Ask Your Question
1

[Solved] Neutron: Can't ping Internet on Network node [closed]

asked 2014-06-04 11:03:38 -0500

Iván Sixto gravatar image

updated 2014-06-05 03:45:20 -0500

Hi, first of all sorry for my English level

I'm seting up a fresh intall of OpenStack icehouse and it's my first time with Neutron component. I've got internet access in Compute and controller nodes, but not in Network node.

It seems like default route is missing... Any idea?

ON NETWORK NODE:

$ ovs-vsctl show
63a6abbc-87ad-4064-9ff1-31d581558fc3
    Bridge br-int
        Port "qr-bf0abcc0-b2"
            tag: 1
            Interface "qr-bf0abcc0-b2"
                type: internal
        Port br-int
            Interface br-int
                type: internal
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "tap5c0ce225-83"
            tag: 1
            Interface "tap5c0ce225-83"
                type: internal
    Bridge br-tun
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
        Port br-tun
            Interface br-tun
                type: internal
        Port "gre-c0a80b04"
            Interface "gre-c0a80b04"
                type: gre
                options: {in_key=flow, local_ip="192.168.11.3", out_key=flow, remote_ip="192.168.11.4"}
    Bridge br-ex
        Port "eth0"
            Interface "eth0"
        Port br-ex
            Interface br-ex
                type: internal
        Port "qg-422ba938-ec"
            Interface "qg-422ba938-ec"
                type: internal
    ovs_version: "1.11.0"

ON COMPUTE NODE:

 $ovs-vsctl show
a8dbd826-84b0-4121-8b09-1b915fde800d
    Bridge br-int
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port br-int
            Interface br-int
                type: internal
    Bridge br-tun
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
        Port "gre-c0a80b03"
            Interface "gre-c0a80b03"
                type: gre
                options: {in_key=flow, local_ip="192.168.11.4", out_key=flow, remote_ip="192.168.11.3"}
    ovs_version: "1.11.0"
edit retag flag offensive reopen merge delete

Closed for the following reason the question is answered, right answer was accepted by SamYaple
close date 2014-06-05 08:13:30.835515

Comments

Do you mean from within VM or just from Network Node ?
I don't see any VMs created on Compute Node due to :-
I don't see qvo* interfaces attached to br-int on Compute Node
Run brctl show on Compute Node. For each qvbxxxxxxxx interface
$ ovs-vsctl show | grep xxxxxxxxxx
should have an entry qvoxxxxxxxxx under bridge br-int

dbaxps gravatar imagedbaxps ( 2014-06-04 11:41:01 -0500 )edit

Replied below

Iván Sixto gravatar imageIván Sixto ( 2014-06-04 11:46:20 -0500 )edit

I mean, for example, I can't ping google from Network Node, and neither from instance1 to google. :S

Iván Sixto gravatar imageIván Sixto ( 2014-06-04 11:51:30 -0500 )edit

2 answers

Sort by » oldest newest most voted
1

answered 2014-06-05 03:51:03 -0500

dbaxps gravatar image
It's fixed now.  Changes to system  have been performed :-
1. Update DNS Server for private network to get from within VMs Internet access - done.
2. Configuring OVS bridge br-ex  && OVS port eth0 on Neutron Node - done.
All details may be seen in thread itself
edit flag offensive delete link more
0

answered 2014-06-04 11:45:46 -0500

Iván Sixto gravatar image

updated 2014-06-05 03:41:46 -0500

***SOLUTION AT THE END OF THIS REPLY***
-----------------------------------------------------------------------------------------

Sorry, now I've got a instance running and the floating IP. From the external network I can ping the instance, but this one can't ping internet neither.

Now, the qvo from the Compute node.

        [root@hades ~]# brctl show
    bridge name bridge id       STP enabled interfaces
    qbr5c96ddfc-71      8000.12bc2d1af03a   no      qvb5c96ddfc-71
                                tap5c96ddfc-71
    virbr0      8000.5254004b4269   yes     virbr0-nic
    [root@hades ~]# ovs-vsctl show
    a8dbd826-84b0-4121-8b09-1b915fde800d
        Bridge br-int
            Port patch-tun
                Interface patch-tun
                    type: patch
                    options: {peer=patch-int}
            Port "qvo5c96ddfc-71"
                tag: 1
                Interface "qvo5c96ddfc-71"
            Port br-int
                Interface br-int
                    type: internal
        Bridge br-tun
            Port br-tun
                Interface br-tun
                    type: internal
            Port patch-int
                Interface patch-int
                    type: patch
                    options: {peer=patch-tun}
            Port "gre-c0a80b03"
                Interface "gre-c0a80b03"
                    type: gre
                    options: {in_key=flow, local_ip="192.168.11.4", out_key=flow, remote_ip="192.168.11.3"}
        ovs_version: "1.11.0"


EDITED (in response to dbaxps):
_______________________________

    $ ifconfig
    eth0      Link encap:Ethernet  HWaddr FA:16:3E:A6:53:FD  
              inet addr:192.168.1.3  Bcast:192.168.1.255  Mask:255.255.255.0
              inet6 addr: fe80::f816:3eff:fea6:53fd/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:531 errors:0 dropped:0 overruns:0 frame:0
              TX packets:476 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000 
              RX bytes:49246 (48.0 KiB)  TX bytes:48729 (47.5 KiB)

    lo        Link encap:Local Loopback  
              inet addr:127.0.0.1  Mask:255.0.0.0
              inet6 addr: ::1/128 Scope:Host
              UP LOOPBACK RUNNING  MTU:16436  Metric:1
              RX packets:12 errors:0 dropped:0 overruns:0 frame:0
              TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0 
              RX bytes:1008 (1008.0 B)  TX bytes:1008 (1008.0 B)

    $ curl http://169.254.169.254/latest/meta-data/instance-id
    i-00000001$ curl http://169.254.169.254/latest/meta-data/local-ipv4
    192.168.1.3$ curl http://lxer.com/
    curl: (6) Couldn't resolve host 'lxer.com'

Now, if I do a ping 8.8.8.8 I get response... So maybe is a dns problem? Where should I change it? 

And, I don't know if has something to do with the problem, but the router interface connected to the External network has DOWN status... 

    IP fija
        Dirección IP: 10.51.1.125, ID de subred f952c793-47c2-40bd-8881-3aecd6b4594a
    **Status
        DOWN
    Admin Status
        UP**
    Dispositivo asociado
        Propietario del dispositivo: network:router_gateway
        ID del dispositivo: 7c883489-6397-4adc-acdb-1ab6c1fe74ce 

And same thing with the external network ports... 

![image description](/upfiles/14019054048792402.png)

**EDITED 2:**
---------------------- NETWORK DESIGN ----------------------------

 - EXTERNAL NETWORK (eth0): 10.51.1.0/24
   (GATEWAY 10.51.1.1) 
 - MANAGEMENT NETWORK (eth1): 192.168.10.0/24
 - INSTANCES NETWORK (eth0:1): 192.168.11.0/24

![image description](/upfiles/14019540562407318.png)
![image description](/upfiles/14019557953691068.jpg)

**NETWORK NODE:**

    # cat /etc/sysconfig/network-scripts/ifcfg-eth*

    DEVICE="eth0"
    ONBOOT="yes"
    TYPE="Ethernet"
    NAME=Externa
    NM_CONTROLLED=no
    BOOTPROTO=dhcp

    DEVICE="eth1"
    ONBOOT="yes"
    IPADDR=192.168.10.3
    PREFIX=24
    NAME=Interna
    #GATEWAY=192.168.10.1

    DEVICE="eth1 ...
(more)
edit flag offensive delete link more

Comments

Does VM complaining access to 169.254.169.254 during booting up ?

dbaxps gravatar imagedbaxps ( 2014-06-04 11:52:47 -0500 )edit

Sorry, but where should I look for that?

In /var/log? If that's right nothing about 169.254.169.254 :S

Iván Sixto gravatar imageIván Sixto ( 2014-06-04 12:00:05 -0500 )edit

When VM is loading up, just reboot it and watch VNC Console.

dbaxps gravatar imagedbaxps ( 2014-06-04 12:25:37 -0500 )edit

adding dns 192.168.1.2 cirros-ds 'net' up at 1.37 checking http://169.254.169.254/2009-04-04/ins... successful after 1/20 tries: up 1.38. iid=i-00000001 failed to get http://169.254.169.254/2009-04-04/use... warning: no ec2 metadata for user-data

No problem with that, it seems...

Iván Sixto gravatar imageIván Sixto ( 2014-06-04 12:28:47 -0500 )edit

Can you run after login to CirrOS VM
$ ifconfig
$ curl http://169.254.169.254/latest/meta-da...
$ curl http://169.254.169.254/latest/meta-da...
$ curl http://lxer.com

dbaxps gravatar imagedbaxps ( 2014-06-04 12:54:15 -0500 )edit

I've updated the previous reply. :)

Iván Sixto gravatar imageIván Sixto ( 2014-06-04 13:07:02 -0500 )edit

You wrote:- And, I don't know if has something to do with the problem, but the router interface connected to the External network has DOWN status
It's OK.
When you define your private subnet ( with DHCP) change value of DNS Server to DNS of your real ISP and reattach private network to router. Recreate your CirrOS VM and test one more time.

dbaxps gravatar imagedbaxps ( 2014-06-04 13:37:25 -0500 )edit

Right now I got not access, so I'll probe it tomorrow... But, i understand that those steps will solve the problem "ping from VM to google" but... Will do the same with the problem "ping from NetworkNode to google"?

Thanks again ;)

Iván Sixto gravatar imageIván Sixto ( 2014-06-04 13:48:08 -0500 )edit

Ok, done what you said and resolved DNS successfuly (from VM to Internet). Now, nothing has changed with original problem: ping from Network Node to Internet doesn't work yet.

Iván Sixto gravatar imageIván Sixto ( 2014-06-05 01:50:01 -0500 )edit

@Iván Sixto, it's network issue ( on your LAN !!) not related to your cloud VMs. Right ?

dbaxps gravatar imagedbaxps ( 2014-06-05 01:53:58 -0500 )edit

I don't know, I mean, ping from Network Node has no access to Internet since I installed and configured Neutron... So, if that's what you ask... What's going on? :S

(by the way, thanks for your patience)

Iván Sixto gravatar imageIván Sixto ( 2014-06-05 02:00:43 -0500 )edit

I am not asking anything . I state , that is your LAN routing issue. Please, confirm , that curl http://lxer.com works now from within your CirrOS VM running on Compute Node.

dbaxps gravatar imagedbaxps ( 2014-06-05 02:07:03 -0500 )edit

Confirmed, curl http://lxer.com works from VM on Compute node. About the LAN issue... Have you got an idea about what could it be?

Iván Sixto gravatar imageIván Sixto ( 2014-06-05 02:11:28 -0500 )edit

I need your detailed LAN design . 3 node ethernet configuration and connections setup . Which network connected to which interfaces ? If you have Internet on Controller && Compute , which should be on same management network with Neutron Server, it sounds very strange.

dbaxps gravatar imagedbaxps ( 2014-06-05 02:20:19 -0500 )edit

I need a picture like this
BTW . Look at http://oddbit.com/rdo-hangout-multino...

dbaxps gravatar imagedbaxps ( 2014-06-05 02:45:38 -0500 )edit

I'll take a look, I've updated the reply with some info... Hope it helps :)

Iván Sixto gravatar imageIván Sixto ( 2014-06-05 03:11:46 -0500 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2014-06-04 11:03:38 -0500

Seen: 3,148 times

Last updated: Jun 05 '14