Ask Your Question
0

Traffic Cannot reach router gateway

asked 2016-05-02 21:16:43 -0500

updated 2016-05-02 21:18:17 -0500

I am practicing openstack on RDO installation on a VMWare VM with a single interface eno16777736 (192.168.0.144/24)

From a created instance, I can ping any different private network connected to the router, I can ping the router external interface 172.24.4.230 but not the router next-hop which seems to be 172.24.4.224

ip a

 1: lo: <LOOPBACK,UP,LOWER_UP> mtu
 65536 qdisc noqueue state UNKNOWN 
     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
     inet 127.0.0.1/8 scope host lo
        valid_lft forever preferred_lft forever
     inet6 ::1/128 scope host 
        valid_lft forever preferred_lft forever 2: eno16777736:
 <BROADCAST,MULTICAST,UP,LOWER_UP> mtu
 1500 qdisc pfifo_fast state UP qlen
 1000
     link/ether 00:0c:29:2e:dc:ea brd ff:ff:ff:ff:ff:ff
     inet 192.168.0.144/24 brd 192.168.0.255 scope global eno16777736
        valid_lft forever preferred_lft forever
     inet6 fe80::20c:29ff:fe2e:dcea/64 scope link 
        valid_lft forever preferred_lft forever 3: ovs-system:
 <BROADCAST,MULTICAST> mtu 1500 qdisc
 noop state DOWN 
     link/ether 9a:17:eb:fd:16:c7 brd ff:ff:ff:ff:ff:ff 4: br-tun:
 <BROADCAST,MULTICAST> mtu 1500 qdisc
 noop state DOWN 
     link/ether f6:bc:f4:be:f3:43 brd ff:ff:ff:ff:ff:ff 5: br-int:
 <BROADCAST,MULTICAST> mtu 1500 qdisc
 noop state DOWN 
     link/ether a6:d5:f6:65:b9:43 brd ff:ff:ff:ff:ff:ff 6: br-ex:
 <BROADCAST,MULTICAST> mtu 1500 qdisc
 noop state DOWN 
     link/ether 56:6a:36:ad:a9:48 brd ff:ff:ff:ff:ff:ff 14: tap60855c98-97:
 <BROADCAST,MULTICAST,UP,LOWER_UP> mtu
 1500 qdisc pfifo_fast master
 ovs-system state UNKNOWN qlen 500
     link/ether fe:16:3e:0e:f5:fc brd ff:ff:ff:ff:ff:ff
     inet6 fe80::fc16:3eff:fe0e:f5fc/64 scope link 
        valid_lft forever preferred_lft forever

ip netns exec qrouter-6d1bd0d9-8fc9-4ade-aedd-d9a4520e748d ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
7: qr-f7827c0d-aa: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN 
    link/ether fa:16:3e:68:4d:36 brd ff:ff:ff:ff:ff:ff
    inet 10.10.10.254/24 brd 10.10.10.255 scope global qr-f7827c0d-aa
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe68:4d36/64 scope link 
       valid_lft forever preferred_lft forever
9: qg-54132819-d6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN 
    link/ether fa:16:3e:4b:6f:9b brd ff:ff:ff:ff:ff:ff
    inet 172.24.4.230/28 brd 172.24.4.239 scope global qg-54132819-d6
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe4b:6f9b/64 scope link 
       valid_lft forever preferred_lft forever

ip netns exec qrouter-6d1bd0d9-8fc9-4ade-aedd-d9a4520e748d ip r

 default via 172.24.4.225 dev
 qg-54132819-d6 
 10.10 ...
(more)
edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted
1

answered 2016-05-03 01:34:46 -0500

you have to define that external network as 192.168.0.0/24 -> the same flat network where reside your RDO / controller installation; otherwise, for example, you can define external network as a VLAN (with VLAN ID) and controller node, where neutron and openvswich resides, maps each VLAN ID with vxlan id with flows rule. You see those rules with this command:

ovs-ofctl dump-flows br-ex --rsort

but as I can see, your installation seems to be using flat network, so you have to define this as the same network where resides your controller node -> 192.168.0.0/24

edit flag offensive delete link more
0

answered 2016-05-04 23:05:14 -0500

updated 2016-09-15 22:06:00 -0500

Thanks Amedeo for your reply.

I am testing this method to access Internet:

  • Include the physical interface (eno1677736) to the bridge br-ex.
  • moved physical interface (eno1677736 ip) address (192.168.0.144) to the bridge br-ex.
  • created a new public network from the subnet 192.168.0.0/24.
  • created a router from Horizon with the subnet 192.168.0.144 as external and a private subnet (also tested from the cli)

But, both router interfaces status is DOWN and cannot see the corresponding namespace from the CLI, though the router is listed in Horizon router menu.

http://hpnouri.free.fr/misc/router-int-down.png

ip netns

qdhcp-1a49925d-3388-4f5f-a4ba-f14d92a47296  
qdhcp-6c96eadf-2a9c-4953-8010-febad592cf73

!! No qrouter instance

neutron router-list

+--------------------------------------+--------+------------------------------------------------------------+-------------+-------+  
| id                                   | name   | external_gateway_info                                      | distributed | ha    |  
+--------------------------------------+--------+------------------------------------------------------------+-------------+-------+  
| e3402758-820f-400c-ada0-3a0128eea1b9 | route1 | {"network_id": "bd29feb0-77a4-491f-a899-8cdc3cb65ada",     |   False       | False |  
|                                      |        | "enable_snat": true, "external_fixed_ips": [{"subnet_id":  |             |       |  
|                                      |        | "f3c9f832-3796-4d46-ae38-fa8f4f768088", "ip_address":      |             |       |  
|                                      |        | "192.168.0.77"}]}                                          |             |       |  
+--------------------------------------+--------+------------------------------------------------------------+-------------+-------+

ovs-vsctl show

69a04483-c5a0-469d-9562-9b69b2a6b36f  
    Bridge br-int  
        fail_mode: secure  
        Port "tap60855c98-97"  
            Interface "tap60855c98-97"  
        Port "tap86c35694-45"  
            Interface "tap86c35694-45"  
                type: internal  
        Port patch-tun  
            Interface patch-tun  
                type: patch  
                options: {peer=patch-int}  
        Port "tapd9481e35-83"  
            Interface "tapd9481e35-83"  
                type: internal  
        Port br-int  
            Interface br-int  
                type: internal  
    Bridge br-ex  
        Port "eno16777736"  
            Interface "eno16777736"  
        Port br-ex  
            Interface br-ex  
                type: internal  
        Port ""  
            Interface ""  
                type: internal  
    Bridge br-tun  
        fail_mode: secure  
        Port patch-int  
            Interface patch-int  
                type: patch  
                options: {peer=patch-tun}  
        Port br-tun  
            Interface br-tun   
                type: internal  
    ovs_version: "2.4.0"

ip a s br-ex

6: br-ex: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN 
    link/ether 00:0c:29:2e:dc:ea brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.144/24 scope global br-ex
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe2e:dcea/64 scope link 
       valid_lft forever preferred_lft forever
edit flag offensive delete link more

Comments

Please check if promiscuous mode enabled for that VM. Some this might cause the issue.

Chaithanya gravatar imageChaithanya ( 2016-09-19 00:38:15 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

Stats

Asked: 2016-05-02 21:16:43 -0500

Seen: 223 times

Last updated: Sep 15 '16