Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

can't ping external g/w

Hi, i can't ping instance or ssh from outside,after tshoot i find router ip [10.252.12.57]can't reach it's external gw [10.252.12.33] External subnet: 10.252.12.32/27

1-tcpdump of pining external interface 10.252.12.33

[root@os ~(keystone_admin)]# ip netns exec qrouter-e5a061c1-6612-4c60-8066-927c0751f53f  tcpdump -i any icmp -nn
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes
08:09:17.110553 IP 10.252.12.57 > 10.252.12.57: ICMP host 10.252.12.33 unreachable, length 92
08:09:17.110563 IP 10.252.12.57 > 10.252.12.57: ICMP host 10.252.12.33 unreachable, length 92
08:09:17.110570 IP 10.252.12.57 > 10.252.12.57: ICMP host 10.252.12.33 unreachable, length 92

2-ifconfig from router

[root@os ~(keystone_admin)]# ip netns exec qrouter-e5a061c1-6612-4c60-8066-927c0751f53f ifconfig
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 100  bytes 9800 (9.5 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 100  bytes 9800 (9.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

qg-3cbaae0b-e4: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450
        inet 10.252.12.57  netmask 255.255.255.224  broadcast 10.252.12.63
        inet6 fe80::f816:3eff:fe38:4f76  prefixlen 64  scopeid 0x20<link>
        ether fa:16:3e:38:4f:76  txqueuelen 1000  (Ethernet)
        RX packets 39  bytes 2068 (2.0 KiB)
        RX errors 0  dropped 2  overruns 0  frame 0
        TX packets 184  bytes 9104 (8.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

qr-78dba6f1-fe: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450
        inet 10.0.0.1  netmask 255.255.255.0  broadcast 10.0.0.255
        inet6 fe80::f816:3eff:fe98:5cdf  prefixlen 64  scopeid 0x20<link>
        ether fa:16:3e:98:5c:df  txqueuelen 1000  (Ethernet)
        RX packets 1332  bytes 136500 (133.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1662  bytes 164677 (160.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

3-route -n from router

[root@os ~(keystone_admin)]# ip netns exec qrouter-e5a061c1-6612-4c60-8066-927c0751f53f route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.252.12.33    0.0.0.0         UG    0      0        0 qg-3cbaae0b-e4
10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 qr-78dba6f1-fe
10.252.12.32    0.0.0.0         255.255.255.224 U     0      0        0 qg-3cbaae0b-e4

4-ping instance ip [10.252.12.59] from router namespace[10.252.12.57] working fine

[root@os ~(keystone_admin)]# ip netns exec qrouter-e5a061c1-6612-4c60-8066-927c0751f53f ping 10.252.12.59
PING 10.252.12.59 (10.252.12.59) 56(84) bytes of data.
64 bytes from 10.252.12.59: icmp_seq=1 ttl=64 time=4.33 ms
64 bytes from 10.252.12.59: icmp_seq=2 ttl=64 time=0.551 ms

5-OVS status

[root@os ~(keystone_admin)]# ovs-vsctl show
fc7d3396-24fd-4198-8444-664cd44da201
    Manager "ptcp:6640:127.0.0.1"
        is_connected: true
    Bridge br-tun
        Controller "tcp:127.0.0.1:6633"
            is_connected: true
        fail_mode: secure
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge br-ex
        Controller "tcp:127.0.0.1:6633"
            is_connected: true
        fail_mode: secure
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
        Port "eth0"
            Interface "eth0"
    Bridge br-int
        Controller "tcp:127.0.0.1:6633"
            is_connected: true
        fail_mode: secure
        Port "qr-78dba6f1-fe"
            tag: 1
            Interface "qr-78dba6f1-fe"
                type: internal
        Port "tap3b998c44-ee"
            tag: 2
            Interface "tap3b998c44-ee"
                type: internal
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "tapfcb3f2fd-6c"
            tag: 1
            Interface "tapfcb3f2fd-6c"
                type: internal
        Port "qvobc118e88-30"
            tag: 1
            Interface "qvobc118e88-30"
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port br-int
            Interface br-int
                type: internal
        Port "qg-3cbaae0b-e4"
            tag: 2
            Interface "qg-3cbaae0b-e4"
                type: internal
    ovs_version: "2.10.1"

i don't know where is the problem ,how can i ping external G/W ( 10.252.12.33) ???

can't ping external g/w

Hi, i can't ping instance or ssh from outside,after tshoot i find router ip [10.252.12.57]can't reach it's external gw [10.252.12.33] External subnet: 10.252.12.32/27

1-tcpdump of pining external interface 10.252.12.33

[root@os ~(keystone_admin)]# ip netns exec qrouter-e5a061c1-6612-4c60-8066-927c0751f53f  tcpdump -i any icmp -nn
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes
08:09:17.110553 IP 10.252.12.57 > 10.252.12.57: ICMP host 10.252.12.33 unreachable, length 92
08:09:17.110563 IP 10.252.12.57 > 10.252.12.57: ICMP host 10.252.12.33 unreachable, length 92
08:09:17.110570 IP 10.252.12.57 > 10.252.12.57: ICMP host 10.252.12.33 unreachable, length 92

2-ifconfig from router

[root@os ~(keystone_admin)]# ip netns exec qrouter-e5a061c1-6612-4c60-8066-927c0751f53f ifconfig
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 100  bytes 9800 (9.5 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 100  bytes 9800 (9.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

qg-3cbaae0b-e4: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450
        inet 10.252.12.57  netmask 255.255.255.224  broadcast 10.252.12.63
        inet6 fe80::f816:3eff:fe38:4f76  prefixlen 64  scopeid 0x20<link>
        ether fa:16:3e:38:4f:76  txqueuelen 1000  (Ethernet)
        RX packets 39  bytes 2068 (2.0 KiB)
        RX errors 0  dropped 2  overruns 0  frame 0
        TX packets 184  bytes 9104 (8.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

qr-78dba6f1-fe: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450
        inet 10.0.0.1  netmask 255.255.255.0  broadcast 10.0.0.255
        inet6 fe80::f816:3eff:fe98:5cdf  prefixlen 64  scopeid 0x20<link>
        ether fa:16:3e:98:5c:df  txqueuelen 1000  (Ethernet)
        RX packets 1332  bytes 136500 (133.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1662  bytes 164677 (160.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

3-route -n from router

[root@os ~(keystone_admin)]# ip netns exec qrouter-e5a061c1-6612-4c60-8066-927c0751f53f route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.252.12.33    0.0.0.0         UG    0      0        0 qg-3cbaae0b-e4
10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 qr-78dba6f1-fe
10.252.12.32    0.0.0.0         255.255.255.224 U     0      0        0 qg-3cbaae0b-e4

4-ping instance ip [10.252.12.59] from router namespace[10.252.12.57] working fine

[root@os ~(keystone_admin)]# ip netns exec qrouter-e5a061c1-6612-4c60-8066-927c0751f53f ping 10.252.12.59
PING 10.252.12.59 (10.252.12.59) 56(84) bytes of data.
64 bytes from 10.252.12.59: icmp_seq=1 ttl=64 time=4.33 ms
64 bytes from 10.252.12.59: icmp_seq=2 ttl=64 time=0.551 ms

5-OVS status

[root@os ~(keystone_admin)]# ovs-vsctl show
fc7d3396-24fd-4198-8444-664cd44da201
    Manager "ptcp:6640:127.0.0.1"
        is_connected: true
    Bridge br-tun
        Controller "tcp:127.0.0.1:6633"
            is_connected: true
        fail_mode: secure
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge br-ex
        Controller "tcp:127.0.0.1:6633"
            is_connected: true
        fail_mode: secure
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
        Port "eth0"
            Interface "eth0"
    Bridge br-int
        Controller "tcp:127.0.0.1:6633"
            is_connected: true
        fail_mode: secure
        Port "qr-78dba6f1-fe"
            tag: 1
            Interface "qr-78dba6f1-fe"
                type: internal
        Port "tap3b998c44-ee"
            tag: 2
            Interface "tap3b998c44-ee"
                type: internal
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "tapfcb3f2fd-6c"
            tag: 1
            Interface "tapfcb3f2fd-6c"
                type: internal
        Port "qvobc118e88-30"
            tag: 1
            Interface "qvobc118e88-30"
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port br-int
            Interface br-int
                type: internal
        Port "qg-3cbaae0b-e4"
            tag: 2
            Interface "qg-3cbaae0b-e4"
                type: internal
    ovs_version: "2.10.1"

i don't know where is the problem ,how can i ping external G/W ( 10.252.12.33) ???

br-ex : 10.252.12.60 ( AIO IP)
router external ip : 10.252.12.57
10.252.12.33 is external G/W