发起问题

theopenstacknoob 的档案 - activity

2019-06-27 17:40:30 -0500 获得奖牌  著名问题 (source)
2019-04-17 12:26:43 -0500 获得奖牌  学生 (source)
2019-04-17 11:55:49 -0500 获得奖牌  热门的问题 (source)
2019-03-19 08:08:34 -0500 获得奖牌  粉丝
2019-03-13 17:38:17 -0500 获得奖牌  受欢迎的问题 (source)
2019-03-11 09:02:49 -0500 评论回答 can't ping external gateway or floating IP's from within router namespace

Hi Stef, thank you for your reply. I've added the information requested in the original post. I figured I would add a comment here about it as I'm not sure how notifications work when just editing a post.

2019-03-09 18:46:35 -0500 问了问题 can't ping external gateway or floating IP's from within router namespace

I just finished setting up an OpenStack packstack deployment for testing purposes. I was able to launch an instance and connect to it using ssh on the internal IP address. My router connects my external and internal networks and my security group is wide open. I've setup my bridge interface so that it links to eth0 which is my external network.

[root@ip-172-31-15-114 ~(keystone_admin)]# ip netns exec qrouter-7808ea77-12b3-432a-be6d-f85f2b980577 ssh 192.168.10.152 -l centos -i ~/.ssh/my-key
[centos@r20 ~]$

internal ping works:

[root@ip-172-31-15-114 ~(keystone_admin)]# ip netns exec qrouter-7808ea77-12b3-432a-be6d-f85f2b980577 ping 192.168.10.152    
PING 192.168.10.152 (192.168.10.152) 56(84) bytes of data.
64 bytes from 192.168.10.152: icmp_seq=1 ttl=64 time=1.66 ms
64 bytes from 192.168.10.152: icmp_seq=2 ttl=64 time=0.721 ms
64 bytes from 192.168.10.152: icmp_seq=3 ttl=64 time=0.697 ms
64 bytes from 192.168.10.152: icmp_seq=4 ttl=64 time=0.662 ms

external ping doesn't:

[root@ip-172-31-15-114 ~(keystone_admin)]# ping 172.31.0.10
PING 172.31.0.10 (172.31.0.10) 56(84) bytes of data.
From 172.31.15.114 icmp_seq=1 Destination Host Unreachable
From 172.31.15.114 icmp_seq=2 Destination Host Unreachable
From 172.31.15.114 icmp_seq=3 Destination Host Unreachable
From 172.31.15.114 icmp_seq=4 Destination Host Unreachable
^C
--- 172.31.0.10 ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3000ms
pipe 4
[root@ip-172-31-15-114 ~(keystone_admin)]#

unable to ping Google from within instance:

[root@ip-172-31-15-114 ~(keystone_admin)]# ip netns exec qrouter-7808ea77-12b3-432a-be6d-f85f2b980577 ssh 192.168.10.152 -l centos -i ~/.ssh/my-key
Last login: Sat Mar  9 21:36:08 2019 from gateway
[centos@r20 ~]$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
From 172.31.0.10 icmp_seq=1 Destination Host Unreachable
From 172.31.0.10 icmp_seq=2 Destination Host Unreachable
From 172.31.0.10 icmp_seq=3 Destination Host Unreachable
From 172.31.0.10 icmp_seq=4 Destination Host Unreachable
^C
--- 8.8.8.8 ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3002ms
pipe 4
[centos@r20 ~]$ ip route
default via 192.168.10.1 dev eth0 
169.254.0.0/16 dev eth0 scope link metric 1002 
169.254.169.254 via 192.168.10.1 dev eth0 proto static 
192.168.10.0/24 dev eth0 proto kernel scope link src 192.168.10.152

pinging my gateway from my namespace doesn't work:

[root@ip-172-31-15-114 ~(keystone_admin)]# ip route
default via 172.31.0.1 dev br-ex 
169.254.0.0/16 dev eth0 scope link metric 1002 
169.254.0.0/16 dev br-ex scope link metric 1006 
172.31.0.0/20 dev br-ex proto kernel scope link src 172.31.15.114 
[root@ip-172-31-15-114 ~(keystone_admin)]# ip netns exec qrouter-7808ea77-12b3-432a-be6d-f85f2b980577 ping 172.31.0 ...
(more)