Hi all; again. :-)
Sorry. Still having issues with this. It comes down to the public port on
the router I think...
Following the Liberty install instructions. Setting up a public / private
net with router.
Still trying to get my private to public net router working. Can't seem to
get floating IPs to work. Am able to ping the router from the private
space. Both public and private ports work. There seems to be something
wrong with the router's public port as it is DOWN.
Had thought it might be a security issue, but security is off for both
public and private ports. And the private one works just fine. Perhaps I
should create a VM on the public network and somehow force the router to
use it's working port?
How can I diagnose this.
Thanks;
-Chris
Details.....
[sleestack@maersk src]$ neutron router-port-list router
+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
| id | name | mac_address |
fixed_ips
|
+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
| 145e2d39-75ff-452d-b840-bb355528f865 | | fa:16:3e:66:02:f2 |
{"subnet_id": "9bc41a73-6863-476f-8b1a-5317dfc1fcdd", "ip_address":
"192.168.10.1"} |
| 688e344c-448a-4279-9e68-0653017c856f | | fa:16:3e:1b:b2:75 |
{"subnet_id": "fdf2bf4b-e0ef-4843-85a2-e88f9aa674b5", "ip_address":
"172.22.10.11"} |
+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
[sleestack@maersk src]$ neutron port-show
688e344c-448a-4279-9e68-0653017c856f
+-----------------------+--------------------------------------------------------------------------------------------------------------+
| Field |
Value
|
+-----------------------+--------------------------------------------------------------------------------------------------------------+
| admin_state_up |
True
|
| allowed_address_pairs
|
|
| binding:host_id |
maersk
|
| binding:profile |
{}
|
| binding:vif_details | {"port_filter":
true}
|
| binding:vif_type |
bridge
|
| binding:vnic_type |
normal
|
| device_id |
c6d5a6a9-e0b6-419d-adf6-3647410550bf
|
| device_owner |
network:router_gateway
|
| dns_assignment | {"hostname": "host-172-22-10-11", "ip_address":
"172.22.10.11", "fqdn": "host-172-22-10-11.openstacklocal."} |
| dns_name
|
|
| extra_dhcp_opts
|
|
| fixed_ips | {"subnet_id":
"fdf2bf4b-e0ef-4843-85a2-e88f9aa674b5", "ip_address":
"172.22.10.11"} |
| id |
688e344c-448a-4279-9e68-0653017c856f
|
| mac_address |
fa:16:3e:1b:b2:75
|
| name
|
|
| network_id |
43f09f04-c7ca-4df9-bc74-516dd134313f
|
| port_security_enabled |
False
|
| security_groups
|
|
| status |
DOWN
|
| tenant_id
|
|
+-----------------------+--------------------------------------------------------------------------------------------------------------+
But the Private one works and it has no security either. Hmmm
[sleestack@maersk src]$ neutron port-show
145e2d39-75ff-452d-b840-bb355528f865
+-----------------------+--------------------------------------------------------------------------------------------------------------+
| Field |
Value
|
+-----------------------+--------------------------------------------------------------------------------------------------------------+
| admin_state_up |
True
|
| allowed_address_pairs
|
|
| binding:host_id |
maersk
|
| binding:profile |
{}
|
| binding:vif_details | {"port_filter":
true}
|
| binding:vif_type |
bridge
|
| binding:vnic_type |
normal
|
| device_id |
c6d5a6a9-e0b6-419d-adf6-3647410550bf
|
| device_owner |
network:router_interface
|
| dns_assignment | {"hostname": "host-192-168-10-1", "ip_address":
"192.168.10.1", "fqdn": "host-192-168-10-1.openstacklocal."} |
| dns_name
|
|
| extra_dhcp_opts
|
|
| fixed_ips | {"subnet_id":
"9bc41a73-6863-476f-8b1a-5317dfc1fcdd", "ip_address":
"192.168.10.1"} |
| id |
145e2d39-75ff-452d-b840-bb355528f865
|
| mac_address |
fa:16:3e:66:02:f2
|
| name
|
|
| network_id |
f1309195-e346-4748-b223-d2875204cab8
|
| port_security_enabled |
False
|
| security_groups
|
|
| status |
ACTIVE
|
| tenant_id |
7813be77b1de4196b1c6b77006afa21c
|
+-----------------------+--------------------------------------------------------------------------------------------------------------+
[sleestack@maersk src]$ neutron port-update --security-group
a76c3568-7f0c-4e57-903b-669f6911eb0d \
> 688e344c-448a-4279-9e68-0653017c856f
Port security must be enabled and port must have an IP address in order to
use security groups.
- Christopher T. Hull
333 Orchard Ave, Sunnyvale CA. 94085
(415) 385 4865
[email protected]
http://chrishull.com
_______________________________________________
OpenStack-operators mailing list
[email protected]
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
