Achieving Internet and external Connectivity for Openstack Instances using VLANs and Floating IP addresses

By
Ran

Openstack is a well-known cloud system, it is being used extensively to setup private and public cloud infrastructures. Many renowned hosting companies are using openstack based cloud setups to fulfill the modern day computing requirements of their customers. Openstack is a well-organized, well-structured system, but you need to have a decent amount of system administration experience to setup cloud infrastructure using this system. You should have good knowledge of operating systems and general understanding of networking concepts. Today, we are going to discuss how we can assign public IPs (known as “Floating IPs” in openstack terminology) to the virtual machines (known as “instances” in openstack terminology) using VLAN.

Assigning Public IPs and Internet to Openstack Virtual Machines

In order to assign public IPs to your openstack instances/virtual machines, you need to go through following steps.

  1. Create an internal (tenant) network
  2. Create an external network
  3. Add a Router
  4. Add internal (tenant) network as an interface to the router
  5. Add external network as gateway to the router

Internal network (also called Tenant network) should be created with type as “Gre” or “VXLAN”.  Following neutron command should take care of this.

 neutron net-create demo-net --provider:network_type vxlan 

In order to create internal network of type GRE, run:

 neutron net-create demo-net --provider:network_type gre 

Once internal network has been created, add subnet for this network.

 neutron subnet-create demo-net 192.168.1.0/24 --name demo-subnet --dns-nameserver 8.8.4.4 --gateway 192.168.1.1 

Now let’s create an external network of type VLAN.

 Neutron net-create ext-net --router:external --provider:physical_network external --provider:network_type vlan 

Just like we did for internal network, we will add a subnet for external network, specifying the allocation pool and gateway IP for the vlan we intend to use. Replace IP range and gateway with your own addresses.

 neutron subnet-create ext-net 198.188.188.0/22 --name ext-subnet --allocation-pool start=198.188.188.250,end=198.188.188.252 --disable-dhcp –gateway 198.188.188.1 

Some tests to perform before proceeding further:

Make sure your host is able to reach the external gateway you provided in above step via tracert or ping. Also verify that the IP address range you allocated as pool shouldn’t be in use at any other hosts.

We will now add a router for successful internal and external communication.

 neutron router-create demo-router 

Add tenant network to the router as an interface.

 neutron router-interface-add demo-router demo-subnet 

Add external network to this router as “Gateway”.

 neutron router-gateway-set demo-router ext-net 

That’s it, we are done, spin instances on internal network and assign public/floating IP for internet and external connectivity.