Ask Your Question
0

how to debug floating ips all showing down even when associated

asked 2020-05-06 06:38:21 -0500

gtr_kebab gravatar image

Hi,

I seem to have a problem with all my floating IP's showing down, even if associated to an instance and the instance is up.

The instance can get out to the internet via the router, but you can't ping the floating IP. The security groups also look good allowing all icmp inbound.

I've done a bit of digging and checking l3-agent logs but can't see any errors that point to something. The router has an ip on the external network, but floating IP's just don't seem to work.

Any ideas on where to look first?

I'm using OpenVswitch and DVR SNAT

Thanks, Jon.

edit retag flag offensive close merge delete

Comments

SNAT works, but DNAT doesn't. Look into the router namespaces on the controller(s) and, since you deployed DVR, also the compute node(s). They should contain interfaces with the floating IP and netfilter (iptables) rules and/or routing rules that implement DNAT.

Bernd Bausch gravatar imageBernd Bausch ( 2020-05-06 21:34:45 -0500 )edit

Hi, I only have one router, but I will check its for the floating IP and Iptables rules. Thanks.

gtr_kebab gravatar imagegtr_kebab ( 2020-05-08 02:12:35 -0500 )edit

Hi, I can see IPtables rules that look good in the qrouter namespace. The prerouting / dnat are not being hit. when I do Ip address show, I can't see the floating IP's?

gtr_kebab gravatar imagegtr_kebab ( 2020-05-08 02:27:34 -0500 )edit

I can ping the internal IPs from the router network namespace but I can't ping the floating ip's

gtr_kebab gravatar imagegtr_kebab ( 2020-05-08 02:28:33 -0500 )edit

Chain neutron-l3-agent-INPUT (1 references)
target prot opt source destination

gtr_kebab gravatar imagegtr_kebab ( 2020-05-08 02:48:31 -0500 )edit

1 answer

Sort by ยป oldest newest most voted
0

answered 2020-05-08 02:47:58 -0500

gtr_kebab gravatar image

updated 2020-05-09 04:59:35 -0500

UPDATE:

Ended up reinstalling with kolla "deploy", installing openvswitch-switch on host, manually creating br-ex. Removing openvswitch-switch, then deleting the router that was already there and re-creating it.

re-associated floating IP with the current running instance and it now works - http://wierd.com !

10.20.255.99 plex 10.20.1.233 external-net Active

Shows "Active" instead of down.


root@p20:~# ip netns exec qrouter-b0226b7d-64cf-4138-8322-4df0d9474742 ip neigh 10.20.1.3 dev qr-a2ea3c9a-3d lladdr fa:16:3e:ce:81:5c PERMANENT 10.20.1.219 dev qr-a2ea3c9a-3d lladdr fa:16:3e:d4:9b:02 PERMANENT 10.20.1.233 dev qr-a2ea3c9a-3d lladdr fa:16:3e:52:7c:47 PERMANENT 10.20.1.228 dev qr-a2ea3c9a-3d lladdr fa:16:3e:fe:8d:c4 PERMANENT 10.20.1.2 dev qr-a2ea3c9a-3d lladdr fa:16:3e:21:3f:d3 PERMANEN

root@p20:~# ip netns exec qrouter-b0226b7d-64cf-4138-8322-4df0d9474742 ip neigh 10.20.1.3 dev qr-a2ea3c9a-3d lladdr fa:16:3e:ce:81:5c PERMANENT 10.20.1.219 dev qr-a2ea3c9a-3d lladdr fa:16:3e:d4:9b:02 PERMANENT 10.20.1.233 dev qr-a2ea3c9a-3d lladdr fa:16:3e:52:7c:47 PERMANENT 10.20.1.228 dev qr-a2ea3c9a-3d lladdr fa:16:3e:fe:8d:c4 PERMANENT 10.20.1.2 dev qr-a2ea3c9a-3d lladdr fa:16:3e:21:3f:d3 PERMANENT

https://asciinema.org/a/f1dcz3SqSpQNO41AYCaapG1CA (https://asciinema.org/a/f1dcz3SqSpQNO41AYCaapG1CA.svg)

https://asciinema.org/a/f1dcz3SqSpQNO41AYCaapG1CA (https://asciinema.org/a/f1dcz3SqSpQNO...)

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2020-05-06 06:38:21 -0500

Seen: 33 times

Last updated: May 09