How to configure a PORT Forwarding¶
The following HowTo describes how to configure PORT forwarding in the OpenStack Portal. Please note the Disclaimer and that the following is an example configuration.
Prerequisites
For PORT forwarding you need:
- a router and
- a free floating IP address (PublicIP)
Example 1: PORT Forwarding of a PORTS¶
Scenario description
- PORT forwarding of PORT (2222) to an instance (VM) on PORT 22
To do this, perform the following steps:
- Click on “Network “ => “Floating IPs “ in the navigation bar on the left
- If you do not yet have a free Floating IP address, click on button (1) “Allocate IP To Project “
- Then click the selection list (2) and select “Configure floating IP port forwarding rules”
- On the next page click on “+Add floating IP port forwarding rule “ (1)
- Now enter the desired information (2) in the input mask and click on “Add “ (3)
Tip
Please note the description of the input fields
- The PF rule is then created and listed.
Note
You can create as many PF-Rules for this Floating IP as you like, edit (B) or delete (C) the created rule with the button (A). In order for forwarding to work, the PORTS (Ingres) in the security group used must of course also be enabled.
Example 2: PORT Forwarding of a PORTS Range¶
Scenario description
- PORT forwarding of the PORT range (7010-7020) to an instance (VM) on the PORT Range 710-720
Note
The external and internal PORT ranges must be the same size.
To do this, perform the following steps:
- Click on “Network “ => “Floating IPs “ in the navigation bar on the left
- If you do not yet have a free Floating IP address, click on button (1) “Allocate IP To Project “
- Then click the selection list (2) and select “Configure floating IP port forwarding rules”
- On the next page click on “+Add floating IP port forwarding rule “ (1)
- Now enter the desired information (2) in the input mask and click on “Add “ (3)
Tip
Please note the description of the input fields
- The PF rule is then created and listed.
Note
You can create as many PF-Rules for this Floating IP as you like, edit (B) or delete (C) the created rule with the button (A). In order for forwarding to work, the PORTS (Ingres) in the security group used must of course also be enabled.
List of all PORT-Forwarding Rules of all Floating IP’s¶
To get an overview of all PORT Forwarding Rules of all Floating IP’s created for this project, please follow the steps below:
- Click on “Network “ => “Floating IPs “ in the navigation bar on the left
- Then click the button (1) “List all floating IP port forwarding rules”
- Now all rules are listed
Note
You can sort the list by any column (A), edit (B) or delete (C) the created rules. To delete, first select the rule to be deleted (D).
Example 3: Create PORT forwarding rule via CLI¶
To configure port forwarding via OpenStack Command Line, an example is given below:
# Create port forward to SSH
openstack floating ip port forwarding create \
--internal-ip-address 10.0.1.12 \
--port 9e583adb-618f-42ba-96ee-1a7b89a377b3 \
--internal-protocol-port 22 \
--external-protocol-port 222 \
--protocol tcp 217.71.95.21
Note
You can get further help with the following command (see example below).
openstack floating ip port forwarding create --help
usage: openstack floating ip port forwarding create [-h]
[-f {json,shell,table,value,yaml}]
[-c COLUMN]
[--prefix PREFIX]
[--max-width <integer>]
[--fit-width]
[--print-empty]
[--noindent]
--internal-ip-address
<internal-ip-address>
--port <port>
--internal-protocol-port
<port-number>
--external-protocol-port
<port-number> --protocol
<protocol>
[--description <description>]
<floating-ip>
Create floating IP port forwarding
positional arguments:
<floating-ip> Floating IP that the port forwarding belongs to (IP
address or ID)
optional arguments:
-h, --help show this help message and exit
--internal-ip-address <internal-ip-address>
The fixed IPv4 address of the network port associated
to the floating IP port forwarding
--port <port> The name or ID of the network port associated to the
floating IP port forwarding
--internal-protocol-port <port-number>
The protocol port number of the network port fixed
IPv4 address associated to the floating IP port
forwarding
--external-protocol-port <port-number>
The protocol port number of the port forwarding's
floating IP address
--protocol <protocol>
The protocol used in the floating IP port forwarding,
for instance: TCP, UDP
--description <description>
A description that helps other users to know the
reason why this rule is being created
output formatters:
output formatter options
-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml}
the output format, defaults to table
-c COLUMN, --column COLUMN
specify the column(s) to include, can be repeated
shell formatter:
a format a UNIX shell can parse (variable="value")
--prefix PREFIX add a prefix to all variable names
table formatter:
--max-width <integer>
Maximum display width, <1 to disable. You can also use
the CLIFF_MAX_TERM_WIDTH environment variable, but the
parameter takes precedence.
--fit-width Fit the table to the display width. Implied if --max-
width greater than 0. Set the environment variable
CLIFF_FIT_WIDTH=1 to always enable
--print-empty Print empty table if there is no data to show.
json formatter:
--noindent whether to disable indenting the JSON