Ask Your Question
0

Problem with external/public network, even though I can see the floating IPs in the "attached devices" list of my physical router

asked 2016-08-15 15:45:22 -0500

Alex100 gravatar image

Hi all,

i'd like to request your help in troubleshooting this simple Openstack deployment problem. The network deployment is very simple, it's a one node deployment (virtual machine running CentOS 7, on top of an ESXI hypervisor), and I use my home LAN as the external network of the deployment.

I have created two networks, a private and a public one:

(openstack) network list
+--------------------------------------+---------+--------------------------------------+
| ID                                   | Name    | Subnets                              |
 +--------------------------------------+---------+--------------------------------------+
| 4a4a3a00-2942-42ea-b08e-d0c71497fea5 | private | 31913d7c-5d25-44ed-ad57-e28a1f60c6dc |
| 3f076faa-429f-4e8e-b697-c3f7d659e6be | public  | db73586f-4a35-433b-aeee-d97fb0e243bd |
+--------------------------------------+---------+--------------------------------------+

Everything on the private network seems to be working fine, meaning that the two instances I've launched can ping each other and the router's private interface. Here's what the router looks like:

(openstack) router show "Router 1"
+-------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field                   | Value                                                                                                                                                                                    |
+-------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| admin_state_up          | UP                                                                                                                                                                                       |
| availability_zone_hints |                                                                                                                                                                                          |
| availability_zones      | nova                                                                                                                                                                                     |
| description             |                                                                                                                                                                                          |
| distributed             | False                                                                                                                                                                                    |
| external_gateway_info   | {"network_id": "6e28d867-10e8-48e0-ac02-46c0d7d18d67", "enable_snat": true, "external_fixed_ips": [{"subnet_id": "af5c4630-edce-461b-bf13-274ca833b68a", "ip_address": "192.168.2.20"}]} |
| ha                      | False                                                                                                                                                                                    |
| id                      | ebc1a5f4-28f3-4d9c-9773-ef9e9c17c086                                                                                                                                                     |
| name                    | Router 1                                                                                                                                                                                 |
| routes                  | []                                                                                                                                                                                       |
| status                  | ACTIVE                                                                                                                                                                                   |
| tenant_id               | 16a72508575e4615b0a0b6e1806d6f84                                                                                                                                                         |
+-------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

The problem is with the public network. I can't ping any of the the floating IPs from my LAN towards the two VM instances, or vice versa. I can't ping the router's public interface either. I think I've done the hosts' bridging correctly, so there should be no issue there:

[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-br-ex 
TYPE="OVSBridge"
DEVICETYPE="ovs"
BOOTPROTO="static"
DEVICE="br-ex"
ONBOOT="yes"
IPADDR="192.168.2.205"
PREFIX="24"
GATEWAY="192.168.2.50"
DNS1="192.168.2.50"

[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens32 
DEVICE="ens32"
TYPE="OVSPort"
DEVICETYPE="ovs"
OVS_BRIDGE="br-ex"
ONBOOT="yes"

Here's what the public network looks like:

 (openstack) network show public
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | UP                                   |
| availability_zone_hints   |                                      |
| availability_zones        | nova                                 |
| created_at                | 2016-08-15T19:27:45                  |
| description               |                                      |
| id                        | 6e28d867-10e8-48e0-ac02-46c0d7d18d67 |
| ipv4_address_scope        | None                                 |
| ipv6_address_scope        | None                                 |
| is_default                | False                                |
| mtu                       | 1450                                 |
| name                      | public                               |
| project_id                | 16a72508575e4615b0a0b6e1806d6f84     |
| provider:network_type     | vxlan                                |
| provider:physical_network | None                                 |
| provider:segmentation_id  | 0                                    |
| router_external           | Internal                             |
| shared                    | True                                 |
| status                    | ACTIVE                               |
| subnets                   | af5c4630-edce-461b-bf13-274ca833b68a |
| tags                      | []                                   |
| updated_at                | 2016-08-15T19:27:45                  |
+---------------------------+--------------------------------------+


(openstack) subnet show public-subnet
+-------------------+--------------------------------------+
| Field             | Value                                |
+-------------------+--------------------------------------+
| allocation_pools  | 192.168.2.20-192.168.2.30            |
| cidr              | 192.168.2.0/24                       |
| created_at        | 2016-08-15T19:28:58                  |
| description       |                                      |
| dns_nameservers   | 192.168.2.50                         |
| enable_dhcp       | False                                |
| gateway_ip        | 192.168.2.50                         |
| host_routes       |                                      |
| id                | af5c4630-edce-461b-bf13-274ca833b68a |
| ip_version        | 4                                    |
| ipv6_address_mode | None                                 |
| ipv6_ra_mode      | None                                 |
| name              | public-subnet                        |
| network_id        | 6e28d867-10e8-48e0-ac02-46c0d7d18d67 |
| project_id        | 16a72508575e4615b0a0b6e1806d6f84     |
| subnetpool_id     | None                                 |
| updated_at        | 2016-08-15T19:28:58                  |
+-------------------+--------------------------------------+

The router's external gateway interface shows as "Status = BUILD" though, I was expecting something like "Active".

And here's the weird part. On my physical router, I can see the router's external interface, and the two floating IPs, in the list of attached devices!!! So maybe there's something wrong in L3 networking? These are the ERRORs I can see in the neutron logs:

l3-agent.log:2016-08-15 12:56:12.642 30079 ERROR neutron.common.rpc [req-de919f92-1c78-43bf-8c59-88896b8d700a - - - - -] Timeout in RPC method get_service_plugin_list. Waiting for 19 seconds before next attempt. If the server is not down, consider increasing the rpc_response_timeout option as Neutron server(s) may be overloaded and unable to respond quickly enough.
openvswitch-agent.log:2016-08-15 12:56:12.707 30005 ERROR neutron.common.rpc ...
(more)
edit retag flag offensive close merge delete

Comments

Why your public net has router:external: internal? It has to be 'True'. Check this: http://docs.openstack.org/liberty/net...

yprokule gravatar imageyprokule ( 2016-08-16 06:16:07 -0500 )edit

I noticed that too. But in Horizon, the "public" network is clearly set as "external network". I'm not sure why it's showing up like that in CLI.

Alex100 gravatar imageAlex100 ( 2016-08-16 08:57:29 -0500 )edit

are U spawning an instance on public net ? The problem might be with enable_dhcp=False causing neutron to fail

yprokule gravatar imageyprokule ( 2016-08-17 05:50:13 -0500 )edit

No, that's not the problem. I have DHCP running on my physical router, so no need to have dhcp enabled on the public net as well.

Alex100 gravatar imageAlex100 ( 2016-08-17 12:08:16 -0500 )edit

2 answers

Sort by ยป oldest newest most voted
0

answered 2019-03-18 17:16:31 -0500

ahmedmmm gravatar image

yes, i face same issue i can't understand why it's not working over ESXi !

edit flag offensive delete link more
0

answered 2016-08-17 12:10:58 -0500

Alex100 gravatar image

I have solved the issue by re-deploying the CentOS host on native hardware. My previous deployment was: Server hardware ---> Esxi 5.5 ---> CentOS 7 VM ---> Openstack

I eliminated the Esxi layer, installing CentOS 7 directly onto the server. The physical interface name changed from "ens32" to "enp3s0" and everything works fine (public net included) with the exact same settings and configuration as in the non-working scenario.

It looks like Esxi network drivers were not working well with the openstack net drivers, or something like that.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2016-08-15 15:41:31 -0500

Seen: 535 times

Last updated: Aug 17 '16