Ask Your Question
0

Instance can ping internet, but cannot ping instance from Controller or Internet

asked 2015-10-24 03:03:03 -0600

snackpack gravatar image

A bit stuck and its probably something silly I'm overlooking or not understanding.

The instance can ping out to the controller and internet fine, however inward traffic to instances seems to be a problem. However ping the router_gateway from bother Controller and External internet. Masquerading is turned on.

It was built on Centos7 using the RDO packstack, existing network guide.

Here are some configs; * note vnets are from a prior KVM/QEMU install.

neutron net-list
+--------------------------------------+------------------+-------------------------------+
| id                                   | name             | subnets                           |
+--------------------------------------+------------------+-------------------------------+
| 2a03473b-f0b7-45cc-8d97-e5e00f3ec05c | external_network | d65ef1a9-c220-4152-bb0e-492a5b31c76c 114.111.100.0/24 |
| c2e5229a-441a-4516-bbbf-22fffd695024 | private_network  | 1f7ba0be-bff4-43d8-81a2-16604cedf109 10.0.0.0/24      |
+--------------------------------------+------------------+-------------------------------+

neutron port-list
+--------------------------------------+------------------+-------------------------------------+
| id                                   | name | mac_address       | fixed_ips                                                                              
+--------------------------------------+------+-------------------+-----------------------------+
| 0b42406b-3e1e-403d-990f-387f2a362400 |      | fa:16:3e:c2:22:d4 | {"subnet_id": "1f7ba0be-bff4-43d8-81a2-16604cedf109", "ip_address": "10.0.0.1"}        |
| 2d962ae0-6015-4102-9491-6bcac70b4e69 |      | fa:16:3e:81:3a:4a | {"subnet_id": "d65ef1a9-c220-4152-bb0e-492a5b31c76c", "ip_address": "114.111.100.102"} |
| 4db87bf4-535b-448a-b2a6-1c61b2117383 |      | fa:16:3e:70:d8:5c | {"subnet_id": "d65ef1a9-c220-4152-bb0e-492a5b31c76c", "ip_address": "114.111.159.101"} |
| 71e7a276-2f78-44f8-95cb-6eeef644e6b6 |      | fa:16:3e:ed:40:3c | {"subnet_id": "1f7ba0be-bff4-43d8-81a2-16604cedf109", "ip_address": "10.0.0.2"}        |
| a046f0d8-9fc0-4bbd-99dd-70058aff4fbc |      | fa:16:3e:db:2b:79 | {"subnet_id": "1f7ba0be-bff4-43d8-81a2-16604cedf109", "ip_address": "10.0.0.4"}        |
+--------------------------------------+------+-------------------+-----------------------------+

15ffc981-916e-41bf-a05e-ade955d36e7e
    Bridge br-tun
        fail_mode: secure
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
        Port br-tun
            Interface br-tun
                type: internal
    Bridge br-ex
        Port "qg-4db87bf4-53"
            Interface "qg-4db87bf4-53"
                type: internal
        Port br-ex
            Interface br-ex
                type: internal
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port "em1"
            Interface "em1"
    Bridge br-int
        fail_mode: secure
        Port "qvoa046f0d8-9f"
            tag: 1
            Interface "qvoa046f0d8-9f"
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "tap71e7a276-2f"
            tag: 1
            Interface "tap71e7a276-2f"
                type: internal
        Port "qr-0b42406b-3e"
            tag: 1
            Interface "qr-0b42406b-3e"
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port br-int
            Interface br-int
                type: internal
    ovs_version: "2.3.1"

route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         as45577.mdc01.v 0.0.0.0         UG    0      0        0 br-ex
114.111.100.0   0.0.0.0         255.255.255.0   U     0      0        0 br-ex
114.111.100.0   0.0.0.0         255.255.255.0   U     0      0        0 extbr0
link-local      0.0.0.0         255.255.0.0     U     1002   0        0 em1
link-local      0.0.0.0         255.255.0.0     U     1005   0        0 br-ex
link-local      0.0.0.0         255.255.0.0     U     1008   0        0 extbr0
192.168.100.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr1
192.168.201.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0

br-ex: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 114.111.100.100  netmask 255.255.255.0  broadcast 114.111.159.255
        inet6 fe80::2247:47ff:fe7b:16a2  prefixlen 64  scopeid 0x20<link>
        ether 20:47:47:7b:16:a2  txqueuelen 0  (Ethernet)
        RX packets 82084  bytes 11509656 (10.9 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 71170  bytes 27809666 (26.5 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

em1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80 ...
(more)
edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted
0

answered 2015-10-26 04:12:23 -0600

Bipin gravatar image

Could you please paste the output of the following

nova secgroup-list-rules <your-security-group>

Regards

edit flag offensive delete link more
0

answered 2015-10-24 03:10:44 -0600

snackpack gravatar image

Looks like security groups were the problem. Have been able to SSH to the floating IP after creating a security group for the instance and opening port 22.

Will leave this here in case anyone else has a similar problem. Time to take a walk of shame :(

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-10-24 02:58:22 -0600

Seen: 328 times

Last updated: Oct 26 '15