Hi Kyle,
ALL tcp, udp, icmp, ssh rules set using horizon access security link and using
manages rules for secirity group.
I am able to ssh into the instance. using key pair.
Regards
Neelu
On Monday, 29 December 2014 9:23 PM, Kyle R <[email protected]> wrote:
What do your security rules look like for that project/tenant?
On Mon, Dec 29, 2014 at 9:51 AM, somshekar kadam <[email protected]> wrote:
Hello All,
I have openstack instance able to ping compute/controller and other hosts in
the network.
Not able to ping google.com
My external network is 10.10.126.xx
able to ping 10.10.126.1 gateway
able to ping host controller 10.10.126.62 which also nova compute
able to ping other hosts 10.10.126.54 and other machines in network.
able to ping br100 and virbr0
enabled /etc/sysctl.conf to contain the following:net.ipv4.ip_forward=1and also
enabled masquerading in the iptablesiptables -t nat -A POSTROUTING -o eth0 -j
MASQUERADE
internal IP of instance is 10.4.128.2 and floating IP assigned is 10.10.126.129
On instance route command
[root@newtry fedora]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.4.128.3 0.0.0.0 UG 0 0 0 eth0
10.4.128.0 0.0.0.0 255.255.240.0 U 0 0 0 eth0
[root@newtry fedora]#
on the controller machine
stack@celestial-PC-1:~$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0
10.4.128.0 0.0.0.0 255.255.240.0 U 0 0 0 br100
10.10.126.0 0.0.0.0 255.255.255.0 U 0 0 0 br100
192.168.1.0 0.0.0.0 255.255.255.0 U 9 0 0 wlan0
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
stack@celestial-PC-1:~$
on instance
[root@newtry fedora]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group
default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
group default qlen 1000
link/ether fa:16:3e:20:e6:e5 brd ff:ff:ff:ff:ff:ff
inet 10.4.128.2/20 brd 10.4.143.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:fe20:e6e5/64 scope link
valid_lft forever preferred_lft forever
[root@newtry fedora]#
what is missing not able to ping google.com from instance
please help on this with your valuable suggestions
thanks in advance
Regards
Neelu
_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : [email protected]
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : [email protected]
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
