IceHouse host/VM networking/routing broken

asked 2019-11-17 03:42:06 -0600

zipzipzip gravatar image

updated 2019-11-18 14:21:32 -0600

Good morning all.

I have an old OVH Dedicated Server running OpenStack IceHouse on Ubuntu 12 that the networking is broken on. I can access the main host on it's external IP but none of the VMs on their internal or external IPs. I'm trying to fix the networking on this because one day it just stopped working and as I didn't set up the networking on this (an old friend did) and my networking isn't good.

So my OpenStack is setup as follows:

Physical Server - External IP + internal IP of 10.0.0.1
5 VMs inside the physical server - each with their own External IP + internal IP of 10.0.0.2/3/5/6/12 respectively

brctl show

bridge name     bridge id               STP enabled     interfaces
br100           8000.002590a623ea       no              eth0
                                                        vnet0
virbr0          8000.000000000000       yes

cat /var/lib/libvirt/network/default.xml

<networkstatus>
  <class_id bitmap='0-2'/>
  <floor sum='0'/>
  <network>
    <name>default</name>
    <uuid>1418323a-ec13-4ea0-b342-c3263e44c4c4</uuid>
    <forward mode='nat'>
      <nat>
        <port start='1024' end='65535'/>
      </nat>
    </forward>
    <bridge name='virbr0' stp='on' delay='0'/>
    <ip address='192.168.122.1' netmask='255.255.255.0'>
      <dhcp>
        <range start='192.168.122.2' end='192.168.122.254'/>
      </dhcp>
    </ip>
  </network>
</networkstatus>

ifconfig

br100     Link encap:Ethernet  HWaddr 00:25:90:a6:23:ea
          inet addr:10.0.0.1  Bcast:10.0.0.255  Mask:255.255.255.0
          inet6 addr: fe80::225:90ff:fea6:23ea/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:21253 errors:0 dropped:0 overruns:0 frame:0
          TX packets:14720 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1346723 (1.3 MB)  TX bytes:1655846 (1.6 MB)

eth0      Link encap:Ethernet  HWaddr 00:25:90:a6:23:ea
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:21898 errors:0 dropped:68 overruns:0 frame:0
          TX packets:14881 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1828683 (1.8 MB)  TX bytes:1655116 (1.6 MB)
          Memory:fb920000-fb940000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:110260 errors:0 dropped:0 overruns:0 frame:0
          TX packets:110260 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:37015458 (37.0 MB)  TX bytes:37015458 (37.0 MB)

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:172.16.17.1  P-t-P:172.16.17.2  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

virbr0    Link encap:Ethernet  HWaddr aa:88:14:70:4d:e2
          inet addr ...
(more)
edit retag flag offensive close merge delete

Comments

I don't see how the VM is connected to the network, as if its interface had disappeared. What is the output of virsh domiflist 3?

If you have any information about the cloud's network setup (Nova network vs. Neutron; self-service network or not, etc.) please share.

Bernd Bausch gravatar imageBernd Bausch ( 2019-11-17 07:37:06 -0600 )edit

virsh domiflist 3

Interface Type Source Model MAC

vnet0 bridge br100 virtio fa:16:3e:24:da:f2

I believe it is nova-network:

which nova-network

/usr/bin/nova-network

Happy to provide any other info if needed. As mentioned I didn't set it up unfortunately :(

zipzipzip gravatar imagezipzipzip ( 2019-11-17 10:37:37 -0600 )edit

Of course it's vnet0. I had not seen that somehow. The VM does get its IP address from DHCP, so there must be connectivity.

Are you sure the VM's security group allows ICMP and TCP port 22? Can you (from a console) connect from the VM to 10.0.0.1?

Bernd Bausch gravatar imageBernd Bausch ( 2019-11-18 08:14:50 -0600 )edit

The VMs allow ICMP and port 22 as they have no deny firewall rules in place & always worked.

If it helps I've added above what ps -ef | grep dnsmasq shows as well as the output of iptables -L on the host (10.0.0.1).

I can't access the VMs (10.0.0.2/3/5/6/12) via the console from host 10.0.0.1

zipzipzip gravatar imagezipzipzip ( 2019-11-18 14:22:38 -0600 )edit