Appendix B. Configuring a Gateway

Configure the machine on which the Red Hat Enterprise Linux OpenStack Platform installer user interface is installed to act as a gateway so that traffic from the private provisioning network that the installer defines can be forwarded to a network interface with external connectivity.

Procedure B.1. Configuring a Gateway

  1. Log in to the machine on which you will install the user interface as the root user.
  2. Edit /etc/sysctl.conf and change the value of net.ipv4.ip_forward to 1: 
    net.ipv4.ip_forward = 1
  3. Load the new value: 
    # sysctl -p
  4. Enable IP masquerading: 
    # iptables -t nat -A POSTROUTING -o [if_name] -j MASQUERADE
# iptables -A FORWARD -s [XX.XX.XX.XX/XX] -j ACCEPT
# iptables -A FORWARD -d [XX.XX.XX.XX/XX] -j ACCEPT
# iptables -A FORWARD ! -s [XX.XX.XX.XX/XX] -j DROP
    • [if_name]: The name of the network interface to which to forward network traffic. You must specify the name of the network interface that will not be used for the private provisioning network.
    • [XX.XX.XX.XX/XX]: The network address of the private provisioning network that the installer defines. You must specify this address using CIDR notation. For example, XX.0.0.0/8, XX.XX.0.0/16, or XX.XX.XX.00/24.
  5. Save the changes to the firewall: 
    # service iptables save
  6. Restart networking: 
    # service network restart
Traffic from the private provisioning network can now be forwarded to a network interface with external network connectivity, allowing machines on that network to access resources on other networks.