Ask Your Question
0

Unable to ping out from router on public facing lan.

asked 2016-11-28 14:06:32 -0600

jab2805 gravatar image

updated 2016-11-28 15:58:50 -0600

dbaxps gravatar image

I have a pack stack allinone install running in side a kvm virtual. 

network setup: 
10.133.152.0/24 GW 10.133.152.254

eth0 is a port on br-ex with an ip of 10.133.152.180:


   Bridge br-ex
        Port "qg-121bb6e3-4a"
            Interface "qg-121bb6e3-4a"
                type: internal
        Port br-ex
            Interface br-ex
                type: internal
        Port "qg-2991055a-c4"
            Interface "qg-2991055a-c4"
                type: internal
        Port "eth0"
            Interface "eth0"

Looking at the name spaces:

[root@openstack2-newton ~(keystone_admin)]# ip netns exec  qrouter-b7a6ff27-0c0a-4572-9c28-41ad9a3a4a6c ip a 
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
22: qg-121bb6e3-4a: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN 
    link/ether fa:16:3e:8a:c0:7b brd ff:ff:ff:ff:ff:ff
    inet 10.133.152.156/24 brd 10.133.152.255 scope global qg-121bb6e3-4a
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe8a:c07b/64 scope link 
       valid_lft forever preferred_lft forever

The router interface has ip 10.133.152.156. 

[root@openstack2-newton ~(keystone_admin)]# ip netns exec  qrouter-b7a6ff27-0c0a-4572-9c28-41ad9a3a4a6c ifconfig qg-121bb6e3-4a
qg-121bb6e3-4a: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450
        inet 10.133.152.156  netmask 255.255.255.0  broadcast 10.133.152.255
        inet6 fe80::f816:3eff:fe8a:c07b  prefixlen 64  scopeid 0x20<link>
        ether fa:16:3e:8a:c0:7b  txqueuelen 0  (Ethernet)
        RX packets 2893  bytes 182573 (178.2 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 770  bytes 56892 (55.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@openstack2-newton ~(keystone_admin)]# 

ping to 10.133.152.180 works  however i'm uable to ping the external default route of 10.133.152.254. This is the public network my kvm host is connected to. 




Able to ping 10.133.152.180(eth0/br-ex) from the router name space..
------

[root@openstack2-newton ~(keystone_admin)]# ip netns exec  qrouter-b7a6ff27-0c0a-4572-9c28-41ad9a3a4a6c ping -c 3 10.133.152.180
PING 10.133.152.180 (10.133.152.180) 56(84) bytes of data.
64 bytes from 10.133.152.180: icmp_seq=1 ttl=64 time=0.206 ms
64 bytes from 10.133.152.180: icmp_seq=2 ttl=64 time=0.053 ms
64 bytes from 10.133.152.180: icmp_seq=3 ttl=64 time=0.039 ms

--- 10.133.152.180 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.039/0.099/0.206/0.076 ms

======

Unable to ping the default route form the router:
------
[root@openstack2-newton ~(keystone_admin)]# ip netns exec  qrouter-b7a6ff27-0c0a-4572-9c28-41ad9a3a4a6c ping -c 3 10.133.152.254
PING 10.133.152.254 (10.133.152.254) 56(84) bytes of data.

--- 10.133.152.254 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 1999ms


=======
 Unable to ping google from router:
------------

[root@va-openstack2-newton ~(keystone_admin)]# ip netns exec ...
(more)
edit retag flag offensive close merge delete

Comments

Please, post ifconfig output, ovs-vsctl show or upload as text somewhere

$ neutron router-port-list YOUR_ROUTE_NAME
$ neutron router-show YOUR_ROUTER_ID
dbaxps gravatar imagedbaxps ( 2016-11-28 16:10:25 -0600 )edit

It's not quite clear what has IP 10.133.152.180
eth0 or OVS bridge br-ex ?

dbaxps gravatar imagedbaxps ( 2016-11-28 16:13:24 -0600 )edit

Br-ex has the 10.133.152.180 ip

jab2805 gravatar imagejab2805 ( 2016-11-28 16:29:21 -0600 )edit
add a comment

1 answer

Sort by ยป oldest newest most voted
0

answered 2016-11-28 16:27:55 -0600

jab2805 gravatar image

updated 2016-11-30 13:24:21 -0600 

[root@openstack2-newton ~]# ifconfig -a
br-ex: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.133.152.180  netmask 255.255.255.0  broadcast 10.133.152.255
        inet6 fe80::21a:4aff:fe16:188  prefixlen 64  scopeid 0x20<link>
        ether 00:1a:4a:16:01:88  txqueuelen 0  (Ethernet)
        RX packets 1041739  bytes 99342827 (94.7 MiB)
        RX errors 0  dropped 11  overruns 0  frame 0
        TX packets 670241  bytes 134080834 (127.8 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

br-int: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450
        inet6 fe80::80c8:39ff:fe73:eb4a  prefixlen 64  scopeid 0x20<link>
        ether 82:c8:39:73:eb:4a  txqueuelen 0  (Ethernet)
        RX packets 10  bytes 864 (864.0 B)
        RX errors 0  dropped 78  overruns 0  frame 0
        TX packets 8  bytes 648 (648.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

br-tun: flags=4098<BROADCAST,MULTICAST>  mtu 1500
        ether fe:22:ca:f2:a0:4e  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::21a:4aff:fe16:188  prefixlen 64  scopeid 0x20<link>
        ether 00:1a:4a:16:01:88  txqueuelen 1000  (Ethernet)
        RX packets 1779521  bytes 146540823 (139.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 676678  bytes 134384981 (128.1 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 439996949  bytes 50342249841 (46.8 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 439996949  bytes 50342249841 (46.8 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ovs-system: flags=4098<BROADCAST,MULTICAST>  mtu 1500
        ether 2e:43:74:f3:2b:a2  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
[root@openstack2-newton ~]# ovs-vsctl show 
1482349d-2fd9-4b08-8a20-0ec211c47e2c
    Manager "ptcp:6640:127.0.0.1"
        is_connected: true
    Bridge br-int
        Controller "tcp:127.0.0.1:6633"
            is_connected: true
        fail_mode: secure
        Port "tapf510847e-a7"
            tag: 1
            Interface "tapf510847e-a7"
                type: internal
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "tap74964913-ed"
            tag: 2
            Interface "tap74964913-ed"
                type: internal
        Port "qr-282741ca-2d"
            tag: 2
            Interface "qr-282741ca-2d"
                type: internal
        Port br-int
            Interface br-int
                type: internal
    Bridge br-ex
        Port "qg-121bb6e3-4a"
            Interface "qg-121bb6e3-4a"
                type: internal
        Port br-ex
            Interface br-ex
                type: internal
        Port "qg-2991055a-c4"
            Interface "qg-2991055a-c4"
                type: internal
        Port "eth0"
            Interface "eth0"
    Bridge br-tun
        Controller "tcp:127.0.0.1:6633"
            is_connected: true
        fail_mode: secure
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer ...
(more)
edit flag offensive delete link more

Comments

Was router-pub created by packstack or by yourself ? It has no interface to tenant's sub-net, but has gateway set for external network and might cause your problem. Just one neutron router is enough to handle ingress/egress traffic.

dbaxps gravatar imagedbaxps ( 2016-11-29 01:34:34 -0600 )edit

I had the same thought, but even when the router doesn't have a subnet, you can ping outside from the router's namespace (tested with Newton devstack).

Bernd Bausch gravatar imageBernd Bausch ( 2016-11-29 02:07:18 -0600 )edit

I created router-pub just to test if could ping form that router's namespace.

jab2805 gravatar imagejab2805 ( 2016-11-29 08:06:41 -0600 )edit

I would try drop all routers. Recreate private network, new router , set gateway to external network, interface to private subnet. Make sure all connections to router are active (horizon) and try to launch CirrOS VM on private network , log into CirrOS VM and ping 8.8.8.8.

dbaxps gravatar imagedbaxps ( 2016-11-29 09:25:48 -0600 )edit

Step 1 recreate the private subnet:

[root@va-openstack2-newton ~(keystone_admin)]# neutron subnet-create private 172.16.1.0/24 --name private --dns-nameserver 8.8.8.8 --gateway 10.133.152.180 Created a new subnet: +-------------------+------------------------------------------------+ | Field

jab2805 gravatar imagejab2805 ( 2016-11-30 09:42:53 -0600 )edit
see more comments

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2016-11-28 14:06:32 -0600

Seen: 135 times

Last updated: Nov 30 '16

Related questions

Puppet error using ODI

magnum create cluster volumeType error

rdo packstack allinone puppet

Issue with RDO

RDO Quickstart PackStack failure - files not installed

How to change default SSH port for Packstack?

initial network creation packstack

Packstack installation with no root user?

Packstack rerun issue

Host does not listen on Port 22