Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

VMs on subnet suffer IGMP timeouts.

Havana + neutron + vswitch:

Via Horizon dashboard, I created a network with a 10.16.1/24 subnet, disabled gateway, enabled dhcp with range 10.16.1.100,10.16.1.120. Then I launched 2 trusty instances, each with two NICS; eth0 for my regular public interface, and eth1 for the 10.16.1/24 subnet. I installed mgen and configured complementary mgen scripts to have the two exchange 1 multicast message per second for 360 seconds. One VM stops receiving packets after 260 seconds (the IGMP Snooping Group Timeout?). The other VM keeps receiving messages for the entire period.

Using wireshark, I captured the IGMP traffic at each VM (not enough points to attach images, yet). The successful VM sees and responds to IGMP Membership queries. The failing VM never sees those queries, hence the timeout, hence the missing data.

I'm guessing this is a firewall issue - keeping the failing VM from seeing the queries. If so, how can I open the firewall for all VMs, so I don't have to do this for each affected VM (many) of each affected tenant (also many)?