Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Packets not leaving compute host

I am having an unusual issue with networking behavior in my environment (Fedora 20/Icehouse/RDO). My VMs are booting up, they are being assigned IPs by DHCP (as shown by nova list), but none of the VMs are getting IP addresses assigned. The issue appears to be that no packets are actually leaving the compute host.

Here are some of the steps I took to check.

  1. Login to vm console and manually issue udhcpc (cirros image). I see bootp packets in the tcpdump trace of phy-br-eth1, but I do not see them in the tcpdump of phy-br-eth1 on the network node.

On local compute node: [root@aragorn arunt]# tcpdump -i phy-br-eth1 tcpdump: WARNING: phy-br-eth1: no IPv4 address assigned tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on phy-br-eth1, link-type EN10MB (Ethernet), capture size 65535 bytes

23:57:25.288979 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:26:fa:5d (oui Unknown), length 280 23:57:28.301814 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:26:fa:5d (oui Unknown), length 280 23:57:31.308918 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:26:fa:5d (oui Unknown), length 280

  1. Manually configure the IP address of the VM on the link. Ping another manually configured VM on the same compute host. Ping works.

  2. Ping another manually configured VM on another compute node, ping does not work. The ICMP packet is seen on phy-br-eth1 of the compute host in question, but not on phy-br-eth1 of the other compute node.

  3. security groups and rules seem to be in place.

[root@grey utils]# nova secgroup-list-rules default +-------------+-----------+---------+------------+--------------+ | IP Protocol | From Port | To Port | IP Range | Source Group | +-------------+-----------+---------+------------+--------------+ | | | | | default | | icmp | -1 | -1 | 0.0.0.0/24 | | | | | | | default | | tcp | 22 | 22 | 0.0.0.0/24 | | +-------------+-----------+---------+------------+--------------+

I am using openvswitch and not ml2.

Any inputs are greatly appreciated.

click to hide/show revision 2
No.2 Revision

Packets not leaving compute host

I am having an unusual issue with networking behavior in my environment (Fedora 20/Icehouse/RDO). My VMs are booting up, they are being assigned IPs by DHCP (as shown by nova list), but none of the VMs are getting IP addresses assigned. The issue appears to be that no packets are actually leaving the compute host.

Here are some of the steps I took to check.

  1. Login to vm console and manually issue udhcpc (cirros image). I see bootp packets in the tcpdump trace of phy-br-eth1, but I do not see them in the tcpdump of phy-br-eth1 on the network node.

On local compute node: node:

[root@aragorn arunt]# tcpdump -i phy-br-eth1
tcpdump: WARNING: phy-br-eth1: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on phy-br-eth1, link-type EN10MB (Ethernet), capture size 65535 bytes

bytes 23:57:25.288979 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:26:fa:5d (oui Unknown), length 280 23:57:28.301814 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:26:fa:5d (oui Unknown), length 280 23:57:31.308918 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:26:fa:5d (oui Unknown), length 280

280
  1. Manually configure the IP address of the VM on the link. Ping another manually configured VM on the same compute host. Ping works.

  2. Ping another manually configured VM on another compute node, ping does not work. The ICMP packet is seen on phy-br-eth1 of the compute host in question, but not on phy-br-eth1 of the other compute node.

  3. security groups and rules seem to be in place.

[root@grey utils]# nova secgroup-list-rules default +-------------+-----------+---------+------------+--------------+ | IP Protocol | From Port | To Port | IP Range | Source Group | +-------------+-----------+---------+------------+--------------+ | | | | | default | | icmp | -1 | -1 | 0.0.0.0/24 | | | | | | | default | | tcp | 22 | 22 | 0.0.0.0/24 | | +-------------+-----------+---------+------------+--------------+

I am using openvswitch and not ml2.

Any inputs are greatly appreciated.

click to hide/show revision 3
No.3 Revision

Packets not leaving compute host

I am having an unusual issue with networking behavior in my environment (Fedora 20/Icehouse/RDO). My VMs are booting up, they are being assigned IPs by DHCP (as shown by nova list), but none of the VMs are getting IP addresses assigned. The issue appears to be that no packets are actually leaving the compute host.

Here are some of the steps I took to check.

  1. Login to vm console and manually issue udhcpc (cirros image). I see bootp packets in the tcpdump trace of phy-br-eth1, but I do not see them in the tcpdump of phy-br-eth1 on the network node.

On local compute node:

[root@aragorn arunt]# tcpdump -i phy-br-eth1
tcpdump: WARNING: phy-br-eth1: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on phy-br-eth1, link-type EN10MB (Ethernet), capture size 65535 bytes


23:57:25.288979 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:26:fa:5d (oui Unknown), length 280
23:57:28.301814 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:26:fa:5d (oui Unknown), length 280
23:57:31.308918 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:26:fa:5d (oui Unknown), length 280
  1. Manually configure the IP address of the VM on the link. Ping another manually configured VM on the same compute host. Ping works.

  2. Ping another manually configured VM on another compute node, ping does not work. The ICMP packet is seen on phy-br-eth1 of the compute host in question, but not on phy-br-eth1 of the other compute node.

  3. security groups and rules seem to be in place.

    [root@grey utils]# nova secgroup-list-rules default
    +-------------+-----------+---------+------------+--------------+
    | IP Protocol | From Port | To Port | IP Range   | Source Group |
    +-------------+-----------+---------+------------+--------------+
    |             |           |         |            | default      |
    | icmp        | -1        | -1      | 0.0.0.0/24 |              |
    |             |           |         |            | default      |
    | tcp         | 22        | 22      | 0.0.0.0/24 |              |
    +-------------+-----------+---------+------------+--------------+

    +-------------+-----------+---------+------------+--------------+

I am using openvswitch and not ml2.

Any inputs are greatly appreciated.