openstackdevstackopenstack-neutron

How do I reach a DevStack instance setup on HOST A, from HOST B (located on the same network)?


I've setup two GCP instances, both with an adapter subnet 10.0.3.0/24 (HOST A: 10.0.3.7, HOST B: 10.0.3.6). Both have DevStack setup on them with the following local.conf :

HOST A: https://pastebin.com/m3sXPaz9

HOST B: https://pastebin.com/311qjqbh

According to the documentation, (https://docs.openstack.org/neutron-vpnaas/latest/contributor/testing-with-devstack.html):

You can use two DevStack nodes connected by a common “public” network to test VPNaaS. The second node can be set up with the same public network as the first node, except it will use a different gateway IP (and hence router IP).

And,

With DevStack running on East and West and connectivity confirmed (make sure you can ping one router/GW from the other), you can perform these VPNaaS CLI commands.

However, after following the above AND the following SO question previously asked(How to expose the Devstack floating ip to the external world?), I can't get HOST B to ping the Floating IP assigned to a DevStack instance(10.0.3.156) in A.

I have made sure that the Security groups both in GCP and DevStack allow all ingress and egress traffic on all ports. br-ex has the GW of 10.0.3.129, which is also not reachable. An image of the network in HOST A


Solution

  • Alright so the thing I overlooked was that even the VMs had a firewall, and i just had to add a UWF rule to them to allow traffic from devices on that network.