I hope that this is of use to someone. After many hours of tearing down, building up, programming routers, etc., I’ve figured out why my devstack wasn’t allowing access from floating ips. I knew that the address was resolving (arp -a); I just couldn’t ssh to it (or do anything else with it)
It was the security rules.
So, I went in to the security rules in horizon and added the following rules to the default:
- Allow all CIDR ICMP traffic
- Allow all CIDR TCP traffic
- Allow all CIDR UDP traffic
Generally I wouldn’t advise opening it up totally — I’d open up applicable ports. However, I’m happy to have it working!