dhcp reply not reaching vms
i have working dhcp agent,but vms are not getting any ip,eventhough dhcp is replying with ip address.
performed tcpdump on compute node and network node.
On network node:
Syslog:
dnsmasq-dhcp[36529]: DHCPDISCOVER(tap2c87ec29-e7) fa:16:3e:00:30:4a
dnsmasq-dhcp[36529]: DHCPOFFER(tap2c87ec29-e7) 51.x.x.144 fa:16:3e:00:30:4a
ip netns exec qdhcp-fa15de05-d258-46ba-bab7-4240c346539a ip a
41: tap2c87ec29-e7: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
link/ether fa:16:3e:7b:b2:8b brd ff:ff:ff:ff:ff:ff
inet 51.x.x.143/27 brd 51.x.x.159 scope global tap2c87ec29-e7
inet 169.254.169.254/16 brd 169.254.255.255 scope global tap2c87ec29-e7
inet6 fe80::f816:3eff:fe7b:b28b/64 scope link
valid_lft forever preferred_lft forever
tcpdump on tap2c87ec29-e7
ip netns exec qdhcp-fa15de05-d258-46ba-bab7-4240c346539a tcpdump -i tap2c87ec29-e7 port 67 or port 68
16:18:35.116872 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:00:30:4a (oui Unknown), length 280
16:18:35.117202 IP 51.x.x.143.bootps > 51.x.x.144.bootpc: BOOTP/DHCP, Reply, length 330
Compute Node:
tcpdump on compute node not showing any dhcp replys
15:51:50.598801 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:00:30:4a (oui Unknown), length 280
15:52:50.659482 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:00:30:4a (oui Unknown), length 280
15:53:22.658542 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:00:30:4a (oui Unknown), length 280
15:54:22.719993 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:00:30:4a (oui Unknown), length 280
15:55:22.780596 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:00:30:4a (oui Unknown), length 280
16:17:35.054924 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:00:30:4a (oui Unknown), length 280
For me it looks like dhcp replys are not leaving network node,and i dont have any blocking rules in iptables.Can any one help me in solving this.Also dhcp tap device is not accessible from outside world, can this be a reason for this,even though there is veth pair phy-br and int-br ,it is not reachable,is this expected?
ovs-vsctl list-ports br-int
int-br-eth0
tap2c87ec29-e7
I dont know how it can help
ovs-ofctl dump-flows br-eth0
NXST_FLOW reply (xid=0x4):
cookie=0x0, duration=220.865s, table=0, n_packets=2, n_bytes=180, idle_age=53, priority=4,in_port=7,dl_vlan=1 actions=strip_vlan,NORMAL
cookie=0x0, duration=221.921s, table=0, n_packets=6, n_bytes=468, idle_age=212, priority=2,in_port=7 actions=drop
cookie ...
Is this a virtualized environment? If so you will probably need to enable promiscuous mode in VMware (or whatever) on the virtual NICs that are used by the interfaces in br-eth0. The dhcp request works because it is a broadcast, but the reply is a unicast.
As i said dhcp is receiving broadcast and replying with ip i can see that in tcpdump and syslog but its not reaching guest nor host nic.
Was testing on virtual box vm setup, setting the promiscous mode worked for mw