Ask Your Question
0

Can't even ping to instances using tenant ip

asked 2016-06-22 14:41:37 -0600

skyung421 gravatar image

I successfully created instances but cannot access/ping them, even through their tenant ip. I added rules to allow ICMP and ssh to the security rules but it didn't work. Basically, instances cannot be accessed from both public and internal network.

On controller node:

[stack@controller devstack]$ neutron router-list


+--------------------------------------+---------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+
| id                                   | name    | external_gateway_info                                                                                                                                                                                                                                                      | distributed | ha    |
+--------------------------------------+---------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+
| 86079182-a8a3-4427-a00c-3f4e8da5903d | router1 | {"network_id": "ed036861-d526-47f4-805d-9aeab1292d20", "enable_snat": true, "external_fixed_ips": [{"subnet_id": "d71f160f-a271-440c-8143-57183c8dcea4", "ip_address": "172.24.4.2"}, {"subnet_id": "6216e0e1-32ee-436b-bc31-9b167c941e38", "ip_address": "2001:db8::3"}]} | False       | False |
+--------------------------------------+---------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+


[stack@controller devstack]$ sudo ovs-vsctl show

b507249e-ee24-4efa-ae22-c469ba6800ef
    Bridge br-ex
        Port "qg-3cb8c6a4-99"
            Interface "qg-3cb8c6a4-99"
                type: internal
        Port br-ex
            Interface br-ex
                type: internal
    Bridge "br-enp3s0f0"
        Port "br-enp3s0f0"
            Interface "br-enp3s0f0"
                type: internal
        Port "phy-br-enp3s0f0"
            Interface "phy-br-enp3s0f0"
                type: patch
                options: {peer="int-br-enp3s0f0"}
        Port "dpdk0"
            Interface "dpdk0"
                type: dpdk
    Bridge "br-enp3s0f1"
        Port "dpdk1"
            Interface "dpdk1"
                type: dpdk
        Port "br-enp3s0f1"
            Interface "br-enp3s0f1"
                type: internal
        Port "phy-br-enp3s0f1"
            Interface "phy-br-enp3s0f1"
                type: patch
                options: {peer="int-br-enp3s0f1"}
    Bridge br-int
        fail_mode: secure
        Port "int-br-enp3s0f1"
            Interface "int-br-enp3s0f1"
                type: patch
                options: {peer="phy-br-enp3s0f1"}
        Port "qr-a0f8ae26-f0"
            tag: 1
            Interface "qr-a0f8ae26-f0"
                type: internal
        Port "int-br-enp3s0f0"
            Interface "int-br-enp3s0f0"
                type: patch
                options: {peer="phy-br-enp3s0f0"}
        Port "qr-2ae2e9bb-5e"
            tag: 1
            Interface "qr-2ae2e9bb-5e"
                type: internal
        Port br-int
            Interface br-int
                type: internal
        Port "tapa47792ca-4a"
            tag: 1
            Interface "tapa47792ca-4a"
                type: internal

[stack@controller devstack]$ nova list

+--------------------------------------+--------+--------+------------+-------------+--------------------------------------------------------+
| ID                                   | Name   | Status | Task State | Power State | Networks                                               |
+--------------------------------------+--------+--------+------------+-------------+--------------------------------------------------------+
| 1628badb-59ba-4822-8c0a-2286ffcd9175 | test-1 | ACTIVE | -          | Running     | private=fd7f:430d:1b40:0:f816:3eff:fe37:6e04, 10.0.0.3 |
| 5ff4035c-8fde-47e4-9cbe-a3b8d808d70f | test-2 | ACTIVE | -          | Running     | private=fd7f:430d:1b40:0:f816:3eff:fe91:ad3d, 10.0.0.4 |
+--------------------------------------+--------+--------+------------+-------------+--------------------------------------------------------+

[stack@controller devstack]$ ifconfig

br-ex: flags=323<up,broadcast,running,promisc>  mtu 1500
        inet 172.24.4.1  netmask 255.255.255.0  broadcast 0.0.0.0
        inet6 fe80::306a:5cff:fe15:ad44  prefixlen 64  scopeid 0x20<link>
        inet6 2001:db8::2  prefixlen 64  scopeid 0x0<global>
        ether 32:6a:5c:15:ad:44  txqueuelen 500  (Ethernet)
        RX packets 26  bytes 2176 (2.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 18  bytes 1600 (1.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

enp0s29u1u2c2: flags=4163<up,broadcast,running,multicast> mtu 1500 inet 10.90.77.222 netmask 255.255.0.0 broadcast 10.90.255.255 inet6 fe80::9610:3eff:feb9:33ff prefixlen 64 scopeid 0x20<link> ether 94:10:3e:b9:33:ff txqueuelen 1000 (Ethernet) RX packets 800661 bytes 827071603 (788.7 MiB) RX errors 0 dropped 2084 overruns 0 frame 0 TX packets 321764 bytes 35190348 (33.5 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

enp130s0f0: flags=4163<up,broadcast,running,multicast> mtu 1500 inet 192.168.11.10 netmask 255.255.255.0 broadcast 192.168.11.255 inet6 fe80::92e2:baff:feb6:69b8 prefixlen 64 scopeid 0x20<link> ether 90:e2:ba:b6:69:b8 txqueuelen 1000 (Ethernet) RX packets 150098 bytes 42943535 (40.9 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 154654 bytes 66280166 (63.2 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

enp130s0f1 ...



(more)
edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
1

answered 2016-06-29 08:41:18 -0600

jckreddy gravatar image
Use ip netns command to debug 

ping router from vms
then check whether router is able to ping vms
edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2016-06-22 14:41:37 -0600

Seen: 74 times

Last updated: Jun 29 '16