Public bug reported:
I found a bug about neutron port forwarding and Detailed operations are as
follows:
first,create a VPC,
1)openstack address scope create my_project_id
2)openstack network create my_network
3)openstack subnet pool create <network id> --address-scope <project id>
--pool-prefix "10.0.114.0/24"
4)openstack subnet create --network <network id> --subnet-pool <subnet pool
id> --subnet-range 10.0.114.0/25 <subnet name>
5)openstack router create my_router
6)openstack router set jidd-router1 --external-gateway <exxternal network id>
--enable-snat
7)openstack router add subnet <router id> <subnet id>
second,create a vm by the network above
And,config floating ip port forwarding.
for example, external ip and port: 10.142.254.158, 8870; internal port:
10.0.99.29,8870
It can not reach form a external ip to 10.142.254.158 using telnet.
Found that, packet is dropped in snat namespace, becase of packet is
marked different labels between qg-xxx interface and sg-xxx interface.
hit rules:
0 0 DROP all -- * sg-4ddcbea1-c6 0.0.0.0/0
0.0.0.0/0 mark match ! 0x4000000/0xffff0000
** Affects: neutron
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1871815
Title:
neutron port forwarding doesn't work
Status in neutron:
New
Bug description:
I found a bug about neutron port forwarding and Detailed operations are as
follows:
first,create a VPC,
1)openstack address scope create my_project_id
2)openstack network create my_network
3)openstack subnet pool create <network id> --address-scope <project id>
--pool-prefix "10.0.114.0/24"
4)openstack subnet create --network <network id> --subnet-pool <subnet pool
id> --subnet-range 10.0.114.0/25 <subnet name>
5)openstack router create my_router
6)openstack router set jidd-router1 --external-gateway <exxternal network
id> --enable-snat
7)openstack router add subnet <router id> <subnet id>
second,create a vm by the network above
And,config floating ip port forwarding.
for example, external ip and port: 10.142.254.158, 8870; internal port:
10.0.99.29,8870
It can not reach form a external ip to 10.142.254.158 using telnet.
Found that, packet is dropped in snat namespace, becase of packet is
marked different labels between qg-xxx interface and sg-xxx interface.
hit rules:
0 0 DROP all -- * sg-4ddcbea1-c6 0.0.0.0/0
0.0.0.0/0 mark match ! 0x4000000/0xffff0000
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1871815/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
