Ask Your Question

jazzsir's profile - activity

2017-03-31 01:06:19 -0500 received badge  Supporter (source)
2016-04-17 09:29:41 -0500 commented question demo-router not pingable from external network (a promiscuous mode problem)

I guess this problem was related to virt_type http://docs.openstack.org/juno/config.... But I haven't tried..

2014-10-19 22:49:58 -0500 received badge  Great Question (source)
2014-10-14 03:16:17 -0500 received badge  Famous Question (source)
2014-10-03 17:26:36 -0500 received badge  Notable Question (source)
2014-10-02 12:12:52 -0500 received badge  Popular Question (source)
2014-10-02 11:52:01 -0500 commented question demo-router not pingable from external network (a promiscuous mode problem)

hi SGPJ, I could not find something to solve this problem in the post. I am looking for a way to get IP packets as well as ARP packets on "eth1" in VM3 in the picture on my post.

2014-10-02 04:04:21 -0500 asked a question demo-router not pingable from external network (a promiscuous mode problem)

I have followed the Icehouse doc "OpenStack Installation Guide(three-node)". My environment is same as the doc except IP and nodes that are builded as VM using libvirt(qemu/KVM) in CentOS 6.5 as below image description

I can not ping floating IP of demo-router from external node in this stage -> http://docs.openstack.org/icehouse/in...

I think this problem is related to promiscuous mode. Because, I can capture "ARP request" and "ICMP echo request" in ① and ② interfaces in the picture above, but in ③, I can only capture "ARP request" packets.

why are "ICMP echo request"s blocked after ②.

I have set..

  1. ①, ② and ③ are set into promiscuous mode using "ip link set [INTERFACE_NAME] promisc on"
  2. ICMP and TCP are enabled in "nova secgroup"
  3. MAC addresses of both side are updated on each ARP table.

I have found a post in same situation I am in -> https://ask.openstack.org/en/question... but I don't understand a way of solution in that post

Any hints would be much appreciated!.

2014-10-01 19:59:53 -0500 commented question Cannot ping from external network to floating IP of tenant router gateway

hi, T u I. I think the problem is that eth1 couldn't be set into promiscuous mode. I have just posted it on this board.. Thank you so much for your support.

2014-10-01 19:59:53 -0500 received badge  Commentator (source)
2014-09-25 06:04:40 -0500 received badge  Good Question (source)
2014-09-21 02:56:31 -0500 commented question Cannot ping from external network to floating IP of tenant router gateway

Hi, T u l. my qpidd is running on controller and network node. I have found tap and qr port is DOWN. so I reinstalled libvert and reconfigured network-node to be UP them. but anything did't help. I updated the result of "ip route" and "ovs-ofctl" commands at the bottom of network-node info.

2014-09-17 21:10:40 -0500 commented question Cannot ping from external network to floating IP of tenant router gateway

I really thank you for your attention. Now, I check some errors in log files. but, I don't understand, because I'm just getting my feet wet. I updated the logs in my writing, please check it

2014-09-16 07:21:22 -0500 received badge  Nice Question (source)
2014-09-16 03:33:33 -0500 received badge  Famous Question (source)
2014-09-16 02:12:07 -0500 commented question Cannot ping from external network to floating IP of tenant router gateway

Hi SGPJ. Thank you for your attention. I updated my security-group-rules. My problem is that I can not ping from external network to floating IP of virtual tenant router (Not VM).

2014-09-16 00:04:19 -0500 received badge  Self-Learner (source)
2014-09-16 00:04:19 -0500 received badge  Teacher (source)
2014-09-15 21:43:41 -0500 answered a question Cannot ping from external network to floating IP of tenant router gateway

Hi SGPJ. Thank you for your attention. This is my secgroup rules. My problem is that I can not ping from external network to floating IP of virtual tenant router (Not VM).

[root@network-node ~]# nova secgroup-list
+--------------------------------------+---------+-------------+
| Id                                   | Name    | Description |
+--------------------------------------+---------+-------------+
| 550906cc-40db-4e48-8fa1-981e75009d51 | default | default     |
+--------------------------------------+---------+-------------+
[root@network-node ~]# nova secgroup-list-rules default
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range  | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp        | -1        | -1      | 0.0.0.0/0 |              |
|             |           |         |           | default      |
| tcp         | 22        | 22      | 0.0.0.0/0 |              |
|             |           |         |           | default      |
+-------------+-----------+---------+-----------+--------------+
[root@network-node ~]#
2014-09-15 18:53:03 -0500 edited question Cannot ping from external network to floating IP of tenant router gateway

I have followed the Icehouse doc "OpenStack Installation Guide(three-node)". My environment is same as the doc except IP and nodes that are builded as VM using libvirt in CentOS 6.5

http://docs.openstack.org/icehouse/in...

In accordance with the doc.

  • Neutron server is running on controller-node
  • NIC(eth1) for external network on network-node is configured without IP (PROMISC="yes" because the node is VM)

The problem

The strange things

  • The tap and qr ports are always DOWN (on network-node) - you can check it in "the detail info"
  • The port of the router_gateway is DOWN (on controller-node) - you can check it in "the detail info"
  • There are some errors(ConnectionError, HeartbeatTimeout) in log files. - you can check it at the bottom of writing please click (more) button at the bottom of this writing to show all info
  • I assigned external IP to br-ex on network-node for test and pinged, then I can capture incoming packets by using "tcpdump -i eth1" on network-node, but there are no 'IP' packets, only 'ARP' packet in captured packets and source host(external node) receives no response

The detail info of my environment:

image description

1) IP addresses and CIDR

-controller-node : 10.0.0.11 (management network)
-network-node : 10.0.0.21 (management network)
                10.0.1.21 (data network)
-compute-node : 10.0.0.31 (management network)
                10.0.1.31 (data network)
-external network gateway : 192.168.125.254
-the floating IP of tenant router gateway : 192.168.125.150
-external network CIDR : 192.168.125.0/24
-demo network CIDR : 172.30.1.0/24

2) network node

[root@network-node ~]# ovs-vsctl show
23804a8f-7c89-4422-9b9f-67bf26a34c51
    Bridge br-int
        fail_mode: secure
        Port br-int
            Interface br-int
                type: internal
        Port "qr-98c762ea-d7"
            tag: 1
            Interface "qr-98c762ea-d7"
                type: internal
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "tapf5eec840-e6"
            tag: 1
            Interface "tapf5eec840-e6"
                type: internal
    Bridge br-ex
        Port "eth1"
            Interface "eth1"
        Port br-ex
            Interface br-ex
                type: internal
        Port "qg-9810105a-ed"
            Interface "qg-9810105a-ed"
                type: internal
    Bridge br-tun
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
        Port "gre-0a00011f"
            Interface "gre-0a00011f"
                type: gre
                options: {in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.31"}
        Port br-tun
            Interface br-tun
                type: internal
    ovs_version: "1.11.0"
[root@network-node ~]#
[root@network-node ~]# ip a
.
.
2: eth0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:00:f6:31:07 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.21/24 brd 10.0.0.255 scope global eth0
    inet6 fe80::5054:ff:fef6:3107/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:00:d3:92:e2 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::5054:ff:fed3:92e2/64 scope link 
       valid_lft forever preferred_lft forever
4 ...
(more)