Ask Your Question
0

Two networks, one is reachable, the other is not. Why?

asked 2012-05-15 01:38:42 -0600

guestly gravatar image

I have created two networks under the Nova+Quantum+Openvswitch. 10.10.10.0/24 and 8.8.8.0/24, I created VM under both of the tow networks. But 10.10.10.0 network is reachable, the other is not. My configuration is as below:

1) Nova services:

nova-manage service list

2012-05-15 09:30:38 DEBUG nova.utils [req-6daf33ee-b4cb-48fd-bf9f-6e346faf3bbf None None] backend <module 'nova.db.sqlalchemy.api'="" from="" '="" usr="" lib="" python2.7="" dist-packages="" nova="" db="" sqlalchemy="" api.pyc'=""> from (pid=9555) __get_backend /usr/lib/python2.7/dist-packages/nova/utils.py:658 Binary Host Zone Status State Updated_At nova-compute cc202 nova enabled :-) 2012-05-15 01:30:29 nova-network cc202 nova enabled :-) 2012-05-15 01:30:37 nova-scheduler cc202 nova enabled :-) 2012-05-15 01:30:37 nova-consoleauth cc202 nova enabled :-) 2012-05-15 01:30:37

2) Nova networks:

nova-manage network list

id IPv4 IPv6 start address DNS1 DNS2 VlanID project uuid
2012-05-15 09:31:53 DEBUG nova.utils [req-a83b7b23-bc86-42f1-a67e-52c09951ff2e None None] backend <module 'nova.db.sqlalchemy.api'="" from="" '="" usr="" lib="" python2.7="" dist-packages="" nova="" db="" sqlalchemy="" api.pyc'=""> from (pid=9820) __get_backend /usr/lib/python2.7/dist-packages/nova/utils.py:658 10 10.10.10.0/24 None 10.10.10.2 8.8.4.4 None None None 9bfef0dc-e1d6-41fa-bf0c-4ed7db2a2f70 11 8.8.8.0/24 None 8.8.8.2 8.8.4.4 None None None 590be7b5-0d57-4a11-82ae-0bdc94dfd34c

3) VMs:

nova list

+--------------------------------------+----------------------------+--------+-------------------+ | ID | Name | Status | Networks | +--------------------------------------+----------------------------+--------+-------------------+ | 2ed0ae69-8e90-4bc0-985b-9452a1b14521 | ubuntu1204_ci_amd64 | ACTIVE | public=10.10.10.2 | | 81b0c4fe-4ab3-4897-a4d4-ad434f5b0e95 | ubuntu1204_ci_amd64_02 | ACTIVE | public=10.10.10.3 | | 8ed69dd6-c0a2-4273-93d5-fd3fd8b2d146 | ubuntu1204_ci_amd64_public | ACTIVE | public=8.8.8.2 | +--------------------------------------+----------------------------+--------+-------------------+

4) Network connectivity: root@cc202:/var/log/nova# ping 10.10.10.2 PING 10.10.10.2 (10.10.10.2) 56(84) bytes of data. 64 bytes from 10.10.10.2: icmp_req=1 ttl=64 time=0.261 ms 64 bytes from 10.10.10.2: icmp_req=2 ttl=64 time=0.328 ms 64 bytes from 10.10.10.2: icmp_req=3 ttl=64 time=0.293 ms 64 bytes from 10.10.10.2: icmp_req=4 ttl=64 time=0.292 ms

ping 8.8.8.2

PING 8.8.8.2 (8.8.8.2) 56(84) bytes of data. From 10.131.0.244 icmp_seq=1 Destination Host Unreachable From 10.131.0.244 icmp_seq=2 Destination Host Unreachable From 10.131.0.244 icmp_seq=3 Destination Host Unreachable ^C --- 8.8.8.2 ping statistics --- 6 packets transmitted, 0 received, +3 errors, 100% packet loss, time 4999ms pipe 3

But,

ping 8.8.8.1

PING 8.8.8.1 (8.8.8.1) 56(84) bytes of data. 64 bytes from 8.8.8.1: icmp_req=1 ttl=64 time=0.055 ms 64 bytes from 8.8.8.1: icmp_req=2 ttl=64 time=0.045 ms 64 bytes from 8.8.8.1: icmp_req=3 ttl=64 time=0.045 ms ^C --- 8.8.8.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 1998ms

I wonder how this ... (more)

edit retag flag offensive close merge delete

15 answers

Sort by ยป oldest newest most voted
0

answered 2012-05-15 12:17:19 -0600

guestly gravatar image

Maybe it has something do with SNAT, but I really don't know why it doesn't work and why it has SNAT item while creating VMs.

edit flag offensive delete link more
0

answered 2012-05-17 01:34:38 -0600

guestly gravatar image

To Dan, Yes, I log in this VM, and ifconfig it, it has two vNIC, eth0 and eth1, and both of them has correct IP address.

edit flag offensive delete link more
0

answered 2012-05-15 02:13:42 -0600

guestly gravatar image

ifconfig br100 Link encap:Ethernet HWaddr 4a:a8:3d:2a:ac:3c
inet addr:192.168.200.1 Bcast:192.168.200.255 Mask:255.255.255.0 inet6 addr: fe80::48a8:3dff:fe2a:ac3c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:2679 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:229770 (229.7 KB)

eth0 Link encap:Ethernet HWaddr d0:67:e5:23:96:ab
inet addr:10.131.0.244 Bcast:10.131.255.255 Mask:255.252.0.0 inet6 addr: fe80::d267:e5ff:fe23:96ab/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:282761 errors:0 dropped:0 overruns:0 frame:0 TX packets:76570 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:104524868 (104.5 MB) TX bytes:11436816 (11.4 MB) Interrupt:40 Base address:0xa000

eth1 Link encap:Ethernet HWaddr 00:1b:21:c6:35:b4
inet addr:10.10.10.48 Bcast:10.10.10.255 Mask:255.255.255.0 inet6 addr: fe80::21b:21ff:fec6:35b4/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:81467 errors:0 dropped:0 overruns:0 frame:0 TX packets:23025 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:7907282 (7.9 MB) TX bytes:3998962 (3.9 MB) Interrupt:18 Memory:e10c0000-e10e0000

gw-590be7b5-0d Link encap:Ethernet HWaddr fa:16:3e:11:d4:b0
inet addr:8.8.8.1 Bcast:8.8.8.255 Mask:255.255.255.0 inet6 addr: fe80::f816:3eff:fe11:d4b0/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:25003 errors:0 dropped:0 overruns:0 frame:0 TX packets:843 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:4430540 (4.4 MB) TX bytes:35622 (35.6 KB)

gw-9bfef0dc-e1 Link encap:Ethernet HWaddr fa:16:3e:0b:c9:47
inet addr:10.10.10.1 Bcast:10.10.10.255 Mask:255.255.255.0 inet6 addr: fe80::f816:3eff:fe0b:c947/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:81653 errors:0 dropped:0 overruns:0 frame:0 TX packets:79860 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:10206939 (10.2 MB) TX bytes:91187083 (91.1 MB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:3913403 errors:0 dropped:0 overruns:0 frame:0 TX packets:3913403 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2457263572 (2.4 GB) TX bytes:2457263572 (2.4 GB)

tap310e70c6-69 Link encap:Ethernet HWaddr ... (more)

edit flag offensive delete link more
0

answered 2012-05-15 02:54:16 -0600

guestly gravatar image

New information:

nova list

+--------------------------------------+-----------------------------+--------+-----------------------------------------------------+ | ID | Name | Status | Networks | +--------------------------------------+-----------------------------+--------+-----------------------------------------------------+ | 2ed0ae69-8e90-4bc0-985b-9452a1b14521 | ubuntu1204_ci_amd64 | ACTIVE | public=10.10.10.2 | | 33e6db32-fe06-4da0-ba7c-03e13bd38574 | ubuntu1204_ci_amd64_private | ACTIVE | tenantX-private=6.6.6.2; public=10.10.10.5, 8.8.8.4 | | 61068ce5-db4d-4851-a1bc-7cfb4aade0f7 | ubuntu1204_ci_amd64_public2 | ACTIVE | public=10.10.10.4, 8.8.8.3 | | 81b0c4fe-4ab3-4897-a4d4-ad434f5b0e95 | ubuntu1204_ci_amd64_02 | ACTIVE | public=10.10.10.3 | | 8ed69dd6-c0a2-4273-93d5-fd3fd8b2d146 | ubuntu1204_ci_amd64_public | ACTIVE | public=8.8.8.2 | +--------------------------------------+-----------------------------+--------+-----------------------------------------------------+

ssh -i .ssh/id_rsa ubuntu@10.10.10.5

ubuntu@ubuntu1204-ci-amd64-private:~$ ifconfig eth0 Link encap:Ethernet HWaddr fa:16:3e:0d:45:95
inet addr:10.10.10.5 Bcast:10.10.10.255 Mask:255.255.255.0 inet6 addr: fe80::f816:3eff:fe0d:4595/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:384 errors:0 dropped:0 overruns:0 frame:0 TX packets:323 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:58009 (58.0 KB) TX bytes:45933 (45.9 KB) Interrupt:11 Base address:0xa000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

It's only has one vNic eth0, but ...

edit flag offensive delete link more
0

answered 2012-05-15 08:50:18 -0600

mb-s gravatar image

Looks similar to the problem I reported a while back: https://answers.launchpad.net/quantum/+question/190861 (https://answers.launchpad.net/quantum...)

edit flag offensive delete link more
0

answered 2012-05-17 01:32:36 -0600

guestly gravatar image

To Somik Behera (somikbehera) , Since you have created both of these networks as "shared"/public networks, any VM on any network can ping the gateways, which is what you are seeing.

how do you see both of these networks are public networks?

I use nova DHCP to create IP address.

edit flag offensive delete link more
0

answered 2012-05-17 01:29:50 -0600

guestly gravatar image

I have similar problem with another problem: I also have this problem. I founded that my iptables has a new rule after I created a network 192.168.208.0/24 and a VM 8.8.8.6/192.168.208.2, and I can ping 8.8.8.6 but cannot 192.168.208.2 :

-A nova-manage-snat -s 192.168.208.0/24 -j SNAT --to-source 10.131.0.244

when I delete this rule, I can ping 192.168.208.2, and when I create a new network and new VM, this rule was replaced by the new network.

As below, are my iptables rules BEFORE CREATING NETWORK, AFTER CREATING NETWORK and AFTER CREATING VM:

BEFORE CREATING NETWORK:

Generated by iptables-save v1.4.12 on Wed May 16 14:51:31 2012

*mangle :PREROUTING ACCEPT [245736:216294003] :INPUT ACCEPT [57864:32422084] :FORWARD ACCEPT [184175:182659303] :OUTPUT ACCEPT [53384:31506313] :POSTROUTING ACCEPT [237564:214167256] -A POSTROUTING -o virbr0 -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill COMMIT

Completed on Wed May 16 14:51:31 2012

Generated by iptables-save v1.4.12 on Wed May 16 14:51:31 2012

*nat :PREROUTING ACCEPT [135:35818] :INPUT ACCEPT [54:10054] :OUTPUT ACCEPT [22:1351] :POSTROUTING ACCEPT [22:1351] :nova-api-OUTPUT - [0:0] :nova-api-POSTROUTING - [0:0] :nova-api-PREROUTING - [0:0] :nova-api-float-snat - [0:0] :nova-api-snat - [0:0] :nova-compute-OUTPUT - [0:0] :nova-compute-POSTROUTING - [0:0] :nova-compute-PREROUTING - [0:0] :nova-compute-float-snat - [0:0] :nova-compute-snat - [0:0] :nova-manage-OUTPUT - [0:0] :nova-manage-POSTROUTING - [0:0] :nova-manage-PREROUTING - [0:0] :nova-manage-float-snat - [0:0] :nova-manage-snat - [0:0] :nova-network-OUTPUT - [0:0] :nova-network-POSTROUTING - [0:0] :nova-network-PREROUTING - [0:0] :nova-network-float-snat - [0:0] :nova-network-snat - [0:0] :nova-postrouting-bottom - [0:0] -A PREROUTING -j nova-compute-PREROUTING -A PREROUTING -j nova-network-PREROUTING -A PREROUTING -j nova-manage-PREROUTING -A PREROUTING -j nova-api-PREROUTING -A OUTPUT -j nova-compute-OUTPUT -A OUTPUT -j nova-network-OUTPUT -A OUTPUT -j nova-manage-OUTPUT -A OUTPUT -j nova-api-OUTPUT -A POSTROUTING -j nova-compute-POSTROUTING -A POSTROUTING -j nova-network-POSTROUTING -A POSTROUTING -j nova-manage-POSTROUTING -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p tcp -j MASQUERADE --to-ports 1024-65535 -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p udp -j MASQUERADE --to-ports 1024-65535 -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -j MASQUERADE -A POSTROUTING -j nova-api-POSTROUTING -A POSTROUTING -j nova-postrouting-bottom -A nova-api-snat -j nova-api-float-snat -A nova-compute-snat -j nova-compute-float-snat -A nova-manage-snat -j nova-manage-float-snat -A nova-manage-snat -s 192.168.207.0/24 -j SNAT --to-source 10.131.0.244 -A nova-network-POSTROUTING -s 192.168.200.0/24 -d 10.131.0.244/32 -j ACCEPT -A nova-network-POSTROUTING -s 192.168.200.0/24 -d 10.128.0.0/24 -j ACCEPT -A nova-network-POSTROUTING -s 192.168.200.0/24 -d 192.168.200.0/24 -m conntrack ! --ctstate DNAT -j ACCEPT -A nova-network-PREROUTING -d 169.254.169.254/32 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.131.0.244:8775 -A nova-network-snat -j nova-network-float-snat -A nova-network-snat -s 192.168.200.0/24 -j SNAT --to-source 10.131.0.244 ... (more)

edit flag offensive delete link more
0

answered 2012-05-17 01:15:07 -0600

danwent gravatar image

have you accessed ubuntu1204_ci_amd64_public (8.8.8.2) via VNC console and confirmed that the host received an IP?

If you can do that, I would tcpdump on the tap device associated with that VM and see what traffic is coming in and out to narrow down where the problem might be.

Dan

edit flag offensive delete link more
0

answered 2012-05-15 01:42:57 -0600

guestly gravatar image

Plus, my nova conf is as below:

--dhcpbridge_flagfile=/etc/nova/nova.conf --dhcpbridge=/usr/bin/nova-dhcpbridge --logdir=/var/log/nova --state_path=/var/lib/nova --lock_path=/var/lock/nova #--force_dhcp_release #--iscsi_helper=tgtadm #--libvirt_use_virtio_for_bridges #--connection_type=libvirt --root_helper=sudo nova-rootwrap #--verbose #--ec2_private_dns_show_ip --quantum_use_dhcp=true

LOGS/STATE

--verbose=True

AUTHENTICATION

--auth_strategy=keystone

SCHEDULER

--compute_scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler --scheduler_default_filters=AllHostsFilter

VOLUMES

--volume_group=nova-volumes --volume_name_template=volume-%08x --iscsi_helper=tgtadm

DATABASE

--sql_connection=mysql://nova:passwd@10.131.0.244/nova

COMPUTE

--libvirt_type=kvm --connection_type=libvirt --instance_name_template=instance-%08x --api_paste_config=/etc/nova/api-paste.ini --allow_resize_to_same_host=True

--libvirt_ovs_bridge=br-int --libvirt_vif_type=ethernet --libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtOpenVswitchDriver

APIS

--osapi_compute_extension=nova.api.openstack.compute.contrib.standard_extensions --ec2_dmz_host=10.131.0.244 --s3_host=10.131.0.244

#RABBITMQ --rabbit_host=localhost --rabbit_password=guest

GLANCE

--image_service=nova.image.glance.GlanceImageService --glance_api_servers=10.131.0.244:9292

NETWORK

#--network_manager=nova.network.manager.FlatDHCPManager --network_manager=nova.network.quantum.manager.QuantumManager --linuxnet_interface_driver=nova.network.linux_net.LinuxOVSInterfaceDriver --force_dhcp_release=True --dhcpbridge_flagfile=/etc/nova/nova.conf #--firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver --my_ip=10.131.0.244 --public_interface=br100 --vlan_interface=eth0 --flat_network_bridge=br100 --flat_interface=eth0 --fixed_range=192.168.200.0/24

NOVNC CONSOLE

--novncproxy_base_url=http://10.131.0.244:6080/vnc_auto.html --vncserver_proxyclient_address=10.131.0.244 --vncserver_listen=10.131.0.244

edit flag offensive delete link more
0

answered 2012-05-15 01:51:20 -0600

guestly gravatar image

And Dashboard instance log is as below:

ci-info: lo : 1 127.0.0.1 255.0.0.0 .

ci-info: eth0 : 1 10.10.10.31 255.255.255.0 fa:16:3e:67:10:e2

ci-info: route-0: 0.0.0.0 10.10.10.1 0.0.0.0 eth0 UG

ci-info: route-1: 10.10.10.0 0.0.0.0 255.255.255.0 eth0 U

cloud-init start running: Mon, 14 May 2012 09:34:57 +0000. up 8.18 seconds

2012-05-14 09:34:57,596 - util.py[WARNING]: 'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed [0/120s]: http error [404]

2012-05-14 09:34:58,652 - util.py[WARNING]: 'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed [1/120s]: http error [404]

2012-05-14 09:34:59,704 - util.py[WARNING]: 'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed [2/120s]: http error [404]

2012-05-14 09:35:00,755 - util.py[WARNING]: 'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed [3/120s]: http error [404]

2012-05-14 09:35:01,813 - util.py[WARNING]: 'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed [4/120s]: http error [404]

2012-05-14 09:35:02,868 - util.py[WARNING]: 'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed [5/120s]: http error [404]

2012-05-14 09:35:04,920 - util.py[WARNING]: 'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed [7/120s]: http error [404]

2012-05-14 09:35:06,983 - util.py[WARNING]: 'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed [9/120s]: http error [404]

2012-05-14 09:35:59,038 - util.py[WARNING]: 'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed [61/120s]: url error [timed out]

2012-05-14 09:36:51,092 - util.py[WARNING]: 'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed [113/120s]: url error [timed out]

2012-05-14 09:36:57,101 - util.py[WARNING]: 'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed [119/120s]: url error [timed out]

2012-05-14 09:37:00,106 - DataSourceEc2.py[CRITICAL]: giving up on md after 122 seconds

no instance data found in start

Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd

  • Starting AppArmor profiles [80G [74G[ OK ]

landscape-client is not configured, please run landscape-config.

  • Stopping System V initialisation compatibility[74G[ OK ]

  • Starting System V runlevel compatibility[74G[ OK ]

  • Starting ACPI daemon[74G[ OK ]

  • Starting save kernel messages[74G[ OK ]

  • Starting regular background program processing daemon[74G[ OK ]

  • Starting deferred execution scheduler[74G[ OK ]

  • Starting automatic crash report generation[74G[ OK ]

  • Stopping save kernel messages[74G[ OK ]

  • Starting CPU interrupts balancing daemon[74G[ OK ]

  • Starting crash report submission daemon[74G[ OK ]

  • Stopping System V runlevel compatibility[74G[ OK ]

  • Starting execute cloud user/final scripts[74G[ OK ]

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2012-05-15 01:38:42 -0600

Seen: 139 times

Last updated: Jul 06 '12