Merge lp:~soren/nova/lp716414 into lp:~hudson-openstack/nova/trunk

Proposed by Soren Hansen on 2011-02-10
Status: Merged
Approved by: Devin Carlen on 2011-02-10
Approved revision: 660
Merged at revision: 662
Proposed branch: lp:~soren/nova/lp716414
Merge into: lp:~hudson-openstack/nova/trunk
Diff against target: 20 lines (+4/-0)
1 file modified
nova/network/linux_net.py (+4/-0)
To merge this branch: bzr merge lp:~soren/nova/lp716414
Reviewer Review Type Date Requested Status
Devin Carlen (community) Approve on 2011-02-10
Vish Ishaya (community) 2011-02-10 Approve on 2011-02-10
Review via email: mp+49231@code.launchpad.net

Commit Message

Add forwarding rules for floating IPs to the OUTPUT chain on the network node in addition to the PREROUTING chain.

Description of the Change

Add forwarding rules for floating IPs to the OUTPUT chain on the network node in addition to the PREROUTING chain.

This makes it possible to reach the floating IP's from the network node.

From the linked bug:

From the network node, you cannot reach instances on their floating IP, because the DNAT rule is only in PREROUTING. Since the destination address is local (having been added to FLAGS.public_interface) this rule is not applied and the request instead ends up on the host.

To post a comment you must log in.
Vish Ishaya (vishvananda) wrote :

lgtm

review: Approve
Devin Carlen (devcamcar) wrote :

lgtm

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'nova/network/linux_net.py'
2--- nova/network/linux_net.py 2011-02-08 18:54:29 +0000
3+++ nova/network/linux_net.py 2011-02-10 14:31:37 +0000
4@@ -156,6 +156,8 @@
5 """Ensure floating ip forwarding rule"""
6 _confirm_rule("PREROUTING", "-t nat -d %s -j DNAT --to %s"
7 % (floating_ip, fixed_ip))
8+ _confirm_rule("OUTPUT", "-t nat -d %s -j DNAT --to %s"
9+ % (floating_ip, fixed_ip))
10 _confirm_rule("SNATTING", "-t nat -s %s -j SNAT --to %s"
11 % (fixed_ip, floating_ip))
12
13@@ -164,6 +166,8 @@
14 """Remove forwarding for floating ip"""
15 _remove_rule("PREROUTING", "-t nat -d %s -j DNAT --to %s"
16 % (floating_ip, fixed_ip))
17+ _remove_rule("OUTPUT", "-t nat -d %s -j DNAT --to %s"
18+ % (floating_ip, fixed_ip))
19 _remove_rule("SNATTING", "-t nat -s %s -j SNAT --to %s"
20 % (fixed_ip, floating_ip))
21