neutron 搭建完成后无法ping通 router gateway

本帖最后由 fxsundp 于 2015-6-28 21:49 编辑

本人在esxi 虚拟机上搭建neutron，创建网络后，无法ping通 external router gateway但是在个人笔记本上使用wmare workstation创建虚拟机，使用相同配置neutron却可以ping通
唯一不同的是wmare workstation使用的全部是虚拟卡，esxi vm 连接external net 是物理卡
注：wmare workstation和esxi虚拟机上，连接external net的网卡都没有配置promisc，也没有使用ethtool -K INTERFACE_NAME gro off 命令，后来在esxi虚拟机的网卡上配置了promisc，使用ethtool -K INTERFACE_NAME gro off 后，也无法平通 router gateway
希望大神指点一下

补充一下，所有虚拟机都关闭了iptables和selinux，系统版本rhel 7.0，openstack juno
下面附上配置命令和状态
source admin-openrc.sh
neutron net-create ext-net --router:external True --provider:physical_network external --provider:network_type flat
neutron subnet-create ext-net --name ext-subnet --allocation-pool start=10.0.1.200,end=10.0.1.220 --disable-dhcp --gateway 10.0.1.254 10.0.1.0/24

source demo-openrc.sh
neutron net-create demo-net
neutron subnet-create demo-net --name demo-subnet --gateway 10.10.7.1 10.10.7.0/24
neutron router-create demo-router
neutron router-interface-add demo-router demo-subnet
neutron router-gateway-set demo-router ext-net

下面是一些状态：
controller 节点：
# neutron net-list
+--------------------------------------+----------+---------------------------------------------------+
| id                                  | name    | subnets                                        |
+--------------------------------------+----------+---------------------------------------------------+
| b4d63277-a71f-46d2-af60-8fd773424b1a | ext-net  | 5311e27f-b83e-4a7e-81f9-7e885ef622b4 10.0.1.0/24  |
| d12ed8d5-0baa-430e-ba12-7cdf96f46964 | demo-net | ca1e0720-8cb0-4992-8346-7a64b48bd6f7 10.10.7.0/24 |
+--------------------------------------+----------+---------------------------------------------------+

# neutron subnet-list
+--------------------------------------+-------------+--------------+----------------------------------------------+
| id                                  | name       | cidr       | allocation_pools                            |
+--------------------------------------+-------------+--------------+----------------------------------------------+
| 5311e27f-b83e-4a7e-81f9-7e885ef622b4 | ext-subnet  | 10.0.1.0/24  | {"start": "10.0.1.200", "end": "10.0.1.220"} |
| ca1e0720-8cb0-4992-8346-7a64b48bd6f7 | demo-subnet | 10.10.7.0/24 | {"start": "10.10.7.2", "end": "10.10.7.254"} |
+--------------------------------------+-------------+--------------+----------------------------------------------+

# neutron router-list
+--------------------------------------+-------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+
| id                                  | name       | external_gateway_info                                                                                                                                                                | distributed | ha |
+--------------------------------------+-------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+
| 595af3ba-0c9f-4805-80bd-5d40d4a2a59c | demo-router | {"network_id": "b4d63277-a71f-46d2-af60-8fd773424b1a", "enable_snat": true, "external_fixed_ips": [{"subnet_id": "5311e27f-b83e-4a7e-81f9-7e885ef622b4", "ip_address": "10.0.1.200"}]} | False    | False |
+--------------------------------------+-------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+

就是无法ping 通 10.0.1.200

network 节点信息：

补充下network节点的配置：

eth0: 10.0.1.2
eth1: 10.0.2.2
eht2: 与eth0使用相同虚拟网卡，配置同一网段
eth0 为管理网段，eht1 为连接compute节点的tunnel网段，eth2为连接外网网卡

# ip netns exec qrouter-595af3ba-0c9f-4805-80bd-5d40d4a2a59c ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
   valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
   valid_lft forever preferred_lft forever
11: qr-0f422db6-1b: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
link/ether fa:16:3e:07:96:64 brd ff:ff:ff:ff:ff:ff
inet 10.10.7.1/24 brd 10.10.7.255 scope global qr-0f422db6-1b
   valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:fe07:9664/64 scope link
   valid_lft forever preferred_lft forever
12: qg-d3aae1ef-18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
link/ether fa:16:3e:05:fa:32 brd ff:ff:ff:ff:ff:ff
inet 10.0.1.200/24 brd 10.0.1.255 scope global qg-d3aae1ef-18
   valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:fe05:fa32/64 scope link
   valid_lft forever preferred_lft forever
在esxi虚拟机上
在network节点上ping router gateway 地址 10.0.1.200 无法平通
但是使用 ip netns exec qrouter-595af3ba-0c9f-4805-80bd-5d40d4a2a59c ping 10.0.1.200 可以ping 通

在论坛里看了很多类似的帖子，但是没有遇到wmare workstation虚拟机正常，esxi虚拟机无法ping通的情况，希望大神指点一下