Can't ping or ssh VM on provider network (Pike and Linuxbridge)

asked 2018-12-04 11:58:51 -0600

updated 2018-12-05 01:46:41 -0600

Hi there,

I have OpenStack Pike running on Ubuntu 16.04 and trying to follow this guide https://docs.openstack.org/neutron/pike/admin/deploy-lb.html (https://docs.openstack.org/neutron/pi...) to test HA/VRRP capabilities. Sadly, I'm stuck, since I can't access my VMs through ping or ssh. My nodes are running on bare metal servers:

Controller

# The management network interface
auto eno3
iface eno3 inet static
    address 10.0.0.11
    netmask 255.255.255.0
    network 10.0.0.0
    broadcast 10.0.0.255
    gateway 10.0.0.1

Compute01

# The management network interface
auto eno3
iface eno3 inet static
    address 10.0.0.21
    netmask 255.255.255.0
    network 10.0.0.0
    broadcast 10.0.0.255
    gateway 10.0.0.1

# The provider network interface
auto eno2
iface eno2 inet manual
up ip link set dev $IFACE up
down ip link set dev $IFACE down
up sysctl -w net.ipv4.ip_forward=1

# The overlay network interface
auto eno1
iface eno1 inet static
        address 10.0.1.21
        netmask 255.255.255.0
        network 10.0.1.0
        broadcast 10.0.1.255

Compute02

# The management network interface
auto eno3
iface eno3 inet static
    address 10.0.0.31
    netmask 255.255.255.0
    network 10.0.0.0
    broadcast 10.0.0.255
    gateway 10.0.0.1

# The provider network interface
auto eno2
iface eno2 inet manual
up ip link set dev $IFACE up
down ip link set dev $IFACE down
up sysctl -w net.ipv4.ip_forward=1

# The overlay network interface
auto eno1
iface eno1 inet static
        address 10.0.1.31
        netmask 255.255.255.0
        network 10.0.1.0
        broadcast 10.0.1.255

Since I only have three servers for my test case, I'm running the Neutron services on the Compute nodes.

openstack network agent list
+--------------------------------------+--------------------+--------------------
| ID                                   | Agent Type         | Host               | Availability Zone | Alive | State | Binary                    |
+--------------------------------------+--------------------+--------------------
| 1e15bfd7-cad4-4ce5-bacb-2f5ee6c0c12e | Linux bridge agent | sso1compute01-test | None              | :-)   | UP    | neutron-linuxbridge-agent |
| 71379165-39f0-475b-9a27-0afa0b909f0e | DHCP agent         | sso1compute02-test | nova              | :-)   | UP    | neutron-dhcp-agent        |
| 7add3f94-a1c5-48f1-9162-9ede561ebd83 | L3 agent           | sso1compute01-test | nova              | :-)   | UP    | neutron-l3-agent          |
| 9aab3cec-ddf7-4ddc-ab2d-8658e4435fef | L3 agent           | sso1compute02-test | nova              | :-)   | UP    | neutron-l3-agent          |
| 9d642951-4f80-45ff-bfda-976aa78b73bc | Metadata agent     | sso1compute02-test | None              | :-)   | UP    | neutron-metadata-agent    |
| dc1b6c24-1719-40c2-a882-5650d0941827 | DHCP agent         | sso1compute01-test | nova              | :-)   | UP    | neutron-dhcp-agent        |
| e83ee7bc-d93f-4441-ad01-cf43f82bf3fe | Linux bridge agent | sso1compute02-test | None              | :-)   | UP    | neutron-linuxbridge-agent |
| f19cccff-0bee-44c0-9883-89974bdad6f0 | Metadata agent     | sso1compute01-test | None              | :-)   | UP    | neutron-metadata-agent    |
+--------------------------------------+--------------------+--------------------+-------------------+-------+-------+---------------------------+

I have one external flat provider network with the subnet 203.0.113.0/24, like in the example on the website I mentioned. I can launch instances and create networks without problems. I can also access my VMs through VNC. If I deploy multiple VMs on the same network, they can ping each other. The gateway is 203.0.113.1.

When I vnc to the VM with the IP 203.0.113.15 and try to ping the gateway 203.0.113.1 I get no reaction/reply at all. Checking for traffic on the Compute Nodes I get:

tcpdump -vni eno2
tcpdump: listening on eno2, link-type EN10MB (Ethernet), capture size 262144 bytes
18:48:33.031098 ...
(more)
edit retag flag offensive close merge delete