Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Determining remote IP from within VM

Hi,

When you're inside a VM (KVM in our case) with a floating IP and you receive a connection from a remote machine it always appears as though the IP address is the default gateway of the VM regardless of where the connection is coming from.

For example.

A VM is launched and is given a floating IP.

i-000004f7 28.7.4.29 10.0.4.3

You ssh to that VM from a completely different network with a machine with the IP 44.22.66.99.

On the VM you run tcpdump.

root@i-000004f7:~# tcpdump tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 16:14:51.076673 IP i-000004f7.novalocal.ssh > 10.0.4.1.50114 16:14:51.077239 IP i-000004f7.novalocal.56502 > 10.0.4.1.domain: 53009+ PTR? 1.4.0.10.in-addr.arpa. (39) 16:14:51.077667 IP 10.0.4.1.50114 > i-000004f7.novalocal.ssh 16:14:51.083420 IP 10.0.4.1.domain > i-000004f7.novalocal.56502: 53009 NXDomain* 0/0/0 (39) 16:14:51.083565 IP i-000004f7.novalocal.48465 > 10.0.4.1.domain: 26532+ PTR? 3.4.0.10.in-addr.arpa. (39) 16:14:51.083942 IP 10.0.4.1.domain > i-000004f7.novalocal.48465: 26532* 1/0/0 PTR i-000004f7.novalocal. (73) 16:14:51.086649 IP i-000004f7.novalocal.ssh > 10.0.4.1.50114 16:14:51.087937 IP 10.0.4.1.50114 > i-000004f7.novalocal.ssh 16:14:51.096715 IP i-000004f7.novalocal.ssh > 10.0.4.1.50114 16:14:51.097941 IP 10.0.4.1.50114 > i-000004f7.novalocal.ssh

tcpdump is showing the ssh connection you've made from 44.22.66.99. So even though you're connecting from 44.22.66.99 the remote address appears to be 10.0.4.1.

Is there a way with OpenStack to determine the remote IP address from within the VM (in Cactus or a future release)?

If not, could it be done manually such that it wouldn't interfere with the iptables rules that OpenStack creates?

BTW, we're using OpenStack Cactus and VLANManager.

Thanks, Everett