neutron

Openstack in a box: (d)nat problem

Asked by Giuseppe Civitella

Hi all,

I'm trying to perform an installation of openstack in a single box. Everything went fine except Neutron's setup.
I'm building a GRE network ad I've been able so far to create a public external router ad a router for my admin tenants. I'm able to deploy vms in my admin network and they can ping each other and ping the gateway. The problem comes when accessing to the internet.
If i send some ping from a vm to an external ip I can see the packets going out the tenant's network, being snatted, going out as echo request and getting back as echo reply on external interface. But they don't get back to the machine that originated them.
If I try to ping the machine from outside the packets stop on the external interface even if a proper dnat rule has been put in place by the floating ip mechanism.
Iptables rules generated in the namespace seem fine. In the security group I just put rules to allow everything, but I still have this sort of dnat problem.
Any help?

Question information

Language:
English Edit question
Status:
Expired
For:
neutron Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Launchpad Janitor (janitor) said : 		#1

This question was expired because it remained in the 'Open' state without activity for the last 15 days.