Ask Your Question
1

Cannot ssh with second floating ip to guest vm.

asked 2016-10-20 21:22:58 -0600

VickyS gravatar image

Installation: OpenStack Kilo Single Node installed with openstack-install on ubuntu-trusty.

My Setup has 4 networks, one external and three internal. All of them connected with single router. I Created a guest VM (test4) with two NICs each with different ip from different subnet/network (int-net-2 and int-net-3) (10.101.3.5 and 10.101.2.5). Assigned two floating ips ( from external network ext-net) to these NICs. (10.0.5.15 and 10.0.5.12)

The issue is when i ssh the vm with floating-ip1 (10.0.5.12) it works, but from floating-ip2 (10.0.5.15) it does not. Here is the configuration

nova list --all-tenants
+--------------------------------------+-------+----------------------------------+--------+------------+-------------+------------------------------------------------------------------+
| ID                                   | Name  | Tenant ID                        | Status | Task State | Power State | Networks                                                         |
+--------------------------------------+-------+----------------------------------+--------+------------+-------------+------------------------------------------------------------------+
| 539548c2-1237-4f5e-b5e9-fb27907fea39 | test1 | b6d48b43e10d4753b433de6c3b875b98 | ACTIVE | -          | Running     | ubuntu-net=10.101.0.3, 10.0.5.9                                  |
| a8852d1e-9cda-412a-ba24-c67ad073bee0 | test2 | b6d48b43e10d4753b433de6c3b875b98 | ACTIVE | -          | Running     | int-net-2=10.101.2.4, 10.0.5.10                                  |
| fdf2d441-df8f-4276-a356-73b45539fad5 | test3 | b6d48b43e10d4753b433de6c3b875b98 | ACTIVE | -          | Running     | int-net-3=10.101.3.4, 10.0.5.11                                  |
| 6576b1d2-5049-453e-9728-401f4310c742 | test4 | b6d48b43e10d4753b433de6c3b875b98 | ACTIVE | -          | Running     | int-net-3=10.101.3.5, 10.0.5.15; int-net-2=10.101.2.5, 10.0.5.12 |
+--------------------------------------+-------+----------------------------------+--------+------------+-------------+------------------------------------------------------------------+

neutron net-list
+--------------------------------------+------------+----------------------------------------------------+
| id                                   | name       | subnets                                            |
+--------------------------------------+------------+----------------------------------------------------+
| 19eb2c8c-c27d-4911-95ea-41d578ae2b9d | ubuntu-net | b699671a-f1ed-44ac-bf72-d879b0d9dc98 10.101.0.0/24 |
| 28564098-7f1a-42be-ab9c-2ca86e11abe6 | int-net-3  | c316f687-2bc5-4c1f-8225-0f8950f6e67c 10.101.3.0/24 |
| 521e57cd-9492-4097-b75b-f825d79dcb46 | int-net-2  | 836a10a7-a563-4c78-9d27-9b6f6f4c57a4 10.101.2.0/24 |
| d5fea3a2-5c8c-42ab-a614-56463ed08b5c | ext-net    | 54d2695a-8b13-4816-8c22-a27511fbeff3 10.0.5.0/24   |
+--------------------------------------+------------+----------------------------------------------------+

neutron subnet-list 
+--------------------------------------+---------------+---------------+------------------------------------------------+
| id                                   | name          | cidr          | allocation_pools                               |
+--------------------------------------+---------------+---------------+------------------------------------------------+
| 54d2695a-8b13-4816-8c22-a27511fbeff3 |               | 10.0.5.0/24   | {"start": "10.0.5.2", "end": "10.0.5.254"}     |
| 836a10a7-a563-4c78-9d27-9b6f6f4c57a4 | int-subnet-2  | 10.101.2.0/24 | {"start": "10.101.2.2", "end": "10.101.2.254"} |
| b699671a-f1ed-44ac-bf72-d879b0d9dc98 | ubuntu-subnet | 10.101.0.0/24 | {"start": "10.101.0.2", "end": "10.101.0.254"} |
| c316f687-2bc5-4c1f-8225-0f8950f6e67c | int-subnet-3  | 10.101.3.0/24 | {"start": "10.101.3.2", "end": "10.101.3.254"} |
+

--------------------------------------+---------------+---------------+------------------------------------------------+

 neutron router-list
+--------------------------------------+---------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+
| id                                   | name          | external_gateway_info                                                                                                                                                                | distributed | ha    |
+--------------------------------------+---------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+
| 6367b9e2-11b4-427d-9d01-e9d9e82cf5ab | ubuntu-router | {"network_id": "d5fea3a2-5c8c-42ab-a614-56463ed08b5c", "enable_snat": true, "external_fixed_ips": [{"subnet_id": "54d2695a-8b13-4816-8c22-a27511fbeff3", "ip_address": "10.0.5.3"}]} | False       | False |
+--------------------------------------+---------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+

On Neutron

sudo ip netns list
qdhcp-28564098-7f1a-42be-ab9c-2ca86e11abe6
qdhcp-521e57cd-9492-4097-b75b-f825d79dcb46
qrouter-6367b9e2-11b4-427d-9d01-e9d9e82cf5ab
qdhcp-19eb2c8c-c27d-4911-95ea-41d578ae2b9d
qdhcp-d5fea3a2-5c8c-42ab-a614-56463ed08b5c

Working Case

$ sudo ip netns exec qrouter-6367b9e2-11b4-427d-9d01-e9d9e82cf5ab ping -c 5 10.0.5.12
PING 10.0.5.12 (10.0.5.12) 56(84) bytes of data.
64 bytes from 10.0.5.12: icmp_seq=1 ttl=64 time=2.19 ms
--- 10.0.5.12 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms

Not Working

$ sudo ip netns exec qrouter-6367b9e2-11b4-427d-9d01-e9d9e82cf5ab ping -c 5 10.0.5.15
PING 10.0.5.15 (10.0.5.15) 56(84) bytes of data.
--- 10.0.5.15 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 3999ms

However i am able to ping both private addresses

$ sudo ip netns exec qrouter-6367b9e2-11b4-427d-9d01-e9d9e82cf5ab ping -c 5 10.101.3.5
PING 10.101.3.5 (10.101.3.5) 56(84) bytes of data.
64 bytes from 10.101.3.5: icmp_seq=1 ttl=64 time=1.84 ms
64 bytes from 10.101.3.5: icmp_seq=2 ttl=64 time=1.10 ms
^C
--- 10.101.3 ...
(more)
edit retag flag offensive close merge delete
add a comment

1 answer

Sort by ยป oldest newest most voted
1

answered 2016-10-24 14:21:34 -0600

VickyS gravatar image

So it turns out to be nothing related to openstack but a generic routing configuration issue. The Guest VM did have two interfaces configured but the routing table was not modified and all the packets were using default route eth1.

So even if ICMP or SSH packets were received on eth0 , responses were going out on eth1. After configuring dedicated routing tables for two interfaces both Floating IPs started working.

edit flag offensive delete link more
add a comment

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

subscribe to rss feed

Stats

Asked: 2016-10-20 21:22:58 -0600

Seen: 135 times

Last updated: Oct 24 '16

Related questions

floating ip takes too much time to work

Connect VM directly to external network in openstack Icehouse

neutron-kilo: floatingip-delete does not delete the IP

VM supposed to have two NIC, can't bring up second one

Neutron router can't reach external network - Kilo

Access RabbitMQ using floating IP associated with the VM

Separate Network Node with DevStack

openstack mitaka on VM, can not ping floatingip of inner guest VM

Unable to ssh to instance after creation - no route to host

Not able to reach instance through floating IP - Kilo