neutron

Traffic from VM not getting NAT'd

Asked by Patrick Vinas

Hello all-

Running Folsom on Ubuntu 12.04 LTS. Multi-node setup - Controller, network node, compute node, image node. Quantum/OVS with GRE net.

-VM boots and is pingable by fixed IP (192.168.4.3) from all nodes, and can ping network node (192.168.4.2 or 10.200.0.15)
-Floating IP is associated with VM (10.200.0.201), and is pingable by (AFAICT) every device on the 10.200.0.0 subnet - but the VM can still only ping the network node.
-tcpdump of tap on network node (while trying to ping the gateway from VM) shows:
16:57:41.601246 IP 192.168.4.3 > 10.200.0.1: ICMP echo request, id 1445, seq 1, length 64

and the logs on 10.200.0.1 (my firewall) show that the traffic is reaching the gateway and being rejected as an unauthorized network (as intended). Looks like the iptables nat POSTROUTING chain isn't NAT-ing the traffic from the VM. Can anyone help with this?

Thanks!

Question information

Language:
English Edit question
Status:
Solved
For:
neutron Edit question
Assignee:
No assignee Edit question
Solved by:
Patrick Vinas
Solved:
Last query:
Last reply:
Revision history for this message
Patrick Vinas (patrickvinas) said : 		#1

VMs can reach the 10.200 gateway (thanks to a little iptables-fu), so I guess this is resolved.