Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 892251 Details for
Bug 1093981
Floating ips are not being used in iptables
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
iptables
file_1093981.txt (text/plain), 6.04 KB, created by
Ofer Blaut
on 2014-05-04 04:56:58 UTC
(
hide
)
Description:
iptables
Filename:
MIME Type:
Creator:
Ofer Blaut
Created:
2014-05-04 04:56:58 UTC
Size:
6.04 KB
patch
obsolete
>floating ip is associated but not in iptables nat > >floating ip (10.35.175.23) on RHEL 7 with RDO : ( nothing in nat table ) > >[root@cougar16 ~]# ip netns exec qrouter-28db7907-6998-42a6-8718-180cfad1061d iptables -nL -t nat >Chain PREROUTING (policy ACCEPT) >target prot opt source destination >neutron-l3-agent-PREROUTING all -- 0.0.0.0/0 0.0.0.0/0 > >Chain INPUT (policy ACCEPT) >target prot opt source destination > >Chain OUTPUT (policy ACCEPT) >target prot opt source destination >neutron-l3-agent-OUTPUT all -- 0.0.0.0/0 0.0.0.0/0 > >Chain POSTROUTING (policy ACCEPT) >target prot opt source destination >neutron-l3-agent-POSTROUTING all -- 0.0.0.0/0 0.0.0.0/0 >neutron-postrouting-bottom all -- 0.0.0.0/0 0.0.0.0/0 > >Chain neutron-l3-agent-OUTPUT (1 references) >target prot opt source destination > >Chain neutron-l3-agent-POSTROUTING (1 references) >target prot opt source destination >ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ! ctstate DNAT > >Chain neutron-l3-agent-PREROUTING (1 references) >target prot opt source destination >REDIRECT tcp -- 0.0.0.0/0 169.254.169.254 tcp dpt:80 redir ports 9697 > >Chain neutron-l3-agent-float-snat (1 references) >target prot opt source destination > >Chain neutron-l3-agent-snat (1 references) >target prot opt source destination >neutron-l3-agent-float-snat all -- 0.0.0.0/0 0.0.0.0/0 >SNAT all -- 22.0.0.0/24 0.0.0.0/0 to:10.35.175.20 >SNAT all -- 21.0.0.0/24 0.0.0.0/0 to:10.35.175.20 > >Chain neutron-postrouting-bottom (1 references) >target prot opt source destination >neutron-l3-agent-snat all -- 0.0.0.0/0 0.0.0.0/0 >[root@cougar16 ~]# source keystonerc_admin_tenant1 >[root@cougar16 ~(keystone_admin_tenant1)]$neutron floatingip-list >+--------------------------------------+------------------+---------------------+--------------------------------------+ >| id | fixed_ip_address | floating_ip_address | port_id | >+--------------------------------------+------------------+---------------------+--------------------------------------+ >| 1016f680-88fa-4f8f-8252-e87cbbc2196a | 21.0.0.9 | 10.35.175.23 | f7b114ed-2066-43a6-ae73-23c8081aec09 | >| 4c590c26-8d1c-490a-af4d-e31c8a00e00c | | 10.35.175.21 | | >| fa4e73a0-dfa3-454b-a284-201711089e6f | | 10.35.175.22 | | >+--------------------------------------+------------------+---------------------+--------------------------------------+ >[root@cougar16 ~(keystone_admin_tenant1)]$neutron floatingip-show 1016f680-88fa-4f8f-8252-e87cbbc2196a >+---------------------+--------------------------------------+ >| Field | Value | >+---------------------+--------------------------------------+ >| fixed_ip_address | 21.0.0.9 | >| floating_ip_address | 10.35.175.23 | >| floating_network_id | e3f9cf78-5e7c-49e3-a9ce-872dc81aabde | >| id | 1016f680-88fa-4f8f-8252-e87cbbc2196a | >| port_id | f7b114ed-2066-43a6-ae73-23c8081aec09 | >| router_id | 28db7907-6998-42a6-8718-180cfad1061d | >| status | ACTIVE | >| tenant_id | 258f72b6bd9643e6ae3e7c7bbc46cecd | >+---------------------+--------------------------------------+ >[root@cougar16 ~(keystone_admin_tenant1)]$ > > > >Floating ip on RHEL 6.5 with RHOS 4.0 (floating ip 10.35.180.21 ) > > >[root@puma05 ~]# ip netns exec qrouter-e2decdf1-753d-4be4-86ef-e24aa5a10ed3 iptables -nL -t nat >Chain PREROUTING (policy ACCEPT) >target prot opt source destination >neutron-l3-agent-PREROUTING all -- 0.0.0.0/0 0.0.0.0/0 > >Chain POSTROUTING (policy ACCEPT) >target prot opt source destination >neutron-l3-agent-POSTROUTING all -- 0.0.0.0/0 0.0.0.0/0 >neutron-postrouting-bottom all -- 0.0.0.0/0 0.0.0.0/0 > >Chain OUTPUT (policy ACCEPT) >target prot opt source destination >neutron-l3-agent-OUTPUT all -- 0.0.0.0/0 0.0.0.0/0 > >Chain neutron-l3-agent-OUTPUT (1 references) >target prot opt source destination >DNAT all -- 0.0.0.0/0 10.35.180.21 to:21.0.0.2 > >Chain neutron-l3-agent-POSTROUTING (1 references) >target prot opt source destination >ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ! ctstate DNAT > >Chain neutron-l3-agent-PREROUTING (1 references) >target prot opt source destination >REDIRECT tcp -- 0.0.0.0/0 169.254.169.254 tcp dpt:80 redir ports 9697 >DNAT all -- 0.0.0.0/0 10.35.180.21 to:21.0.0.2 > >Chain neutron-l3-agent-float-snat (1 references) >target prot opt source destination >SNAT all -- 21.0.0.2 0.0.0.0/0 to:10.35.180.21 > >Chain neutron-l3-agent-snat (1 references) >target prot opt source destination >neutron-l3-agent-float-snat all -- 0.0.0.0/0 0.0.0.0/0 >SNAT all -- 22.0.0.0/24 0.0.0.0/0 to:10.35.180.20 >SNAT all -- 21.0.0.0/24 0.0.0.0/0 to:10.35.180.20 > >Chain neutron-postrouting-bottom (1 references) >target prot opt source destination >neutron-l3-agent-snat all -- 0.0.0.0/0 0.0.0.0/0 >[root@puma05 ~]#
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=892251">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 1093981
: 892251