[Openstack] Can not ping the tenant router gateway from host
Mitchell Chen
mitchell.chen at mediatek.com
Wed Mar 4 21:03:09 UTC 2015
Hi All,
I am struggling with not being able to ping the router gateway. I am able to ping from router to the router gateway (172.29.105.101) and router to internal tenant gateway (192.168.2.1), but still can not ping from control node to the router gateway. I am using GRE tunneling. I saw there is a tag 4095 in the tap port of the br-int bridge. Is this OK? Please advise. From the following data, is there a way to debug the issue?
Thanks,
Mitchell
root at control:~# ovs-vsctl show
f22d3ba4-d785-4fe7-a283-16ffbc75c434
Bridge br-int
fail_mode: secure
Port "qr-784a2f1c-e6"
tag: 1
Interface "qr-784a2f1c-e6"
type: internal
Port "tap27dd1b25-62"
tag: 4095
Interface "tap27dd1b25-62"
type: internal
Port br-int
Interface br-int
type: internal
Port patch-tun
Interface patch-tun
type: patch
options: {peer=patch-int}
Bridge br-tun
Port patch-int
Interface patch-int
type: patch
options: {peer=patch-tun}
Port "gre-c0a801cc"
Interface "gre-c0a801cc"
type: gre
options: {in_key=flow, local_ip="192.168.1.220", out_key=flow, remote_ip="192.168.1.204"}
Port "gre-c0a801d5"
Interface "gre-c0a801d5"
type: gre
options: {in_key=flow, local_ip="192.168.1.220", out_key=flow, remote_ip="192.168.1.213"}
Port br-tun
Interface br-tun
type: internal
Port "gre-c0a801d2"
Interface "gre-c0a801d2"
type: gre
options: {in_key=flow, local_ip="192.168.1.220", out_key=flow, remote_ip="192.168.1.210"}
Bridge br-ex
Port "qg-6849da02-da"
Interface "qg-6849da02-da"
type: internal
Port br-ex
Interface br-ex
type: internal
Port "eth2"
Interface "eth2"
ovs_version: "2.0.2"
root at control:~# ovs-ofctl dump-flows br-int
NXST_FLOW reply (xid=0x4):
cookie=0x0, duration=55.846s, table=0, n_packets=2, n_bytes=214, idle_age=8, priority=1 actions=NORMAL
cookie=0x0, duration=55.649s, table=22, n_packets=0, n_bytes=0, idle_age=55, priority=0 actions=drop
root@ control:~# ovs-ofctl dump-flows br-tun
NXST_FLOW reply (xid=0x4):
cookie=0x0, duration=66.836s, table=0, n_packets=0, n_bytes=0, idle_age=66, priority=1,in_port=3 actions=resubmit(,2)
cookie=0x0, duration=68.694s, table=0, n_packets=0, n_bytes=0, idle_age=68, priority=1,in_port=1 actions=resubmit(,1)
cookie=0x0, duration=66.545s, table=0, n_packets=0, n_bytes=0, idle_age=66, priority=1,in_port=4 actions=resubmit(,2)
cookie=0x0, duration=67.159s, table=0, n_packets=32, n_bytes=5592, idle_age=1, priority=1,in_port=2 actions=resubmit(,2)
cookie=0x0, duration=68.59s, table=0, n_packets=5, n_bytes=390, idle_age=59, priority=0 actions=drop
cookie=0x0, duration=68.495s, table=1, n_packets=0, n_bytes=0, idle_age=68, priority=1,dl_dst=00:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,20)
cookie=0x0, duration=68.391s, table=1, n_packets=0, n_bytes=0, idle_age=68, priority=1,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,21)
cookie=0x0, duration=64.686s, table=2, n_packets=32, n_bytes=5592, idle_age=1, priority=1,tun_id=0x2 actions=mod_vlan_vid:1,resubmit(,10)
cookie=0x0, duration=68.293s, table=2, n_packets=0, n_bytes=0, idle_age=68, priority=0 actions=drop
cookie=0x0, duration=68.193s, table=3, n_packets=0, n_bytes=0, idle_age=68, priority=0 actions=drop
cookie=0x0, duration=68.082s, table=10, n_packets=32, n_bytes=5592, idle_age=1, priority=1 actions=learn(table=20,hard_timeout=300,priority=1,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:0->NXM_OF_VLAN_TCI[],load:NXM_NX_TUN_ID[]->NXM_NX_TUN_ID[],output:NXM_OF_IN_PORT[]),output:1
cookie=0x0, duration=56.741s, table=20, n_packets=0, n_bytes=0, hard_timeout=300, idle_age=56, hard_age=1, priority=1,vlan_tci=0x0001/0x0fff,dl_dst=b2:a9:8f:0a:42:fb actions=load:0->NXM_OF_VLAN_TCI[],load:0x2->NXM_NX_TUN_ID[],output:2
cookie=0x0, duration=22.544s, table=20, n_packets=0, n_bytes=0, hard_timeout=300, idle_age=22, hard_age=9, priority=1,vlan_tci=0x0001/0x0fff,dl_dst=62:bb:fb:a4:92:db actions=load:0->NXM_OF_VLAN_TCI[],load:0x2->NXM_NX_TUN_ID[],output:2
cookie=0x0, duration=67.982s, table=20, n_packets=0, n_bytes=0, idle_age=67, priority=0 actions=resubmit(,21)
cookie=0x0, duration=64.782s, table=21, n_packets=0, n_bytes=0, idle_age=64, dl_vlan=1 actions=strip_vlan,set_tunnel:0x2,output:4,output:3,output:2
cookie=0x0, duration=67.87s, table=21, n_packets=0, n_bytes=0, idle_age=67, priority=0 actions=drop
root@ control:~# ovs-ofctl dump-flows br-ex
NXST_FLOW reply (xid=0x4):
cookie=0x0, duration=558.95s, table=0, n_packets=479, n_bytes=102435, idle_age=10, priority=0 actions=NORMAL
root at neutron:~# ip netns
qrouter-09800b9c-7f2e-40d7-94e5-09e8f73d0302
qdhcp-95f5f75f-577f-4827-b51c-f949fb46393b
root at mussdhux20:~# ip netns exec qrouter-09800b9c-7f2e-40d7-94e5-09e8f73d0302 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
14: qr-784a2f1c-e6: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default
link/ether fa:16:3e:d2:db:51 brd ff:ff:ff:ff:ff:ff
inet 192.168.2.1/24 brd 192.168.2.255 scope global qr-784a2f1c-e6
valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:fed2:db51/64 scope link
valid_lft forever preferred_lft forever
15: qg-6849da02-da: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default
link/ether fa:16:3e:15:c8:76 brd ff:ff:ff:ff:ff:ff
inet 172.29.105.101/24 brd 172.29.105.255 scope global qg-6849da02-da
valid_lft forever preferred_lft forever
inet 172.29.105.102/32 brd 172.29.105.102 scope global qg-6849da02-da
valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:fe15:c876/64 scope link
valid_lft forever preferred_lft forever
/// I can ping from router to external router gateway
root@ neutron:~# ip netns exec qrouter-09800b9c-7f2e-40d7-94e5-09e8f73d0302 ping -I qg-6849da02-da 172.29.105.101
PING 172.29.105.101 (172.29.105.101) from 172.29.105.101 qg-6849da02-da: 56(84) bytes of data.
64 bytes from 172.29.105.101: icmp_seq=1 ttl=64 time=0.067 ms
64 bytes from 172.29.105.101: icmp_seq=2 ttl=64 time=0.048 ms
64 bytes from 172.29.105.101: icmp_seq=3 ttl=64 time=0.062 ms
64 bytes from 172.29.105.101: icmp_seq=4 ttl=64 time=0.051 ms
64 bytes from 172.29.105.101: icmp_seq=5 ttl=64 time=0.061 ms
64 bytes from 172.29.105.101: icmp_seq=6 ttl=64 time=0.050 ms
^C
--- 172.29.105.101 ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 4998ms
rtt min/avg/max/mdev = 0.048/0.056/0.067/0.010 ms
/// I can ping from router to internal tenant gateway
root at mussdhux20:~# ip netns exec qrouter-09800b9c-7f2e-40d7-94e5-09e8f73d0302 ping -I qr-784a2f1c-e6 192.168.2.1
PING 192.168.2.1 (192.168.2.1) from 192.168.2.1 qr-784a2f1c-e6: 56(84) bytes of data.
64 bytes from 192.168.2.1: icmp_seq=1 ttl=64 time=0.045 ms
64 bytes from 192.168.2.1: icmp_seq=2 ttl=64 time=0.047 ms
64 bytes from 192.168.2.1: icmp_seq=3 ttl=64 time=0.064 ms
64 bytes from 192.168.2.1: icmp_seq=4 ttl=64 time=0.049 ms
64 bytes from 192.168.2.1: icmp_seq=5 ttl=64 time=0.056 ms
64 bytes from 192.168.2.1: icmp_seq=6 ttl=64 time=0.044 ms
^C
--- 192.168.2.1 ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 4998ms
rtt min/avg/max/mdev = 0.044/0.050/0.064/0.011 ms
root@ neutron:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth2: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master ovs-system state UP group default qlen 1000
link/ether 00:d0:b7:9d:be:de brd ff:ff:ff:ff:ff:ff
inet6 fe80::2d0:b7ff:fe9d:bede/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:02:b3:ea:fd:36 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.220/24 brd 192.168.1.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::202:b3ff:feea:fd36/64 scope link
valid_lft forever preferred_lft forever
4: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0f:fe:5e:2b:52 brd ff:ff:ff:ff:ff:ff
inet 172.29.106.220/24 brd 172.29.106.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20f:feff:fe5e:2b52/64 scope link
valid_lft forever preferred_lft forever
5: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default
link/ether 42:ad:09:62:3e:ff brd ff:ff:ff:ff:ff:ff
6: br-ex: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default
link/ether 00:d0:b7:9d:be:de brd ff:ff:ff:ff:ff:ff
inet6 fe80::4460:3dff:fe54:774a/64 scope link
valid_lft forever preferred_lft forever
9: br-int: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default
link/ether 0e:51:a9:81:c8:4b brd ff:ff:ff:ff:ff:ff
inet6 fe80::50b6:6dff:fe2b:497f/64 scope link
valid_lft forever preferred_lft forever
17: br-tun: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default
link/ether 96:20:ae:89:c4:49 brd ff:ff:ff:ff:ff:ff
inet6 fe80::14bd:19ff:fe80:55f7/64 scope link
valid_lft forever preferred_lft forever
root@ neutron:~# ip route
default via 172.29.106.254 dev eth0
169.254.0.0/16 dev eth1 scope link metric 1000
172.29.106.0/24 dev eth0 proto kernel scope link src 172.29.106.220
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.220
> > root at control# neutron net-list
+--------------------------------------+----------+------------------------------------------------------+
| id | name | subnets |
+--------------------------------------+----------+------------------------------------------------------+
| 95f5f75f-577f-4827-b51c-f949fb46393b | demo-net | 33d60404-d979-4b63-83ef-653268195872 192.168.2.0/24 |
| e567fd9d-f87a-491c-b8f1-32d28de4069e | ext-net | 0f5d2be9-74b0-466e-b0e6-4be8f646338a 172.29.105.0/24 |
+--------------------------------------+----------+------------------------------------------------------+
root control # neutron subnet-list
+--------------------------------------+-------------+-----------------+------------------------------------------------------+
| id | name | cidr | allocation_pools |
+--------------------------------------+-------------+-----------------+------------------------------------------------------+
| 0f5d2be9-74b0-466e-b0e6-4be8f646338a | ext-subnet | 172.29.105.0/24 | {"start": "172.29.105.101", "end": "172.29.105.127"} |
| 33d60404-d979-4b63-83ef-653268195872 | demo-subnet | 192.168.2.0/24 | {"start": "192.168.2.2", "end": "192.168.2.254"} |
+--------------------------------------+-------------+-----------------+------------------------------------------------------+
> >
> > root@ control# neutron subnet-show ext-subnet
+------------------+------------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------------+
| allocation_pools | {"start": "172.29.105.101", "end": "172.29.105.127"} |
| cidr | 172.29.105.0/24 |
| dns_nameservers | |
| enable_dhcp | False |
| gateway_ip | 172.29.105.254 |
| host_routes | |
| id | 0f5d2be9-74b0-466e-b0e6-4be8f646338a |
| ip_version | 4 |
| name | ext-subnet |
| network_id | e567fd9d-f87a-491c-b8f1-32d28de4069e |
| tenant_id | 7479d4eabeb14b45a7f38269155ec0f5 |
+------------------+------------------------------------------------------+
> > root@ control# neutron subnet-show demo-subnet
+------------------+--------------------------------------------------+
| Field | Value |
+------------------+--------------------------------------------------+
| allocation_pools | {"start": "192.168.2.2", "end": "192.168.2.254"} |
| cidr | 192.168.2.0/24 |
| dns_nameservers | 8.8.8.8 |
| enable_dhcp | True |
| gateway_ip | 192.168.2.1 |
| host_routes | |
| id | 33d60404-d979-4b63-83ef-653268195872 |
| ip_version | 4 |
| name | demo-subnet |
| network_id | 95f5f75f-577f-4827-b51c-f949fb46393b |
| tenant_id | 1bc3de8b19384858a1a7a6395e1845e3 |
+------------------+--------------------------------------------------+
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20150304/6f23fb00/attachment.html>
More information about the Openstack
mailing list