Bug 989626 - Configurable External Gateway Modes
Configurable External Gateway Modes
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-neutron (Show other bugs)
Unspecified Unspecified
medium Severity medium
: Upstream M2
: 4.0
Assigned To: Terry Wilson
Assaf Muller
: FutureFeature, OtherQA, Reopened
Depends On: 1010323
Blocks: RHOS40RFE 1046070
  Show dependency treegraph
Reported: 2013-07-29 12:47 EDT by Perry Myers
Modified: 2016-04-26 19:41 EDT (History)
8 users (show)

See Also:
Fixed In Version: openstack-neutron-2013.2-0.3.b2.el6ost
Doc Type: Enhancement
Doc Text:
Allow disabling the default SNAT behavior on external networks.
Story Points: ---
Clone Of:
: 1046070 (view as bug list)
Last Closed: 2013-12-23 08:36:09 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2013:1859 normal SHIPPED_LIVE Red Hat Enterprise Linux OpenStack Platform Enhancement Advisory 2013-12-20 19:01:48 EST

  None (edit)
Comment 3 Assaf Muller 2013-12-19 10:45:29 EST
Failed my verification on RHOS 4.0.

I had an instance connected to a router. The instance was able to ping google.com.

I used tcpdump on the hypervisor and saw that the source IP for the packets as they were leaving the hypervisor was the IP that the virtual router was allocated.

I then cleared the gateway, and the pings were failing.
I then ran:
router-gateway-set --disable-snat r1 public

And the pings were succeeding, and the source IP was (again) the source IP of the virtual router. The expected result was that the pings were supposed to fail, as the ICMP request was supposed to leave the hypervisor with a source IP of the instance itself, as the NAT was not supposed to take place (But was).
Comment 5 errata-xmlrpc 2013-12-19 19:16:16 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

Comment 6 Assaf Muller 2013-12-22 07:57:03 EST
Reopening. I don't know why the bug was closed as the last message (By me) states that the bug failed verification.

Note You need to log in before you can comment on or make changes to this bug.