Ask Your Question
1

[neutron] network node can't ping external network

asked 2014-08-28 02:53:00 -0500

jazzsir gravatar image

updated 2014-09-02 09:38:49 -0500

I have followed the Icehouse doc to install a 3 node environment. All nodes are builded as virtual machines using libvirt in CentOS 6.5

http://docs.openstack.org/icehouse/install-guide/install/yum/content/basics-networking-neutron.html

-controller-node : 10.0.0.11 (management network)
-network-node : 10.0.0.21 (management network)
                10.0.1.21 (data network)
-compute-node : 10.0.0.31 (management network)
                10.0.1.31 (data network)
-external network : 192.168.125.0/24
-demo network : 172.30.1.0/24

In my network node, external NIC is configured witout IP as per the documentation. (PROMISC="yes")

DEVICE="eth1"
TYPE="Ethernet"
ONBOOT="yes"
PROMISC="yes"
BOOTPROTO="none"
HWADDR="52:54:00:D3:92:E2"
UUID="7f8a9e99-fbd0-4c59-900f-2369c9e8f780"

However, even though ARP tables of both sides are no problem, I cannot ping the external network in a below stage.

http://docs.openstack.org/icehouse/install-guide/install/yum/content/neutron_initial-networks-verify.html

① inside(tenant router gateway on network-node) -> outside(external geteway)

[root@network-node ~]# ping 192.168.125.254
PING 192.168.125.254 (192.168.125.254) 56(84) bytes of data.
From 192.168.125.54 icmp_seq=1 Destination Host Unreachable
From 192.168.125.54 icmp_seq=2 Destination Host Unreachable
From 192.168.125.54 icmp_seq=3 Destination Host Unreachable

② outside -> inside

[root@desktop ~]# ping 192.168.125.150
PING 192.168.125.150 (192.168.125.150) 56(84) bytes of data.
--> receive no response

This is the info of my environment:

1) controller node

[root@controller-node]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:00:91:4e:06 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.11/24 brd 10.0.0.255 scope global eth0
    inet6 fe80::5054:ff:fe91:4e06/64 scope link 
       valid_lft forever preferred_lft forever
[root@controller-node]# 
[root@controller-node]# neutron net-list
+--------------------------------------+----------+-------------------------------------------------------+
| id                                   | name     | subnets                                               |
+--------------------------------------+----------+-------------------------------------------------------+
| 9cebb2a6-fd73-4ef7-81d2-188652f57ecd | demo-net | c66648c9-c34b-4806-af39-3c982378a411 172.30.1.0/24    |
| e5f7b93c-475c-4c9d-95e4-8d1cf7728013 | ext-net  | a1e1fcc6-d596-4959-8923-9b46d64445af 192.168.125.0/24 |
+--------------------------------------+----------+-------------------------------------------------------+
[root@controller-node]# neutron subnet-list
+--------------------------------------+-------------+------------------+--------------------------------------------------------+
| id                                   | name        | cidr             | allocation_pools                                       |
+--------------------------------------+-------------+------------------+--------------------------------------------------------+
| a1e1fcc6-d596-4959-8923-9b46d64445af | ext-subnet  | 192.168.125.0/24 | {"start": "192.168.125.150", "end": "192.168.125.159"} |
| c66648c9-c34b-4806-af39-3c982378a411 | demo-subnet | 172.30.1.0/24    | {"start": "172.30.1.2", "end": "172.30.1.254"}         |
+--------------------------------------+-------------+------------------+--------------------------------------------------------+
[root@controller-node]# 
[root@controller-node]# neutron port-list
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------+
| id                                   | name | mac_address       | fixed_ips                                                                              |
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------+
| 9810105a-edf5-41bc-a140-81ccf71f6bc4 |      | fa:16:3e:34:fd:cb | {"subnet_id": "a1e1fcc6-d596-4959-8923-9b46d64445af", "ip_address": "192.168.125.150"} |
| 98c762ea-d7f7-4c1d-9b74-73efc9990236 |      | fa:16:3e:cb:0c:11 | {"subnet_id": "c66648c9-c34b-4806-af39-3c982378a411", "ip_address": "172.30.1.1"}      |
| f5eec840-e629-448b-ba9a-fbcd60501247 |      | fa:16:3e:ae:a6:fa | {"subnet_id": "c66648c9-c34b-4806-af39-3c982378a411", "ip_address": "172.30.1.2"}      |
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------+
[root@controller-node]# 
[root@controller-node]# neutron router-show demo-router
+-----------------------+-----------------------------------------------------------------------------+
| Field                 | Value                                                                       |
+-----------------------+-----------------------------------------------------------------------------+
| admin_state_up        | True                                                                        |
| external_gateway_info | {"network_id": "e5f7b93c-475c-4c9d-95e4-8d1cf7728013", "enable_snat": true} |
| id                    | 8ae4b1fa-fb60-4690-bbe2-febbfbcf7555                                        |
| name                  | demo-router                                                                 |
| routes                |                                                                             |
| status                | ACTIVE                                                                      |
| tenant_id             | c94f1dc5870a4d06a8b6ba947e1ac554                                            |
+-----------------------+-----------------------------------------------------------------------------+
[root@controller-node]# 
[root@controller-node ...
(more)
edit retag flag offensive close merge delete

Comments

1

Post ovs-vsctl show on neutron server

dbaxps gravatar imagedbaxps ( 2014-08-28 03:38:38 -0500 )edit

Thank you for your attention. neutron server is active on controller node(I checked 'openstack-status'), but 'ovs-vsctl' command is not found. I can execute it only on network and compute node. the result of 'ovs-vsctl show' on network node is mentioned above(please click 'more' button).

jazzsir gravatar imagejazzsir ( 2014-08-31 06:45:06 -0500 )edit

4 answers

Sort by » oldest newest most voted
0

answered 2014-09-01 15:58:44 -0500

T u l gravatar image

You are using eth1 for external network, right?

from your ip a one can see that eth1 has ip address assigned. It should not. Instead, br-ex should have 192.168.125.x address. I think your interface configuration might be incorrect. What is your br-ex config (/etc/sysconfig/network-scripts/ifcfg-br-ex)?

An example of it:

DEVICE="br-ex"
ONBOOT="yes"
TYPE="OVSBridge"
DEVICETYPE="ovs"
BOOTPROTO="static"
IPADDR=192.168.125.54
PREFIX=24
GATEWAY=192.168.125.1
DNS=...
edit flag offensive delete link more

Comments

Thank you for your attention. Yes, eth1 is for external network. and I tried both(assign and not assign IP). Assigning external IP to br-ex is not described in document. [http://docs.openstack.org/icehouse/install-guide/install/yum/content/neutron-ml2-network-node.html]

jazzsir gravatar imagejazzsir ( 2014-09-01 23:21:10 -0500 )edit

Anyway, I created /etc/sysconfig/network-scripts/ifcfg-br-ex and assigned IP. In this case, I can capture incoming pings by using "tcpdump -i eth1" as below, but source host(outside) receives no response

13:29:31.600909 ARP, Request who-has 192.168.125.52 tell 192.168.125.54, length 28
jazzsir gravatar imagejazzsir ( 2014-09-01 23:39:50 -0500 )edit

There are no 'IP' packets, only 'ARP' packet in captured packets by using "tcpdump -i eth1"

jazzsir gravatar imagejazzsir ( 2014-09-01 23:50:45 -0500 )edit

maybe you are right, and there is no need to assign ip address to br-ex, it is just if you want to have access to your neutron node through external network.

T u l gravatar imageT u l ( 2014-09-02 02:14:25 -0500 )edit

does that work ip netns exec qrouter-8ae4b1fa-fb60-4690-bbe2-febbfbcf7555 ping <ip of your gateway or something pingable from 192.168.125 net> ?

T u l gravatar imageT u l ( 2014-09-02 02:52:15 -0500 )edit
0

answered 2014-08-29 00:05:24 -0500

damon.wang gravatar image

same as @dbaxps, plz paste ovs-vsctl show on network node

edit flag offensive delete link more

Comments

1

Hi, you can see the result of "ova-vsctl show" on network node by clicking 'more' button. Thank you~!

jazzsir gravatar imagejazzsir ( 2014-08-31 06:48:55 -0500 )edit
0

answered 2014-09-01 08:03:53 -0500

jazzsir gravatar image

The port of the router_gateway is DOWN as below. I think that is the problem. I am looking for the way to be active.

[root@controller-node]# neutron port-list
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------+
| id                                   | name | mac_address       | fixed_ips                                                                              |
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------+
| 9810105a-edf5-41bc-a140-81ccf71f6bc4 |      | fa:16:3e:34:fd:cb | {"subnet_id": "a1e1fcc6-d596-4959-8923-9b46d64445af", "ip_address": "192.168.125.150"} |
| 98c762ea-d7f7-4c1d-9b74-73efc9990236 |      | fa:16:3e:cb:0c:11 | {"subnet_id": "c66648c9-c34b-4806-af39-3c982378a411", "ip_address": "172.30.1.1"}      |
| f5eec840-e629-448b-ba9a-fbcd60501247 |      | fa:16:3e:ae:a6:fa | {"subnet_id": "c66648c9-c34b-4806-af39-3c982378a411", "ip_address": "172.30.1.2"}      |
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------+
[root@controller-node]# 
[root@controller-node]# 
[root@controller-node]# neutron port-show 9810105a-edf5-41bc-a140-81ccf71f6bc4
+-----------------------+----------------------------------------------------------------------------------------+
| Field                 | Value                                                                                  |
+-----------------------+----------------------------------------------------------------------------------------+
| admin_state_up        | True                                                                                   |
| allowed_address_pairs |                                                                                        |
| binding:host_id       | os-network                                                                             |
| binding:profile       | {}                                                                                     |
| binding:vif_details   | {"port_filter": true, "ovs_hybrid_plug": true}                                         |
| binding:vif_type      | ovs                                                                                    |
| binding:vnic_type     | normal                                                                                 |
| device_id             | 8ae4b1fa-fb60-4690-bbe2-febbfbcf7555                                                   |
| device_owner          | network:router_gateway                                                                 |
| extra_dhcp_opts       |                                                                                        |
| fixed_ips             | {"subnet_id": "a1e1fcc6-d596-4959-8923-9b46d64445af", "ip_address": "192.168.125.150"} |
| id                    | 9810105a-edf5-41bc-a140-81ccf71f6bc4                                                   |
| mac_address           | fa:16:3e:34:fd:cb                                                                      |
| name                  |                                                                                        |
| network_id            | e5f7b93c-475c-4c9d-95e4-8d1cf7728013                                                   |
| security_groups       |                                                                                        |
| status                | DOWN                                                                                   |
| tenant_id             |                                                                                        |
+-----------------------+----------------------------------------------------------------------------------------+
[root@controller-node]# neutron router-show demo-router
+-----------------------+-----------------------------------------------------------------------------+
| Field                 | Value                                                                       |
+-----------------------+-----------------------------------------------------------------------------+
| admin_state_up        | True                                                                        |
| external_gateway_info | {"network_id": "e5f7b93c-475c-4c9d-95e4-8d1cf7728013", "enable_snat": true} |
| id                    | 8ae4b1fa-fb60-4690-bbe2-febbfbcf7555                                        |
| name                  | demo-router                                                                 |
| routes                |                                                                             |
| status                | ACTIVE                                                                      |
| tenant_id             | c94f1dc5870a4d06a8b6ba947e1ac554                                            |
+-----------------------+-----------------------------------------------------------------------------+
[root@controller-node]#
edit flag offensive delete link more
0

answered 2015-01-16 02:08:01 -0500

KeNS gravatar image

for me,

[root@network log]# ip netns exec qrouter-d924f4f4-53d4-4f23-b0de-7022d819ca91 ping -c 1 10.0.0.101 PING 10.0.0.101 (10.0.0.101) 56(84) bytes of data. 64 bytes from 10.0.0.101: icmp_seq=1 ttl=64 time=0.033 ms

--- 10.0.0.101 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.033/0.033/0.033/0.000 ms

[root@network log]# ping -c 1 10.0.0.101 PING 10.0.0.101 (10.0.0.101) 56(84) bytes of data. From 10.0.0.21 icmp_seq=1 Destination Host Unreachable

--- 10.0.0.101 ping statistics --- 1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms

what I am missing here? ping me @ ajay.kamble.ak@gmail.com

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

Stats

Asked: 2014-08-28 02:26:01 -0500

Seen: 3,478 times

Last updated: Sep 02 '14