[Openstack-operators] [neutron] Instances on private net can't resolve, no DNS

Christopher Hull chrishull42 at gmail.com
Thu Mar 31 13:54:55 UTC 2016


Hi James / all

DNS is a red herring...

>From the private net, I can now ping any IP.   The northbound router
Neutron Port is up.  So those are improvements as a result of the update.
But I can't telnet to any IP / port from an instance on the private net.
It shouldn't be Demo's security group settings as a Demo instance can do
anything from the public net.  Looks like the Neutron Router still isn't
working.

Updated Neutron by hand.   Just noticed the CentOS Openstack repo has been
updated as of last Tuesday.  Run yum update.  "No packages marked for
update", so I suspect I'm finally running the latest Neutron at least.
Any more bug fixes related to this that anyone knows of?   Guess I'll check
the error logs again.

-Chris



- Christopher T. Hull
I am presently seeking a new career opportunity  Please see career page
http://chrishull.com/career
333 Orchard Ave, Sunnyvale CA. 94085
(415) 385 4865
chrishull42 at gmail.com
http://chrishull.com



On Wed, Mar 30, 2016 at 10:04 PM, <chrishull42 at gmail.com> wrote:

> Hi James.
>
> That makes sense.   I had tried that.  Doesn't seem to work.   I'd think
> the public and private subnets would behave the same way.  Public works but
> private doesn't.   Private can ping though
>
> Telnet can't get to port 53 from an instance on the private net.
>
> Public net can use my ATT router gateway as DNS too.
>
> Wondering if Neutron router is to blame... again.  :)
>
> Thanks
> Chris.
>
> Sent from my iPhone
>
> On Mar 30, 2016, at 9:20 PM, James Denton <james.denton at rackspace.com>
> wrote:
>
> Hi Chris,
>
>
> It shouldn't be as complex as that. DNS nameservers are pushed to
> instances via DHCP, and those name servers are set during subnet creation.
> You can also do a 'neutron subnet-update' to update an existing subnet.
>
>
> Syntax:
>
> neutron subnet-update <subnet> --dns-nameservers <dns1> <dns2>
>
>>
> That would be used to update the subnet your instances attach to and not
> the external subnet attached to the router. Hope that helps.
>
>
> James
>
>
>
> ------------------------------
> *From:* Christopher Hull <chrishull42 at gmail.com>
> *Sent:* Wednesday, March 30, 2016 11:06 PM
> *To:* openstack-operators
> *Subject:* [Openstack-operators] [neutron] Instances on private net can't
> resolve, no DNS
>
> Hello all;
>
> Well, more pulling of teeth it seems before I actually get to USE my
> self-installed OpenStack Liberty.  :-)
>
> All networks seem to work just fine.  Can ping everything from private
> network.  You would think DNS would work, but it doesn't    This I think
> has something to do with dnsmasq.
>
> I've read a few web pages.   Set dnsmasq_dns_servers in dhcp_agent.ini to
> 8.8.8.8,8.8.4.4 (Google DNS).   Also set the private subnet to those.
> Nada.
>
> From within an instance on the Private network, telnet 8.8.8.8 53 "no
> route to host".... but it PINGS!   Hmmm.
>
> So help me unravel more of this genome known as OpenStack.  Why if private
> instances can reach the internet, doens't DNS work????
>
> Just patched Neutron to fix the previous bug.  I think I have the latest.
>
> Thanks
> -Chris
>
>
> - Christopher T. Hull
> I am presently seeking a new career opportunity  Please see career page
> http://chrishull.com/career
> 333 Orchard Ave, Sunnyvale CA. 94085
> (415) 385 4865
> chrishull42 at gmail.com
> http://chrishull.com
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20160331/94f84769/attachment.html>


More information about the OpenStack-operators mailing list