VM without floating ip, connection problem in some cases
Hello,
I am running a setup with Neutron DVR, having 1 controller node (with l3 agent in dvr_snat mode) and other compute nodes with l3 agent in dvr mode.
The external traffic (SNAT) made by VMs without a floating IP is routed through the controller node (dvr_snat router).
The external traffic (DNAT/SNAT) made by VMs with a floating IP is routed through the compute node (dvr router).
So let's say I create a VM with a private only IP.
- wget https://my.atlassian.com - doesn't work; the request stays on hold
- wget https://whoer.net - works, but I can see a delay
- apt-get update also doesn't work for all the repositories
After I associate a floating IP all the external requests works smoothly.
Before associating the floating IP, I went to the SNAT namespace in the controller node and tried these wget commands. All worked smoothly, so my IP is not banned. There might be a connection problem between the compute nodes and the controller node.
Can you help me with some instructions how to debug this?
Thanks.
Does your private net has DNS server or can you ping 8.8.8.8 via SNAT ?
I can ping anything. The problem comes when I try to do TCP traffic through different ports such as 443 or 80.
I have 8.8.8.8 in VM /etc/resolv.conf and I can ping 8.8.8.8. I have google .com in the dns cache and I can ping google .com, but if I try to ping google .de for example, it doesn't work because my machine can't access 8.8.8.8 on port 53 do query the dns server.
The VM is able to open the socket on port 53 and send packets, but the returning packets are not coming, i think.