Hi Jiaan,<br><br>The problem may relates to SNAT iptables set by nova-network. Based on the description, I guess you have only one nova-network running on Controller.<br><br>Please try:<br><br>1. add the following line to /etc/nova/nova.conf<br>
--mutil_host=true<br><br>2. start a nova-network instance on Compute Node<br>service nova-network start<br><br>3. reboot your instance, to enforce network filters on Controller<br>nova reboot $id<br><br>try to access your vm instance.<br>
<br><br clear="all"><i style="font-family:georgia,serif;background-color:rgb(255,255,255);color:rgb(192,192,192)">Best Regards,<br>Xiaolin Zhang</i><br><br>
<br><br><div class="gmail_quote">On Sat, Jul 14, 2012 at 10:58 AM, Jiaan Zeng <span dir="ltr"><<a href="mailto:l.allen09@gmail.com" target="_blank">l.allen09@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<span style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif">Hi List,</span><div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif">
<br></div><div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif">I have a network problem while setting up essex. The instances on control node can access internet, while instances on compute node cannot. I tcpdump the ping traffic and found something weird. VM on compute node can send ICMP request out and the src ip of the ICMP package is changed to ip of control node. Destination can receive the request and reply back to control node. But VM on compute node gets nothing back. I can ping control node from VM on compute node though. Based on that, I think there should be something wrong with the gateway set up by nova-network. But I don't know how to do further debug. </div>
<div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif"><br></div><div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif">
Any suggestions would be greatly appreciated!</div><div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif"><br></div><div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif">
I set up on two machines. Each has only *one* NIC. I use FlatDHCPManager and place the bridge on the public NIC. Below is my configuration file of network part. </div><div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif">
<br></div><div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif"><div>--network_manager=nova.network.manager.FlatDHCPManager</div><div>--public_interface=eth0</div><div>
--flat_interface=eth0</div><div>--flat_network_bridge=br100</div><div>--fixed_range=<a href="http://192.168.22.32/27" style="color:rgb(17,85,204)" target="_blank">192.168.22.32/27</a></div><div>--floating_range=<a href="http://10.42.0.32/27" style="color:rgb(17,85,204)" target="_blank">10.42.0.32/27</a></div>
<div>--network_size=32</div><div>--flat_network_dhcp_start=192.168.22.33</div><div>--flat_injected=False</div><div>--force_dhcp_release=True</div></div><span class="HOEnZb"><font color="#888888"><div><br></div>-- <br>Regards,<br>
Jiaan<br>
</font></span><br>_______________________________________________<br>
Mailing list: <a href="https://launchpad.net/%7Eopenstack" target="_blank">https://launchpad.net/~openstack</a><br>
Post to : <a href="mailto:openstack@lists.launchpad.net">openstack@lists.launchpad.net</a><br>
Unsubscribe : <a href="https://launchpad.net/%7Eopenstack" target="_blank">https://launchpad.net/~openstack</a><br>
More help : <a href="https://help.launchpad.net/ListHelp" target="_blank">https://help.launchpad.net/ListHelp</a><br>
<br></blockquote></div><br>