Every virtual instance is automatically assigned a private IP address. You may optionally assign public IP addresses to instances. OpenStack uses the term "floating IP" to refer to an IP address (typically public) that can be dynamically added to a running virtual instance. OpenStack Compute uses Network Address Translation (NAT) to assign floating IPs to virtual instances.
If you plan to use this feature, you must add the following to your nova.conf file to specify which interface the nova-network service will bind public IP addresses to:
public_interface=vlan100
Restart the nova-network service if you change nova.conf while the service is running.
![[Note]](../common/images/admon/note.png) | Traffic between VMs using floating IPs |
|---|---|
Note that due to the way floating IPs are implemented using a
source NAT (SNAT rule in iptables), inconsistent behaviour of
security groups can be seen if VMs use their floating IP
to communicate with other virtual machines - particularly on
the same physical host. Traffic from VM to VM across the
fixed network does not have this issue, and this is the
recommended path. To ensure traffic doesn't get SNATed
to the floating range, explicitly set
|
By default, the IP forwarding is disabled on most of Linux distributions. The "floating IP" feature requires the IP forwarding enabled in order to work.
| Note |
|---|---|
The IP forwarding only needs to be enabled on the nodes running the service
nova-network. If the |
you can check if the forwarding is enabled by running the following command:
$ cat /proc/sys/net/ipv4/ip_forward
0
Or using sysctl
$ sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 0
In this example, the IP forwarding is disabled. You can enable it on the fly by running the following command:
$ sysctl -w net.ipv4.ip_forward=1
or
$ echo 1 > /proc/sys/net/ipv4/ip_forward
In order to make the changes permanent, edit the
/etc/sysctl.conf and update
the IP forwarding setting :
net.ipv4.ip_forward = 1
Save the file and run the following command in order to apply the changes :
$ sysctl -p
It is also possible to update the setting by restarting the network service. Here's an example for Ubuntu:
$/etc/init.d/procps.sh restart
Here's an example for RHEL/Fedora/CentOS:
$ service network restart
Nova maintains a list of floating IP addresses that are available for assigning to instances. Use the nova-manage floating create command to add entries to this list, as root.
For example:
# nova-manage floating create --pool=nova --ip_range=68.99.26.170/31
The following nova-manage commands apply to floating IPs.
nova-manage floating list: List the floating IP addresses in the pool.
nova-manage floating create --pool=[pool name] --ip_range=[CIDR]: Create specific floating IPs for either a single address or a subnet.
nova-manage floating delete [cidr]: Remove floating IP addresses using the same parameters as the create command.
Refer to Manage Floating IP Addresses in the OpenStack Clients Guide for information on how to associate floating IPs to instances.
The nova-network service can be configured to automatically allocate and assign a floating IP address to virtual instances when they are launched. Add the following line to nova.conf and restart the nova-network service
auto_assign_floating_ip=True
Note that if this option is enabled and all of the floating IP addresses have already been allocated, the nova boot command will fail with an error.
