compute node instance can't access other instance [closed]

asked 2013-12-07 21:49:58 -0500

updated 2013-12-07 21:52:49 -0500

i have installed havana with neutron as the network service. (openvswich+gre). i have installed two compute node and a controller node. One is work fine but other is not.

i can create instance at the compute node but the instance can't access to outsite . It is strange that the other instance host on other compute node can access the instance. for example , instance a (with ip :192.168.1.6) host on compute node A, instance b(with ip :192.168.1.24) host on compute B. , instance a ping b is ok opposite not.

[root@host-192-168-1-6 ~]# ping 192.168.1.24
PING 192.168.1.24 (192.168.1.24) 56(84) bytes of data.
64 bytes from 192.168.1.24: icmp_seq=1 ttl=64 time=1.29 ms
64 bytes from 192.168.1.24: icmp_seq=2 ttl=64 time=0.619 ms
64 bytes from 192.168.1.24: icmp_seq=3 ttl=64 time=0.747 ms

[root@host-192-168-1-24 ~]# ping 192.168.1.6
From 192.168.1.24 icmp_seq=2 Destination Host Unreachable
From 192.168.1.24 icmp_seq=3 Destination Host Unreachable
From 192.168.1.24 icmp_seq=4 Destination Host Unreachable
From 192.168.1.24 icmp_seq=6 Destination Host Unreachable

i have some clue about the this . it's should be related iptables rule or firewall. so i add below iptables rule at node B munually .it's work fine now.

#iptables -t filter -I FORWARD -i qbr+ -o qbr+ -j ACCEPT

but once the firewall refreshed after a new instance create or delete. the network still can't work again. so what's happan? it's seem that the iptables rule clear and roolback after iptables refresh.

here is my deployment environment:

vi /etc/nova/nova.conf

...
security_group_api=neutron
libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver
firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver
...

vi /etc/neutron/plugin.ini

...
[OVS]
tenant_network_type = gre
tunnel_id_ranges = 1:1000
enable_tunneling = True
local_ip = 192.168.0.10

[SECURITYGROUP]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
...
edit retag flag offensive reopen merge delete

Closed for the following reason question is not relevant or outdated by rbowen
close date 2017-05-24 13:44:43.788750

Comments

Hi Yong , Did you find the answer to your issue? We are trying to setup same kind of network ( openVswitch + gre ) , but we are facing few issues .Can you please help ? The related link is - https://ask.openstack.org/en/question/10453/facing-networking-issue-with-vm-instance-on-distributed-deployment-havana-release/ Thanks, Saurabh

saurabh0285 gravatar imagesaurabh0285 ( 2014-01-17 03:14:51 -0500 )edit

Closing: Your question refers to a version of OpenStack which has been designated End Of Life. (See http://releases.openstack.org for details). If you're still having the problem with a more recent version, please open a new question with updated details. Thanks.

rbowen gravatar imagerbowen ( 2017-05-24 13:44:38 -0500 )edit