Ask Your Question
2

can not access / ping to Vm from controller or any host

asked 2014-06-03 08:41:57 -0500

nevzat gravatar image

Hi, I have installed icehouse on centos 6.5 and I am having problem with access / ping to VM from any host (controller etc.). There are three nodes on the system (controller, compute and network). I am using neutron for networking.

When Vm was created (also I have already associated floating IP to vm), I could access (via ssh -- like "ssh cirros@floatingIP") / ping to vm (with floating ip) from any host. After a while, I couldn't access to Vm (or ping to floating IP of Vm ). I can just access from dashboard - console . While I couldn't access to vm, I was trying to ping to vm. (e.g --- ping 10.10.10.37) and the result was "From 10.10.10.37 icmp_seq=2 Destination Host Unreachable etc."

After that, I entered to Vm from dashboard via console. when I tried to ping outside of the internet (e.g google ) or ping to gate way IP of the subnet, which was created before,on the VM, it was able to access from controller or computer via ssh with floating IP.

I have already add "icmp -1 -1 0.0.0.0/0 "and " tcp 22 22 0.0.0.0/0" rules to default security group.

Do you have any idea about the problem? Did anybody experience such a case before?

Thanks to all.

edit retag flag offensive close merge delete

Comments

hi nevzat, how did you access VM via controller and compute node...? Plz give the detail steps..Thanks in advance

Queen gravatar imageQueen ( 2015-01-31 03:52:28 -0500 )edit

1 answer

Sort by ยป oldest newest most voted
0

answered 2014-06-03 18:01:11 -0500

Aleiks gravatar image

Hi, If you have rebooted your network node, make sure to do the "ethtool -K [externalnetworkinterface] gro off" command. You should now be able to ping your instances again.


edit flag offensive delete link more

Comments

Hi , I tried your advice but it didn't work. I think the issue is related to iptables of compute node. When iptables was started on compute node, VMs could not be accessed via ssh (or not ping networkfrom controller). On the contrary, When iptables was stopped on compute node, VMs could be accessed via ssh (or ping from controller).

My /etc/sysconfig/iptables file on the compute node is as follows :

"# Generated by iptables-save v1.4.7 on Tue Jun 3 11:20:10 2014

"# Completed on Tue Jun 3 11:20:10 2014

"# Generated by iptables-save v1.4.7 on Tue Jun 3 11:20:10 2014

*mangle

:PREROUTING ACCEPT [7849:718762]

:INPUT ACCEPT [7797:716142]

:FORWARD ACCEPT [0:0]

:OUTPUT ACCEPT [9801:625625]

:POSTROUTING ACCEPT [9801:625625]

-A POSTROUTING -o virbr0 -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill

COMMIT

"# Completed on Tue Jun 3 11 ...(more)

nevzat gravatar imagenevzat ( 2014-06-06 08:58:15 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

Stats

Asked: 2014-06-03 08:41:57 -0500

Seen: 1,188 times

Last updated: Jun 03 '14