Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Instances receive DHCP address, but aren't reachable

Fairly new to OpenStack and most certainly to openvswitch, I have setup OpenStack in combination with ovs . Launched instances get an interface in the desired network. They also receive a DHCP address, from a DHCP server in our environment.

The thing is: I can not ping the IP address that was received, or connect to the instance in any way other than Console. Protocols that have been opened in the security group:

2569cdcc-7bbe-4409-87e0-42a5d342d797 | default | ingress | IPv4 | 1-3200/tcp | 0.0.0.0/0 (CIDR) | 8f9d304e-6f6f-4e23-b077-c81be1df9271 | default | ingress | IPv4 | 53/udp | 0.0.0.0/0 (CIDR) | a6a97793-6360-4ce5-8a40-cf6ace420e9f | default | ingress | IPv4 | icmp | 0.0.0.0/0 (CIDR) |

Using netdiscover within the deployed instance, I can see all other nodes on the (external) network (but am unable to reach them) so the instance must have some sort of connection to the external network.

The vNS_Ops_Bridge is meant to be the external bridge.

ovs-vsctl show

bad16723-5a9f-4e75-bca3-912767a0b688 Bridge vNS_Mnt_Bridge fail_mode: secure Port "phy-vNS_M781e7d" Interface "phy-vNS_M781e7d" type: patch options: {peer="int-vNS_M781e7d"} Port vNS_Mnt_Bridge Interface vNS_Mnt_Bridge type: internal Port "eno3" Interface "eno3" Bridge vNS_Ops_Bridge fail_mode: secure Port "eno2" Interface "eno2" Port vNS_Ops_Bridge Interface vNS_Ops_Bridge type: internal Port "phy-vNS_O0e6f92" Interface "phy-vNS_O0e6f92" type: patch options: {peer="int-vNS_O0e6f92"} Bridge br-int fail_mode: secure Port "int-vNS_M781e7d" Interface "int-vNS_M781e7d" type: patch options: {peer="phy-vNS_M781e7d"} Port "int-vNS_O0e6f92" Interface "int-vNS_O0e6f92" type: patch options: {peer="phy-vNS_O0e6f92"} Port br-int Interface br-int type: internal Port "tap3f5fe9b7-02" tag: 1 Interface "tap3f5fe9b7-02" ovs_version: "2.5.2"

So the questions are basically: Why can I not get connected to this instance, or from the instance to other machines? Is the external bridge setup correctly? Do I need to alter the vNS_Ops_Bridge and make it external somehow (although I am quite unsure if- and how to do this ;) ).