Hi Boris, There must be something misconfigured in your setup. Nova network shouldn't be snatting for other vms. Are your machines outside the cloud also in the 10/8 range? if so you should change the setting for fixed_range to something smaller so it doesn't snat for your other machines. For example, in your conf file, you could use:
fixed_range = 10.0.0.0/16 and then make sure that your external machines are in the 10.1.0.0/16 range so they don't conflict. Vish On Jul 18, 2012, at 8:25 AM, Boris-Michel Deschenes wrote: > Hi guys, > > I have a question regarding NAT in openstack > > I have an openstack cloud (FlatDHCP, multi_host=false) with one nova-network > node doing the nating. > > I have noticed that when I ping an external machine from within a VM, on the > receiving end I see the IP of the VM (so the outgoing SNAT works properly). > I have also noticed that when I ping a VM inside the cloud from a machine > outside, the VM sees the external IP of the nova-network node as the source > of the ping and not the real IP of the “pinger”… (this is the problem for > me). > > I looked at the nova-network machine’s iptables and I see this: > > -A nova-network-snat -s 10.0.0.0/8 -j SNAT --to-source 10.129.40.12 > > So it’s basically setting the nova-network node as the source IP for all > incoming traffic, in my situation, this prevents an application running > inside the cloud to properly identifies the server located outside, > currently, the only peer it sees is the nova-network node and not the IP of > the server (located outside the cloud) so my application tries to connect to > nova-network instead of the server that initiated the connection. > > Would it be possible to have SNAT work in a way where, when connecting to a > VM from outside the cloud, the VM sees the source IP as the real source IP > and not the nova-network controller’s ip ? > > Thank you very much > > Boris > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > Post to : [email protected] > Unsubscribe : https://launchpad.net/~openstack > More help : https://help.launchpad.net/ListHelp
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : [email protected] Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
