[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[neutron] Floating ips instances not appear in tcpdump

I'm using installation guides with the self service network option (that includes ML2 plugin and linux bridge agent): ( at
What I mean is, for example, if I have an apache server running on an instance with a public ip address (floating ip). When I access to that apache server from whatever external network and I capture the traffic on the instance, all packages come from the same IP. I supposed that the controller node is retransmitting the packages and putting its ip address on them.
I capture some packets with tcpdump in this openstack instance with a public ip (floating_ip), for example: ( at and I have a controller node with a public IP, for example, ( at the traces of traffic are something like this, but they should have others external sources IPs:

# tcpdump tcp and port 443 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on ens7, link-type EN10MB (Ethernet), capture size 262144 bytes
13:21:17.272668 IP ( at ( at ( at > Flags [S], seq 3072401769, win 65535, options [mss 1460,nop,wscale 6,nop,nop,TS val 911923475 ecr 0,sackOK,eol], length 0
13:21:17.272787 IP > ( at ( at ( at Flags [S.], seq 678353364, ack 3072401770, win 64308, options [mss 1410,sackOK,TS val 246556960 ecr 911923475,nop,wscale 7], length 0
13:21:17.273556 IP ( at ( at ( at > Flags [.], ack 1, win 2053, options [nop,nop,TS val 911923476 ecr 246556960], length 0

So, I can't filter the traffic (in this case http/https) received in the openstack instance because all have the same IP address. The only way that I can see the original ips are capturing packages on the controller node.
I don't have a lot experienced and I'd like to understand it. I hope I have explained better than before.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>