Ask Your Question

Not able to ping floating ip except from single-node-stack machine in centos 6.5

asked 2015-01-20 12:31:13 -0500

naggappan gravatar image

updated 2015-01-20 23:58:06 -0500

I have deployed openstack icehouse in centos 6.5 and successfully bridged br-ex and eth2. Also enabled the security policy to "ingress" for tcp port 22 and ALL ICMP request. Issue is able to ping floating IP allocated to VM's created from my single node all in one openstack machine. But I am not able to access from other machines .

I tried to ping floating ip from same network other machine and captured the tcp dump as follows,

[root@centos65 ~]# tcpdump -i any |grep
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
13:22:19.844578 ARP, Request who-has tell, length 46
13:22:19.844996 ARP, Request who-has tell, length 46
13:22:59.844605 ARP, Request who-has tell, length 46
13:22:59.844903 ARP, Request who-has tell, length 46

This shows that only ARP Request comes in and not any "ICMP echo request"

ovs-vsctl show as below,

     [root@centos65 ~]# ovs-vsctl show
      Bridge br-int
        fail_mode: secure
          Port "tap70590cf3-e8"
            tag: 2
            Interface "tap70590cf3-e8"
            type: internal
         Port "qr-c5e8f540-42"
        tag: 2
        Interface "qr-c5e8f540-42"
            type: internal
       Port patch-tun
         Interface patch-tun
            type: patch
            options: {peer=patch-int}
        Port "qvoab4d84b0-5a"
        tag: 2
        Interface "qvoab4d84b0-5a"
        Port br-int
        Interface br-int
            type: internal
    Bridge br-ex
       Port "eth0"
           Interface "eth0"
        Port br-ex
        Interface br-ex
            type: internal
       Port "qg-25282330-a0"
        Interface "qg-25282330-a0"
            type: internal
    Bridge br-tun
    Port br-tun
        Interface br-tun
            type: internal
        Port patch-int
        Interface patch-int
            type: patch
            options: {peer=patch-tun}
     ovs_version: "2.1.3"

Also please let me know how to debug what is happening to ARP request. like its been droped by kernel filter etc.

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2015-01-20 15:41:23 -0500

GLaupre gravatar image

Try to open all ports in both directions and kill the iptable service (firewall). I had the same issue and doing that resolved the problem. This not a correct fix but at least it made the trick.

edit flag offensive delete link more


Hi GLaupre, I have enabled to allow all port traffic using this link , . Still the issue is there. And i am sure the bridge br-ex is working fine with eth0 port. I have updated the with vsctl-show.

naggappan gravatar imagenaggappan ( 2015-01-20 23:44:21 -0500 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2015-01-20 12:31:13 -0500

Seen: 214 times

Last updated: Jan 20 '15