Ask Your Question
0

Cant ping floating ip

asked 2015-03-12 11:12:12 -0500

oscar gravatar image

updated 2015-03-12 15:28:08 -0500

I am deploying juno on ubuntu server 14.04 cluster in virtual box.

Right now all nova, neutron, and other needed services are running.

The Network Configuration is as specified here http://docs.openstack.org/icehouse/training-guides/content/building-training-cluster.html (http://docs.openstack.org/icehouse/tr...) with a little variant since Im using other private networks.

My network interface on each node are:

#Controller Node

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface - NAT connection
auto eth0
iface eth0 inet dhcp

# vboxnet0 - OpenStack management network
auto eth1
iface eth1 inet static
address 10.0.0.11
netmask 255.255.255.0

# vboxnet2 - OpenStack API network
auto eth2
iface eth2 inet static
address 203.0.113.11
netmask 255.255.255.0

#Network Node # The loopback network interface auto lo iface lo inet loopback

# The primary network interface - NAT network
auto eth0
iface eth0 inet dhcp

# vboxnet0 - OpenStack management network
auto eth1
iface eth1 inet static
address 10.0.0.21
netmask 255.255.255.0

# vboxnet2 - OpenStack data/communication network
auto eth2
iface eth2 inet static
address 10.0.1.21
netmask 255.255.255.0

#vboxnet3 - For exposing external network
auto eth3
iface eth3 inet manual
up ifconfig $IFACE 0.0.0.0 up
up ip link set $IFACE promisc on
down ip link set $IFACE promisc off
down ifconfig $IFACE down

#For giving access to network node via the external network
auto br-ex 
iface br-ex inet static
address 203.0.113.21
netmask 255.255.255.0

#Compute Node # The loopback network interface auto lo iface lo inet loopback

# The primary network interface - NAT connection
auto eth0
iface eth0 inet dhcp

# vboxnet0 - OpenStack management network
auto eth1
iface eth1 inet static
address 10.0.0.31
netmask 255.255.255.0

# vboxnet2 - OpenStack VM data/communication network
auto eth2
iface eth2 inet static
address 10.0.1.31
netmask 255.255.255.0

All nodes can ping each other.

The host only networks are configured as follows:

vboxnet0 = 10.0.0.1 (255.255.255.0)
vboxnet1 = 10.0.1.1 (255.255.255.0)
vboxnet2 = 203.0.113.1 (255.255.255.0)

There is an instance active, running with a floatin ip associated:

+--------------------------------------+--------+--------+------------+-------------+-------------------------------------+
| ID                                   | Name   | Status | Task State | Power State | Networks                            |
+--------------------------------------+--------+--------+------------+-------------+-------------------------------------+
| fe7f909a-8f8f-48d9-8fdb-32aa3900d591 | cirrOS | ACTIVE | -          | Running     | demo-net=192.168.1.4, 203.0.113.102 |
+--------------------------------------+--------+--------+------------+-------------+-------------------------------------+

The floating ips are listed her:

~$ neutron floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id                                   | fixed_ip_address | floating_ip_address | port_id                              |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 59d42dff-87c7-41c7-aa39-c36657148d8f | 192.168.1.4      | 203.0.113.102       | 83764e12-40b4-4b80-a6a1-d1e9d700f1a2 |
| 5f545bd8-c98a-471d-8bd7-f40c4a2a2b41 |                  | 203.0.113.103       |                                      |
| bcd1c936-f392-4cb4-ad39-7f872ba0dadd |                  | 203.0.113.104       |                                      |
+--------------------------------------+------------------+---------------------+--------------------------------------+

The ovs status on network node:

    2f8c7fc0-a955-4031-a7c5-d4128d7a449a
    Bridge br-ex
        Port "eth3"
            Interface "eth3"

        Port "qg-af58b9fe-b6"
        Interface "qg-af58b9fe-b6"
                type: internal
        Port br-ex
            Interface br-ex
                type: internal
        Port phy-br-ex
            Interface phy-br-ex
    Bridge br-tun
        Port "gre-0a00011f"
            Interface "gre-0a00011f"
                type: gre
                options: {in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.31"}
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge br-int
        fail_mode: secure
        Port "qr-0be9dd39-35"
            tag ...
(more)
edit retag flag offensive close merge delete

Comments

Do you have any MASQUERADE rules in iptables ? If "yes" which ones exactly ?

dbaxps gravatar imagedbaxps ( 2015-03-17 01:05:42 -0500 )edit
add a comment

2 answers

Sort by ยป oldest newest most voted
0

answered 2015-03-12 15:19:09 -0500

omar-munoz gravatar image

Can you ping the private IP '192.168.1.4' , also where are you running this ping from exactly? Just another question did you enable ICMP rule in the security group to allow such traffic as a ping response?

edit flag offensive delete link more

Comments

Hi, just edited to show the security group rules. And No I can't ping 192.168.1.4 either. I attempted to ping the floating ip from the host machine and from all 3 nodes. Thanks for the help!

oscar gravatar imageoscar ( 2015-03-12 15:33:22 -0500 )edit

I think the 192.168.1.4 should be pinged using network namespace ...Hope you are already doing that.. Secondly, if you haven't checked, please check whether the 192.168.1.4 is actually present on instance interface (through vnc on horizon).

osdiaj gravatar imageosdiaj ( 2015-03-12 23:06:09 -0500 )edit

Hi osdiaj, im pinging as i regularly do like ping ip address. What do you mean by netwwork namespace im not experienced in networking. Thanks.

oscar gravatar imageoscar ( 2015-03-16 13:28:30 -0500 )edit
add a comment
0

answered 2015-03-17 00:31:12 -0500

osdiaj gravatar image

updated 2015-03-17 04:29:23 -0500

Hi Oscar,

For the private network, there is logical network created which is isolated from all other networks , aka network namespace for the private network. For more details refer to http://blog.scottlowe.org/2013/09/04/... or http://www.slideshare.net/mirantis/hk...

Now, you can do this :-

  1. ip netns and copy the qrouter namespace , say qrouter-abcdef

  2. then from network node, issue ip netns exec qrouter-abcdef ping 192.168.1.4

If you haven't checked, please check whether the 192.168.1.4 is actually present on instance interface (through vnc on horizon).

thanks.

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2015-03-12 11:12:12 -0500

Seen: 3,250 times

Last updated: Mar 17 '15

Related questions

neutron generate random MAC

post creation failing

Is there a OpenVPN driver for VPNaaS?

Instance failed to spawn

Unable to create security group.

create security group

QoS: neutron bandwidth limit method

Neutron failing to deploy with "Policy DROP not allowed for user defined chains."

admin prohibited in ping from instance

How do I modify the IP pool?