On Fri, 2012-09-28 at 09:43 -0700, Vishvananda Ishaya wrote: > On Sep 28, 2012, at 6:58 AM, Jon Thomas <[email protected]> wrote: > > > This appears to be fixed with > > > > iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE > > > > so basically set up nat on the outbound interface. I guess nova-network > > doesn't set this up? > > No, nova does not set up masquerade; It uses snatting. If you have more than > one interface, it probably is using the wrong ip for snatting. > > Instead of the masquerade, you probably just need > routing_source_ip=<ip_on_wlan_interface> > > In your nova.conf file > > and restart nova-network > Thanks. routing_source_ip wasn't set and so the rule was using 127.0.0.1. However, I changed routing_source_ip to the wlan ip and it still didn't work. But this is where it gets strange. Here's the snat rule after starting up nova-network with routing_source_ip=<ip_on_wlan_interface>
Chain nova-network-snat (1 references) target prot opt source destination nova-network-float-snat all -- anywhere anywhere SNAT all -- network/24 anywhere to:192.168.1.3 Now I do a iptables -t nat -A nova-network-snat -s 10.0.1.0/24 -j SNAT --to-source 192.168.1.3 and ping then works! nova-network-snat is Chain nova-network-snat (1 references) target prot opt source destination nova-network-float-snat all -- anywhere anywhere SNAT all -- network/24 anywhere to:192.168.1.3 SNAT all -- network/24 anywhere to:192.168.1.3 So for some reason, the rule created by nova-network has no affect, but the manually created created later rule does. > Vish _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : [email protected] Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
