "192.168.10.2"} |
>
> +--+--+---+-+
> [root@maersk src]# neutron floatingip-associate 172.22.10.13
> eab0e97e-845b-4ed5-8f40-b1d16ccbfa44
> Floating IP 172.22.10.13 could not be found
> [root@maersk src]# neutron floatingip-associate
> 898a3257-a41a-48e5-8922-44939c049643 eab0e97e-845b-4ed5-8f40-b1d16ccbfa44
> Associated floating IP 898a3257-a41a-48e5-8922-44939c049643
> [root@maersk src]# nova list
>
> +--++++-++
> | ID | Name | Status |
> Task State | Power State | Networks |
>
> +--++++-++
> | f21c04d5-d217-493a-89ca-b71361c27d99 | Private Net Float Test | ACTIVE |
> - | Running | private=192.168.10.3, 172.22.10.13 |
> | c2d8c226-066d-403e-8771-2292d587a6df | test | ACTIVE |
> - | Running | public=172.22.10.11|
>
> +--++++-++
> [root@maersk src]# ping 172.22.10.13
> PING 172.22.10.13 (172.22.10.13) 56(84) bytes of data.
> From 172.22.10.99 icmp_seq=1 Destination Host Unreachable
> From 172.22.10.99 icmp_seq=2 Destination Host Unreachable
> From 172.22.10.99 icmp_seq=3 Destination Host Unreachable
> From 172.22.10.99 icmp_seq=4 Destination Host Unreachable
> ^C
> --- 172.22.10.13 ping statistics ---
> 4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 2999ms
> pipe 4
> [root@maersk src]# ssh 172.22.10.13
> ssh: connect to host 172
