Ask Your Question
0

Instances receive DHCP address, but aren't reachable

asked 2017-05-23 04:49:28 -0500

T.G. gravatar image

Fairly new to OpenStack and most certainly to openvswitch, I have setup OpenStack in combination with ovs . Launched instances get an interface in the desired network. They also receive a DHCP address, from a DHCP server in our environment.

The thing is: I can not ping the IP address that was received, or connect to the instance in any way other than Console. Protocols that have been opened in the security group:

2569cdcc-7bbe-4409-87e0-42a5d342d797 | default | ingress | IPv4 | 1-3200/tcp | 0.0.0.0/0 (CIDR) | 8f9d304e-6f6f-4e23-b077-c81be1df9271 | default | ingress | IPv4 | 53/udp | 0.0.0.0/0 (CIDR) | a6a97793-6360-4ce5-8a40-cf6ace420e9f | default | ingress | IPv4 | icmp | 0.0.0.0/0 (CIDR) |

Using netdiscover within the deployed instance, I can see all other nodes on the (external) network (but am unable to reach them) so the instance must have some sort of connection to the external network.

The vNS_Ops_Bridge is meant to be the external bridge.

ovs-vsctl show

bad16723-5a9f-4e75-bca3-912767a0b688 Bridge vNS_Mnt_Bridge fail_mode: secure Port "phy-vNS_M781e7d" Interface "phy-vNS_M781e7d" type: patch options: {peer="int-vNS_M781e7d"} Port vNS_Mnt_Bridge Interface vNS_Mnt_Bridge type: internal Port "eno3" Interface "eno3" Bridge vNS_Ops_Bridge fail_mode: secure Port "eno2" Interface "eno2" Port vNS_Ops_Bridge Interface vNS_Ops_Bridge type: internal Port "phy-vNS_O0e6f92" Interface "phy-vNS_O0e6f92" type: patch options: {peer="int-vNS_O0e6f92"} Bridge br-int fail_mode: secure Port "int-vNS_M781e7d" Interface "int-vNS_M781e7d" type: patch options: {peer="phy-vNS_M781e7d"} Port "int-vNS_O0e6f92" Interface "int-vNS_O0e6f92" type: patch options: {peer="phy-vNS_O0e6f92"} Port br-int Interface br-int type: internal Port "tap3f5fe9b7-02" tag: 1 Interface "tap3f5fe9b7-02" ovs_version: "2.5.2"

So the questions are basically: Why can I not get connected to this instance, or from the instance to other machines? Is the external bridge setup correctly? Do I need to alter the vNS_Ops_Bridge and make it external somehow (although I am quite unsure if- and how to do this ;) ).

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
0

answered 2017-05-31 03:44:11 -0500

T.G. gravatar image

Found out this was caused by a security group rule. After changing the IP address of the instance to the one that was in the rule, things started working out.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

Stats

Asked: 2017-05-23 04:49:28 -0500

Seen: 56 times

Last updated: May 31 '17