Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Network not working as expected

Hi all, I'm trying to install Openstack Liberty on Centos 7.

The configuration includes some compute nodes (6), a controller node and a network node (for now - will add the block storage nodes later).

The installation itself did complete successfully, but networking is not working.

I can create instances, and the instances can see each other.

On the network node, using commands as:

ip netns exec qrouter-6614a570-3113-4ff8-9082-8daed8520f9 ssh -l cirros 172.16.0.100

I can ssh into the instances.

On the network node, I can also ping the gateway of the private networks using ip netns:

ip netns exec qrouter-6614a570-3113-4ff8-9082-8daed8520f98 ping 10.0.4.1

and I can ping the gateway on the public network.

For debugging purpouses, the firewall is down on all machines.

BUT:

1) I cannot ping the gateway on the public network using ip netns:

ip netns exec qrouter-6614a570-3113-4ff8-9082-8daed8520f98 ping 172.16.0.1 PING 172.16.0.1 (172.16.0.1) 56(84) bytes of data. From 172.16.0.99 icmp_seq=1 Destination Host Unreachable

2) I cannot ssh (or ping) from the network or controller node into the instances using a floating IP address on the public network (e.g. 172.16.0.100)

3) The instances do not have internet connectivity (but can see each other)

4) The horizon instance console does not come up

There is clearly something wrong in the network setup, but I cannot move forward.

Here are the output of relevant commands:

ovs-vsctl show:

93c9bd02-f7c2-4a20-b79c-47dd493566cd
    Bridge br-tun
        fail_mode: secure
        Port "vxlan-ac100023"
            Interface "vxlan-ac100023"
                type: vxlan
                options: {df_default="true", in_key=flow, local_ip="172.16.0.21", out_key=flow, remote_ip="172.16.0.35"}
        Port br-tun
            Interface br-tun
                type: internal
        Port "vxlan-ac10001f"
            Interface "vxlan-ac10001f"
                type: vxlan
                options: {df_default="true", in_key=flow, local_ip="172.16.0.21", out_key=flow, remote_ip="172.16.0.31"}
        Port "vxlan-ac100020"
            Interface "vxlan-ac100020"
                type: vxlan
                options: {df_default="true", in_key=flow, local_ip="172.16.0.21", out_key=flow, remote_ip="172.16.0.32"}
        Port "vxlan-ac100022"
            Interface "vxlan-ac100022"
                type: vxlan
                options: {df_default="true", in_key=flow, local_ip="172.16.0.21", out_key=flow, remote_ip="172.16.0.34"}
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
        Port "vxlan-ac100021"
            Interface "vxlan-ac100021"
                type: vxlan
                options: {df_default="true", in_key=flow, local_ip="172.16.0.21", out_key=flow, remote_ip="172.16.0.33"}
        Port "vxlan-ac100024"
            Interface "vxlan-ac100024"
                type: vxlan
                options: {df_default="true", in_key=flow, local_ip="172.16.0.21", out_key=flow, remote_ip="172.16.0.36"}
    Bridge br-int
        fail_mode: secure
        Port "int-br-eth1"
            Interface "int-br-eth1"
                type: patch
                options: {peer="phy-br-eth1"}
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "qr-f5d405b9-69"
            tag: 22
            Interface "qr-f5d405b9-69"
                type: internal
        Port "tap31be9407-35"
            tag: 22
            Interface "tap31be9407-35"
                type: internal
        Port br-int
            Interface br-int
                type: internal
    Bridge br-ex
        Port "qg-30e26043-0a"
            Interface "qg-30e26043-0a"
                type: internal
        Port br-ex
            Interface br-ex
                type: internal
    Bridge "br-eth1"
        Port "eth1"
            Interface "eth1"
        Port "br-eth1"
            Interface "br-eth1"
                type: internal
        Port "phy-br-eth1"
            Interface "phy-br-eth1"
                type: patch
                options: {peer="int-br-eth1"}
    ovs_version: "2.4.0"

ip netns list:
qrouter-6614a570-3113-4ff8-9082-8daed8520f98
qdhcp-f6303d78-dc85-4f51-88d7-7398566e6a07

neutron net-list:
+--------------------------------------+---------+----------------------------------------------------+
| id                                   | name    | subnets                                            |
+--------------------------------------+---------+----------------------------------------------------+
| 32215335-8ac6-4c50-bfe5-105768104399 | public  | eb80afd0-9743-41cc-9b60-5847877e766b 172.16.0.0/24 |
| f6303d78-dc85-4f51-88d7-7398566e6a07 | private | 578eb4e0-ae54-4981-ac97-e65a7109a728 10.0.4.0/24   |
+--------------------------------------+---------+----------------------------------------------------+

route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         172.16.0.1      0.0.0.0         UG    0      0        0 br-eth1
172.16.0.0      0.0.0.0         255.255.255.0   U     0      0        0 br-eth1
172.16.10.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0

Any ideas?

Andres