Ask Your Question
1

Cannot ssh with second floating ip to guest vm.

asked 2016-10-20 21:22:58 -0500

VickyS gravatar image

Installation: OpenStack Kilo Single Node installed with openstack-install on ubuntu-trusty.

My Setup has 4 networks, one external and three internal. All of them connected with single router. I Created a guest VM (test4) with two NICs each with different ip from different subnet/network (int-net-2 and int-net-3) (10.101.3.5 and 10.101.2.5). Assigned two floating ips ( from external network ext-net) to these NICs. (10.0.5.15 and 10.0.5.12)

The issue is when i ssh the vm with floating-ip1 (10.0.5.12) it works, but from floating-ip2 (10.0.5.15) it does not. Here is the configuration

nova list --all-tenants
+--------------------------------------+-------+----------------------------------+--------+------------+-------------+------------------------------------------------------------------+
| ID                                   | Name  | Tenant ID                        | Status | Task State | Power State | Networks                                                         |
+--------------------------------------+-------+----------------------------------+--------+------------+-------------+------------------------------------------------------------------+
| 539548c2-1237-4f5e-b5e9-fb27907fea39 | test1 | b6d48b43e10d4753b433de6c3b875b98 | ACTIVE | -          | Running     | ubuntu-net=10.101.0.3, 10.0.5.9                                  |
| a8852d1e-9cda-412a-ba24-c67ad073bee0 | test2 | b6d48b43e10d4753b433de6c3b875b98 | ACTIVE | -          | Running     | int-net-2=10.101.2.4, 10.0.5.10                                  |
| fdf2d441-df8f-4276-a356-73b45539fad5 | test3 | b6d48b43e10d4753b433de6c3b875b98 | ACTIVE | -          | Running     | int-net-3=10.101.3.4, 10.0.5.11                                  |
| 6576b1d2-5049-453e-9728-401f4310c742 | test4 | b6d48b43e10d4753b433de6c3b875b98 | ACTIVE | -          | Running     | int-net-3=10.101.3.5, 10.0.5.15; int-net-2=10.101.2.5, 10.0.5.12 |
+--------------------------------------+-------+----------------------------------+--------+------------+-------------+------------------------------------------------------------------+

neutron net-list
+--------------------------------------+------------+----------------------------------------------------+
| id                                   | name       | subnets                                            |
+--------------------------------------+------------+----------------------------------------------------+
| 19eb2c8c-c27d-4911-95ea-41d578ae2b9d | ubuntu-net | b699671a-f1ed-44ac-bf72-d879b0d9dc98 10.101.0.0/24 |
| 28564098-7f1a-42be-ab9c-2ca86e11abe6 | int-net-3  | c316f687-2bc5-4c1f-8225-0f8950f6e67c 10.101.3.0/24 |
| 521e57cd-9492-4097-b75b-f825d79dcb46 | int-net-2  | 836a10a7-a563-4c78-9d27-9b6f6f4c57a4 10.101.2.0/24 |
| d5fea3a2-5c8c-42ab-a614-56463ed08b5c | ext-net    | 54d2695a-8b13-4816-8c22-a27511fbeff3 10.0.5.0/24   |
+--------------------------------------+------------+----------------------------------------------------+

neutron subnet-list 
+--------------------------------------+---------------+---------------+------------------------------------------------+
| id                                   | name          | cidr          | allocation_pools                               |
+--------------------------------------+---------------+---------------+------------------------------------------------+
| 54d2695a-8b13-4816-8c22-a27511fbeff3 |               | 10.0.5.0/24   | {"start": "10.0.5.2", "end": "10.0.5.254"}     |
| 836a10a7-a563-4c78-9d27-9b6f6f4c57a4 | int-subnet-2  | 10.101.2.0/24 | {"start": "10.101.2.2", "end": "10.101.2.254"} |
| b699671a-f1ed-44ac-bf72-d879b0d9dc98 | ubuntu-subnet | 10.101.0.0/24 | {"start": "10.101.0.2", "end": "10.101.0.254"} |
| c316f687-2bc5-4c1f-8225-0f8950f6e67c | int-subnet-3  | 10.101.3.0/24 | {"start": "10.101.3.2", "end": "10.101.3.254"} |
+

--------------------------------------+---------------+---------------+------------------------------------------------+

 neutron router-list
+--------------------------------------+---------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+
| id                                   | name          | external_gateway_info                                                                                                                                                                | distributed | ha    |
+--------------------------------------+---------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+
| 6367b9e2-11b4-427d-9d01-e9d9e82cf5ab | ubuntu-router | {"network_id": "d5fea3a2-5c8c-42ab-a614-56463ed08b5c", "enable_snat": true, "external_fixed_ips": [{"subnet_id": "54d2695a-8b13-4816-8c22-a27511fbeff3", "ip_address": "10.0.5.3"}]} | False       | False |
+--------------------------------------+---------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+

On Neutron

sudo ip netns list
qdhcp-28564098-7f1a-42be-ab9c-2ca86e11abe6
qdhcp-521e57cd-9492-4097-b75b-f825d79dcb46
qrouter-6367b9e2-11b4-427d-9d01-e9d9e82cf5ab
qdhcp-19eb2c8c-c27d-4911-95ea-41d578ae2b9d
qdhcp-d5fea3a2-5c8c-42ab-a614-56463ed08b5c

Working Case

$ sudo ip netns exec qrouter-6367b9e2-11b4-427d-9d01-e9d9e82cf5ab ping -c 5 10.0.5.12
PING 10.0.5.12 (10.0.5.12) 56(84) bytes of data.
64 bytes from 10.0.5.12: icmp_seq=1 ttl=64 time=2.19 ms
--- 10.0.5.12 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms

Not Working

$ sudo ip netns exec qrouter-6367b9e2-11b4-427d-9d01-e9d9e82cf5ab ping -c 5 10.0.5.15
PING 10.0.5.15 (10.0.5.15) 56(84) bytes of data.
--- 10.0.5.15 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 3999ms

However i am able to ping both private addresses

$ sudo ip netns exec qrouter-6367b9e2-11b4-427d-9d01-e9d9e82cf5ab ping -c 5 10.101.3.5
PING 10.101.3.5 (10.101.3.5) 56(84) bytes of data.
64 bytes from 10.101.3.5: icmp_seq=1 ttl=64 time=1.84 ms
64 bytes from 10.101.3.5: icmp_seq=2 ttl=64 time=1.10 ms
^C
--- 10.101.3 ...
(more)
edit retag flag offensive close merge delete
add a comment

1 answer

Sort by ยป oldest newest most voted
1

answered 2016-10-24 14:21:34 -0500

VickyS gravatar image

So it turns out to be nothing related to openstack but a generic routing configuration issue. The Guest VM did have two interfaces configured but the routing table was not modified and all the packets were using default route eth1.

So even if ICMP or SSH packets were received on eth0 , responses were going out on eth1. After configuring dedicated routing tables for two interfaces both Floating IPs started working.

edit flag offensive delete link more
add a comment

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

subscribe to rss feed

Stats

Asked: 2016-10-20 21:22:58 -0500

Seen: 110 times

Last updated: Oct 24 '16

Related questions

Cannot disassociate floating ip from browser (horizon)

API for releasing a floating IP from a network!

All in one OpenStack node with Neutron/Midonet networking?

Fuel 7.0 Neutron L2/L3 Networking Configuration?

slow download from instances in Kilo release, 3 nodes version.

Problem to load consoles with Kilo [DevStack]

OpenStack floating IP allocation in two different physical networks

troubleshooting external network after upgrade to kilo

Question regarding Neutron exception while executing nova commands

Floating ips are not reachable