Ask Your Question
0

Floating ips not reacheable

asked 2014-11-10 12:00:59 -0500

kfelipe gravatar image

updated 2015-10-09 00:57:08 -0500

smaffulli gravatar image

Hope you can help me. I am blind looking at docs and testing things but I cannot make my packstack instances being seen outside the host. I am not either a network expert

Using ESXi to install packstack --allinone --provision-all-in-one-ovs-bridge=n

I am using an existing network 10.128.106.0/23 but I just want to use few ips on that range 10.128.106.240-248

All connections between instances and host work fine, but I cannot reach the instances 10.128.106.242/243 from outside, and once inside the instance, I cannot ping any system in the network but 10.128.106.82 (the main HOST).

| ID | Name | Status | Task State | Power State | Networks
| ea123ee7-1871-4d64-8d5f-6fae6e95f6e5 | first | ACTIVE | - | Running | private=10.0.0.2, 10.128.106.242

| 84dbc745-b710-41b7-8bc6-44e7ae8d5222 | second | ACTIVE | - | Running | private=10.0.0.4, 10.128.106.243

After reading "Step 10. Getting VMs to Communicate with the Outside World" in https://openstack.redhat.com/PackStac... I could confirm that it looks fine but I configured the NAT part at the end but it didn't work either.

A funny thing is that when I ping one of the floating-ip addresses, the tcpdump registers the arp and provides the right MAC.

could it be that VMware vSwitch is droping the packages ?

18:32:22.421447 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 10.128.106.243 tell 10.128.106.62, length 46
18:32:22.421836 ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.128.106.243 is-at fa:16:3e:0a:3f:85, length 28

And this is the part of the router

#  ip netns exec qrouter-058bf59c-aebd-48d0-b9a2-cb2c205220ab ifconfig qg-a595574c-1f
qg-a595574c-1f Link encap:Ethernet  HWaddr FA:16:3E:0A:3F:85
          inet addr:10.128.106.241  Bcast:10.128.107.255  Mask:255.255.254.0

Thanks in advance

edit retag flag offensive close merge delete
add a comment

3 answers

Sort by ยป oldest newest most voted
4

answered 2014-11-11 02:17:03 -0500

Roy So gravatar image

I guess you're running openstack in a nested virtual environment. Enable the promiscuous mode on the vSwitch can fix your problem. http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1004099 (http://kb.vmware.com/selfservice/micr...)

edit flag offensive delete link more

Comments

Thanks. I have had same setup. Allowing promiscuous mode did help and VM's got their connectivity!

Elvinas Piliponis gravatar imageElvinas Piliponis ( 2014-11-24 07:24:42 -0500 )edit
add a comment
1

answered 2014-11-14 07:27:27 -0500

TimB gravatar image

Also check the upstream switch - it may be caching arp requests for a long time and it may have the wrong mac for the ethernet frame. You can confirm this by clearing the cache on this switch and seeing if the pings start to work.

If this is the problem reduce the arp timeout on the interface that the openstack network is on.

edit flag offensive delete link more
add a comment
0

answered 2015-10-08 03:11:57 -0500

kfelipe gravatar image

Better late than never. I thought I had replied. Thanks for your answers. I managed to configure exactly the same setup on a physical box and it worked. I am quite sure that the promiscuous mode was the problem but unfortunately I had no rights on the vmware vswitch

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2014-11-10 11:44:37 -0500

Seen: 245 times

Last updated: Oct 09 '15

Related questions

PackStack installation networking issue

No DHCP agents available

neutron generate random MAC

post creation failing

Is there a OpenVPN driver for VPNaaS?

Instance failed to spawn

Unable to create security group.

create security group

QoS: neutron bandwidth limit method

How do I modify the IP pool?