Floating IP port forwarding allows users to forward traffic from a TCP/UDP/other protocol port of a floating IP to a TCP/UDP/other protocol port associated to one of the fixed IPs of a Neutron port.
In order to apply port forwarding on a floating IP, the following information is required:
- The internal IP address to be used
- The UUID of the port to be associated with the floating IP
- The port number of the network port’s fixed IPv4 address
- The external port number of the port forwarding’s floating IP address
- The specific protocol to be used in the port forwarding (in this example TCP)
- The floating IP for the port forwarding rule to be applied on.
The example below demonstrates creation of port forwarding on a floating IP, using the required options:
$ openstack floating ip port forwarding create \ --internal-ip-address 10.0.0.14 \ --port 12c29300-0f8a-4c54-a9dc-bee4c12c6ad2 \ --internal-protocol-port 80 \ --external-protocol-port 8080 \ --protocol tcp 184.108.40.206
Within a project, a list of port forwarding rules applied to specific floating IPs can be obtained with the following command.
$ openstack floating ip port forwarding list 220.127.116.11
The command above can be further refined using
--protocol flags before the floating IP.
To display the specific details of a Port Forwarding rule for a Floating IP, the following command can be used:
$ openstack floating ip port forwarding show <floating-ip> <port-forwarding-id>
If a port forwarding configuration on a floating IP has already been created using
$ openstack floating ip port forwarding create, further changes can be made to the existing configuration using
$ openstack floating ip port forwarding set ....
The following aspects of the port forwarding can be modified:
--port: The UUID of the network port
--internal-ip-address: The fixed internal address associated with the floating IP port forwarding rule.
--internal-protocol-port: The TCP/UDP/etc. port number of the network port fixed IPv4 address associated with the floating IP port forwarding rule
--external-protocol-port: The TCP/UDP/etc. port number of the port forwarding rule’s floating IP address
--protocol: The IP protocol used in the floating IP port forwarding rule (TCP/UDP/other)
--description: Text describing/contextualizing the use of the port forwarding configuration
The configuration of any of the above options can be modified with a variation of the following command:
$ openstack floating ip port forwarding set \ --port <port> \ --internal-ip-address <internal-ip-address> \ --internal-protocol-port <port-number> \ --external-protocol-port <port-number> \ --protocol <protocol> \ --description <description>] \ <floating-ip> <port-forwarding-id>`
To remove a port forwarding rule from a floating IP, we need the following information:
- The floating IP from which the port forwarding rule is to be removed from.
- The port forwarding ID (This ID is applied upon creation and can be obtained using the
$ openstack floating ip port forwarding list ...command)
The following command removes the port forwarding rule from a floating ip:
$ openstack floating ip port forwarding delete <floating-ip> <port-forwarding-id>