<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><div><br></div><div>Hello Abhishek.</div><div><br></div><div>I will answer about two problem</div><div> - controller can’t ping any external network </div><div> - vm can’t access internet</div><div><blockquote type="cite"><font face="Default Sans Serif,Verdana,Arial,Helvetica,sans-serif" size="2"></font></blockquote></div><div><br></div><div>First , about the problem controller can’t ping any external network </div><div><blockquote type="cite"><font face="Default Sans Serif,Verdana,Arial,Helvetica,sans-serif" size="2"><p> I am able to boot a VM and it goes to active state but cannot ping it from Controller or any external network.</p></font></blockquote></div><div>If you want to ping vm which connected to external network from controller , </div><div>you need to create nic belong to segment the same as external network in controller.</div><div><br></div><div>As described bellow, your controller don’t have the nic belong to external network.</div><div><blockquote type="cite"><font face="Default Sans Serif,Verdana,Arial,Helvetica,sans-serif" size="2"><pre><code>**#Controller Node**
# The primary network interface - NAT connection
auto eth0
iface eth0 inet dhcp
# vboxnet0 - OpenStack management network
auto eth1
iface eth1 inet static
address 10.0.0.11
netmask 255.255.255.0</code></pre></font></blockquote><div><br></div></div><div>Second, about the problem vm can’t access internet</div><div><blockquote type="cite"><font face="Default Sans Serif,Verdana,Arial,Helvetica,sans-serif" size="2"><p>Moreover, as per the install guide the VM should be able to ping “<a href="http://openstack.org">openstack.org</a>” to verify ext-net connectivity it is not doing that. The VM is able to ping the tenant router gateway of the external network interface “192.168.56.105”.</p></font></blockquote></div><div><font face="Default Sans Serif,Verdana,Arial,Helvetica,sans-serif" size="2"><p>the reason of this problem is that your network node don’t routing or the next router of network node don’t know external network ( 192.168.56.0/24 ).</p><div>this problem can be solved by following </div><div> - Set NAT to NIC belong to segment which can access internet in network node</div><div><br></div></font></div><div><br></div><div>I’m grad if this information help you.</div><div><br></div><div><br></div><div>Yuki Nishiwaki </div><div><br></div><div><div>2015/07/09 18:38、Abhishek Talwar <<a href="mailto:abhishek.talwar@tcs.com">abhishek.talwar@tcs.com</a>> のメール:</div><br class="Apple-interchange-newline"><blockquote type="cite"><font face="Default Sans Serif,Verdana,Arial,Helvetica,sans-serif" size="2"><p>HI Folks,</p><p><br></p><p>I have a multinode OpenStack kilo setup with a controller node, network node and 2 compute nodes. I followed all the steps (<a href="http://docs.openstack.org/kilo/install-guide/install/apt/content/ch_basic_environment.html">http://docs.openstack.org/kilo/instal...</a>)
given in the OpenStack kilo install guide. I am able to boot a VM and
it goes to active state but cannot ping it from Controller or any
external network.</p><p>The external network interface (eth3) has a gateway of 192.168.56.105 and we can ping it from any external network.</p><p>I have assigned a floting ip to the VM, and added the icmp and tcp rules to allow the ping and SSH but we can't ping to the VM.</p><p>Moreover,
as per the install guide the VM should be able to ping “<a href="http://openstack.org">openstack.org</a>”
to verify ext-net connectivity it is not doing that. The VM is able to
ping the tenant router gateway of the external network interface
“192.168.56.105”.</p><p>How should we proceed further to enable the ping and SSH functionality.</p><p>The setup details are listed as follows:</p><p><br></p><div>
<br class="webkit-block-placeholder"></div><pre><code>**#Controller Node**
# The primary network interface - NAT connection
auto eth0
iface eth0 inet dhcp
# vboxnet0 - OpenStack management network
auto eth1
iface eth1 inet static
address 10.0.0.11
netmask 255.255.255.0
**#Network Node**
# vboxnet0 - OpenStack management network
auto eth1
iface eth1 inet static
address 10.0.0.21
netmask 255.255.255.0
# vboxnet2 - OpenStack data/communication network
auto eth2
iface eth2 inet static
address 10.0.1.21
netmask 255.255.255.0
#vboxnet0 - For exposing external network
auto eth3
iface eth3 inet manual
up ip link set dev $IFACE up
down ip link set dev $IFACE down
**#Compute Node**
# The primary network interface - NAT connection
auto eth0
iface eth0 inet dhcp
# vboxnet0 - OpenStack management network
auto eth1
iface eth1 inet static
address 10.0.0.31
netmask 255.255.255.0
# vboxnet2 - OpenStack VM data/communication network
auto eth2
iface eth2 inet static
address 10.0.1.31
netmask 255.255.255.0
**#Compute1 Node**
# The primary network interface - NAT connection
auto eth0
iface eth0 inet dhcp
# vboxnet0 - OpenStack management network
auto eth1
iface eth1 inet static
address 10.0.0.32
netmask 255.255.255.0
# vboxnet2 - OpenStack VM data/communication network
auto eth2
iface eth2 inet static
address 10.0.1.32
netmask 255.255.255.0
**#neutron net-list**
------------------------------------------+
| id | name | subnets |
+--------------------------------------+-----------+-----------------------------------------------------+
|
| 6c91a7e8-4182-4fb7-8d42-b83ca6775e57 | ext-net | c4dac528-3fa9-47db-a5c4-50590ed8edf5 |
| 314323cd-cbd1-43e9-a5f5-58213a6afdee | demo-net1 | 7412369e-a91f-4228-af55-2792fde85d3d 192.168.1.0/24 |
+--------------------------------------+-----------+-----------------------------------------------------+
**# neutron floatingip-list**
-----------------+--------------------------------------+
| id | fixed_ip_address | floating_ip_address | port_id |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 65872868-6318-4eb3-bce4-6bd8922b90e1 | 192.168.1.3 | 192.168.56.109 | 3a2f47f7-cbc4-4558-b91c-2886de545cd7 |
+--------------------------------------+------------------+---------------------+--------------------------------------+
**# nova list**
------+-------------+---------------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+-------+--------+------------+-------------+---------------------------------------+
| 1ebf21e7-3073-4d68-ae59-ec168c3e51c7 | vm786 | ACTIVE | - | Running | demo-net1=192.168.1.3, 192.168.56.109 |
**Added the rules to the default security group:**
a. Permit ICMP (ping):
$ nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp | -1 | -1 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
b. Permit secure shell (SSH) access:
$ nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp | 22 | 22 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
# ovs-vsctl show
ebc068e7-0b6d-45c7-9408-87e2af9af64a
Bridge br-tun
fail_mode: secure
Port patch-int
Interface patch-int
type: patch
options: {peer=patch-tun}
Port "gre-0a00011f"
Interface "gre-0a00011f"
type: gre
options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.31"}
Port "gre-0a000120"
Interface "gre-0a000120"
type: gre
options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.32"}
Port br-tun
Interface br-tun
type: internal
Bridge br-int
fail_mode: secure
Port "qr-b1bbd942-2e"
tag: 3
Interface "qr-b1bbd942-2e"
type: internal
Port "qg-d104c0f4-62"
tag: 2
Interface "qg-d104c0f4-62"
type: internal
Port "qr-f5934280-24"
tag: 1
Interface "qr-f5934280-24"
type: internal
Port patch-tun
Interface patch-tun
type: patch
options: {peer=patch-int}
Port "tap5cc41425-9c"
tag: 1
Interface "tap5cc41425-9c"
type: internal
Port "qr-565908b5-18"
tag: 1
Interface "qr-565908b5-18"
type: internal
Port "qg-1ac2537b-9d"
tag: 2
Interface "qg-1ac2537b-9d"
type: internal
Port "qg-a0ff0263-ca"
tag: 2
Interface "qg-a0ff0263-ca"
type: internal
Port br-int
Interface br-int
type: internal
Port "tap333dbc90-e6"
tag: 3
Interface "tap333dbc90-e6"
type: internal
Port int-br-ex
Interface int-br-ex
type: patch
options: {peer=phy-br-ex}
Bridge br-ex
Port "eth3"
Interface "eth3"
Port br-ex
Interface br-ex
type: internal
Port phy-br-ex
Interface phy-br-ex
type: patch
options: {peer=int-br-ex}
ovs_version: "2.3.1"
<br><br>Kindly check my setup and please provide some inputs how can I proceed further.<br><br><br>Thanks and Regards<br>Abhishek Talwar<br></code></pre><div></div></font><p>=====-----=====-----=====<br>
Notice: The information contained in this e-mail<br>
message and/or attachments to it may contain <br>
confidential or privileged information. If you are <br>
not the intended recipient, any dissemination, use, <br>
review, distribution, printing or copying of the <br>
information contained in this e-mail message <br>
and/or attachments to it are strictly prohibited. If <br>
you have received this communication in error, <br>
please notify us by reply e-mail or telephone and <br>
immediately and permanently delete the message <br>
and any attachments. Thank you</p><div><br class="webkit-block-placeholder"></div>
_______________________________________________<br>OpenStack-operators mailing list<br><a href="mailto:OpenStack-operators@lists.openstack.org">OpenStack-operators@lists.openstack.org</a><br>http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators<br></blockquote></div><br></body></html>