Openstack in a box: (d)nat problem
Hi all,
I'm trying to perform an installation of openstack in a single box. Everything went fine except Neutron's setup.
I'm building a GRE network ad I've been able so far to create a public external router ad a router for my admin tenants. I'm able to deploy vms in my admin network and they can ping each other and ping the gateway. The problem comes when accessing to the internet.
If i send some ping from a vm to an external ip I can see the packets going out the tenant's network, being snatted, going out as echo request and getting back as echo reply on external interface. But they don't get back to the machine that originated them.
If I try to ping the machine from outside the packets stop on the external interface even if a proper dnat rule has been put in place by the floating ip mechanism.
Iptables rules generated in the namespace seem fine. In the security group I just put rules to allow everything, but I still have this sort of dnat problem.
Any help?
Question information
- Language:
- English Edit question
- Status:
- Expired
- For:
- neutron Edit question
- Assignee:
- No assignee Edit question
- Last query:
- Last reply: