tripleo

  1. Bug #1794729
  2. Comment #2

Comment 2 for bug 1794729

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on tripleo-quickstart-extras (master)

Change abandoned by Harald Jensås (<email address hidden>) on branch: master
Review: https://review.openstack.org/609830
Reason: Hm, not sure it's the masquerade rule we want.
Could it be the RETURN rule, to ensure we do not masquerade. I.e route, but no NAT?

These are the interfaces on the undercloud in OVB job [1]:

    inet 192.168.100.13/22 brd 192.168.103.255 scope global dynamic eth0
    inet 192.168.24.1/24 brd 192.168.24.255 scope global br-ctlplane
    inet 192.168.24.3/32 scope global br-ctlplane
    inet 192.168.24.2/32 scope global br-ctlplane

These are the POSTROUTING rules:

-A POSTROUTING -s 10.0.0.0/24 -d 10.0.0.0/24 -m state --state NEW,RELATED,ESTABLISHED -m comment --comment "137 routed_network return 10.0.0.0/24 ipv4" -j RETURN
-A POSTROUTING -s 192.168.24.0/24 -d 192.168.24.0/24 -m state --state NEW,RELATED,ESTABLISHED -m comment --comment "137 routed_network return 192.168.24.0/24 ipv4" -j RETURN
-A POSTROUTING -s 10.0.0.0/24 -m state --state NEW,RELATED,ESTABLISHED -m comment --comment "138 routed_network masquerade 10.0.0.0/24 ipv4" -j MASQUERADE
-A POSTROUTING -s 192.168.24.0/24 -m state --state NEW,RELATED,ESTABLISHED -m comment --comment "138 routed_network masquerade 192.168.24.0/24 ipv4" -j MASQUERADE

 err ... to late. Will have to look again tomorrow.

[1] https://logs.rdoproject.org/57/607557/10/openstack-check/tripleo-ci-centos-7-ovb-3ctlr_1comp-featureset053/befa75a/logs/undercloud/var/log/extra/network.txt.gz