Ask Your Question
1

vm can't ping external network [closed]

asked 2014-05-18 11:05:45 -0500

kobo gravatar image

updated 2014-06-17 05:46:40 -0500

Hi, Trying to get openstack to work, installed RDO with 3 nodes (controller, network, compute) the vm can't reach the internet.

eth0 is the management in my campus network (native vlan).
eth1 is set as trunk ports with vlan's 10,11,20 allowed.
eth2 is the external.
I have created a vlan for it (external) in my campus network for floating ip's and public network for openstack (the vlan id is 20).

[root@controller ~(keystone_admin)]# neutron net-show private
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| id                        | 5ed36cac-fb3f-40fc-a897-34b3aa6ce3bc |
| name                      | private                              |
| provider:network_type     | vlan                                 |
| provider:physical_network | physnet1                             |
| provider:segmentation_id  | 10                                   |
| router:external           | False                                |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   | e4be6c0d-3935-425f-a7fe-b3bc747267f3 |
| tenant_id                 | 3964d2c3ae8e4f20999d06d3b2225c9f     |
+---------------------------+--------------------------------------+


[root@controller ~(keystone_admin)]# neutron net-show public
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| id                        | c584d431-cae5-456d-bbfe-b23de1c34987 |
| name                      | public                               |
| provider:network_type     | vlan                                 |
| provider:physical_network | physnet1                             |
| provider:segmentation_id  | 11                                   |
| router:external           | True                                 |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   | 0b3da364-af84-44a5-8f0e-e793fe799802 |
| tenant_id                 | 3964d2c3ae8e4f20999d06d3b2225c9f     |
+---------------------------+--------------------------------------+


tcpdump from network node:
17:59:04.353196 ARP, Request who-has 10.5.5.1 tell 10.5.5.2, length 42
17:59:04.353297 ARP, Reply 10.5.5.1 is-at fa:16:3e:d0:89:c5 (oui Unknown), length 28
17:59:04.936958 ARP, Request who-has 10.5.5.1 tell 10.5.5.4, length 42
17:59:04.937019 ARP, Reply 10.5.5.1 is-at fa:16:3e:d0:89:c5 (oui Unknown), length 28
17:59:05.353530 ARP, Request who-has 10.5.5.1 tell 10.5.5.2, length 42
17:59:05.353553 ARP, Reply 10.5.5.1 is-at fa:16:3e:d0:89:c5 (oui Unknown), length 28
17:59:05.940745 ARP, Request who-has 10.5.5.1 tell 10.5.5.4, length 42
17:59:05.940797 ARP, Reply 10.5.5.1 is-at fa:16:3e:d0:89:c5 (oui Unknown), length 28

tcpdump from compute node:
17:57:58.137333 ARP, Request who-has 10.5.5.1 tell 10.5.5.2, length 28
17:57:58.725073 ARP, Request who-has 10.5.5.1 tell 10.5.5.4, length 28
17:57:59.138270 ARP, Request who-has 10.5.5.1 tell 10.5.5.2, length 28
17:57:59.725488 ARP, Request who-has 10.5.5.1 tell 10.5.5.4, length 28

but the vm keeps pinging for some reason it does not get the reply or maybe discard it.
what needs to be done in order to gets vm access the internet?

edit retag flag offensive reopen merge delete

Closed for the following reason the question is answered, right answer was accepted by koolhead17
close date 2014-06-17 06:44:27.560961

Comments

have you added icmp & ssh rules in security group?

SGPJ gravatar imageSGPJ ( 2014-05-18 21:58:30 -0500 )edit

yes of course, its looks like the compute node is not using the ARP reply

kobo gravatar imagekobo ( 2014-05-19 02:08:32 -0500 )edit

2 answers

Sort by » oldest newest most voted
1

answered 2014-05-18 22:34:47 -0500

OldCrowEW gravatar image

can you ping the ext router? Thats where I would start

edit flag offensive delete link more

Comments

do you mean the gateway of the external network? because the vm can not ping anything, its allways the same thing with the ARP

17:59:04.353297 ARP, Reply 10.5.5.1 is-at fa:16:3e:d0:89:c5 (oui Unknown), length 28 17:59:04.936958 ARP, Request who-has 10.5.5.1 tell 10.5.5.4, length 42

but for some reason the compute node is not using the ARP reply. so the vm don't know where is the gateway

kobo gravatar imagekobo ( 2014-05-19 02:07:32 -0500 )edit

Does VM comlaining address 169.254.169.254 at boot up ?
Yes or No
$ neutron net-list
Pick up Id of vm's private network , say id1
$ip netns | grep id1
$ip netns exec qdhcp-id1 ifconfig
$ip netns exec qdhcp-id1 route -n
$ ip netns exec qdhcp-id1 ping IP-of-ifconfig-interface
$ ip netns exec qdhcp-id1 ping IP-of-route-gateway
$ ip netns exec qdhcp-id1 netstat -lntp | grep dnsmasq

dbaxps gravatar imagedbaxps ( 2014-05-19 02:30:31 -0500 )edit

yes it does.

Lease of 10.5.5.4 obtained, lease time 86400
deleting routers
route: SIOCDELRT: No such process
adding dns 10.5.5.3
cirros-ds 'net' up at 1.87
checking http://169.254.169.254/2009-04-04/instance-id
failed 1/20: up 1.89. request failed
failed 2/20: up 6.94. request failed
failed 3/20: up 9.94. request failed

but when i run $ip netns
Cannot open network namespace: No such file or directory

kobo gravatar imagekobo ( 2014-05-19 03:59:35 -0500 )edit

Sorry, your setup is incorrect, your Cirros Vm fails to run cloud-init. Please run :-
$service neutron-server status
$neutron agent-list
$nova-manage service list
You can format text with <br> To make it easy to read, like I do for you.

dbaxps gravatar imagedbaxps ( 2014-05-19 04:21:59 -0500 )edit

[root@controller ~(keystone_admin)]# service neutron-server status
neutron is stopped
but the service is running in network-node
[root@network-node ~]# service neutron-server status
neutron (pid 2179) is running...
[root@controller ~(keystone_admin)]# neutron agent-list
+--------------------------------------+--------------------+----------------------+-------+----------------+
| id                                           | agent_type | host | alive | admin_state_up |
+--------------------------------------+--------------------+----------------------+-------+----------------+
| 021a5712-37e2-4688-b46e-20f10f05a64c | Open vSwitch agent | compute-node | :-) | True |
| 4b24aa32-dbbb-44f3-aea5-f7c8255ead3e | L3 agent | network-node | :-) | True |
| 7e33b1d7-ccba-4cae-8b29-31d23eab2754 | Open vSwitch agent | network-node | :-) | True |
| 82862d04-6b32-46b9-85e6-8e86aed992eb | DHCP agent | network-node | :-) | True |
+--------------------------------------+--------------------+----------------------+-------+----------------+

[root@controller ~(keystone_admin)]# nova-manage service list
Binary Host Zone Status State Updated_At
nova-consoleauth controller-node internal enabled :-) 2014-05-19 09:51:44
nova-scheduler controller-node internal enabled :-) 2014-05-19 09:51:39
nova-conductor controller-node internal enabled :-) 2014-05-19 09:51:44
nova-compute compute-node nova enabled :-) 2014-05-19 09:51:47
nova-cert controller-node internal enabled :-) 2014-05-19 09:51:39






[root@network-node ~]# ip netns exec qdhcp-5ed36cac-fb3f-40fc-a897-34b3aa6ce3bc route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.5.5.0 0.0.0.0 255.255.255.0 U 0 0 0 tap3839286c-cf
0.0.0 ...








(more)

kobo gravatar imagekobo ( 2014-05-19 05:05:34 -0500 )edit
1

answered 2014-06-12 04:30:18 -0500

kobo gravatar image

switching from vlan to gre solved this issue

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2014-05-18 11:05:45 -0500

Seen: 2,709 times

Last updated: Jun 17 '14