<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">The regular conf files look fine, from
the physical network host, nslookup works fine, I also tried with
iptables stopped on the network host, it doesn't help. <br>
<br>
Below is some output from tcpdump run on the network host: <br>
(10.0.1.3 is the dns server for the VM network, 10.0.1.5 is an
instance) <br>
<br>
I can resolve names for other VMs within the same VM subnet: <br>
<br>
12:03:13.862982 IP 10.0.1.5.49737 > 10.0.1.3.domain: 42560+
PTR? 2.1.0.10.in-addr.arpa. (39)<br>
12:03:13.863109 IP 10.0.1.3.domain > 10.0.1.5.49737: 42560*
1/0/0 PTR host-10-0-1-2.openstacklocal. (81)<br>
<br>
But when I try "nslookup <a class="moz-txt-link-abbreviated" href="http://www.google.com">www.google.com</a>", it gave the "Refused"
message: <br>
<br>
12:03:21.991820 IP 10.0.1.5.56262 > 10.0.1.3.domain: 39784+ A?
<a class="moz-txt-link-abbreviated" href="http://www.google.com">www.google.com</a>. (32)<br>
12:03:21.991931 IP 10.0.1.3.domain > 10.0.1.5.56262: 39784
Refused 0/0/0 (32)<br>
12:03:21.992711 IP 10.0.1.5.47311 > 10.0.1.3.domain: 38835+ A?
<a class="moz-txt-link-abbreviated" href="http://www.google.com.openstacklocal">www.google.com.openstacklocal</a>. (47)<br>
12:03:21.992788 IP 10.0.1.3.domain > 10.0.1.5.47311: 38835
Refused 0/0/0 (47)<br>
<br>
The error message from the instance is "server can't find
<a class="moz-txt-link-abbreviated" href="http://www.google.com.openstacklocal">www.google.com.openstacklocal</a>: REFUSED" <br>
<br>
Below is the dnsmasq processes running on the network host (the
-conf-file is empty, is that normal?) : <br>
<br>
nobody 28843 1 0 Nov13 ? 00:00:00 dnsmasq --no-hosts
--no-resolv --strict-order --bind-interfaces
--interface=tap4aafbf9c-49 --except-interface=lo
--pid-file=/var/lib/quantum/dhcp/fea3d2fb-2b50-47e8-ba28-e68f094606bc/pid
--dhcp-hostsfile=/var/lib/quantum/dhcp/fea3d2fb-2b50-47e8-ba28-e68f094606bc/host
--dhcp-optsfile=/var/lib/quantum/dhcp/fea3d2fb-2b50-47e8-ba28-e68f094606bc/opts
--dhcp-script=/usr/bin/quantum-dhcp-agent-dnsmasq-lease-update
--leasefile-ro --dhcp-range=tag0,10.0.1.0,static,120s --conf-file=
--domain=openstacklocal<br>
root 28844 28843 0 Nov13 ? 00:00:00 dnsmasq --no-hosts
--no-resolv --strict-order --bind-interfaces
--interface=tap4aafbf9c-49 --except-interface=lo
--pid-file=/var/lib/quantum/dhcp/fea3d2fb-2b50-47e8-ba28-e68f094606bc/pid
--dhcp-hostsfile=/var/lib/quantum/dhcp/fea3d2fb-2b50-47e8-ba28-e68f094606bc/host
--dhcp-optsfile=/var/lib/quantum/dhcp/fea3d2fb-2b50-47e8-ba28-e68f094606bc/opts
--dhcp-script=/usr/bin/quantum-dhcp-agent-dnsmasq-lease-update
--leasefile-ro --dhcp-range=tag0,10.0.1.0,static,120s --conf-file=
--domain=openstacklocal<br>
<br>
Any help will be greatly appreciated. <br>
<br>
Thanks,<br>
Xin<br>
<br>
<br>
<br>
On 11/12/2013 6:55 PM, Remo Mattei wrote:<br>
</div>
<blockquote
cite="mid:etPan.5282bfe9.54bcf007.20bc@Remos-Macbook.local"
type="cite">
<div id="bloop_customfont"
style="font-family:Calibri,Arial;font-size:13px; color:
rgba(0,0,0,1.0); margin: 0px; line-height: auto;">RH does have
firewall rules you may want to see if DNS is going out. I know
you said that it goes outside but you can also check the order
if in nsswitch.conf etc.. </div>
<div id="bloop_customfont"
style="font-family:Calibri,Arial;font-size:13px; color:
rgba(0,0,0,1.0); margin: 0px; line-height: auto;"><br>
</div>
<div id="bloop_customfont"
style="font-family:Calibri,Arial;font-size:13px; color:
rgba(0,0,0,1.0); margin: 0px; line-height: auto;">Have a good
day, </div>
<div id="bloop_customfont"
style="font-family:Calibri,Arial;font-size:13px; color:
rgba(0,0,0,1.0); margin: 0px; line-height: auto;"><br>
</div>
<div id="bloop_customfont"
style="font-family:Calibri,Arial;font-size:13px; color:
rgba(0,0,0,1.0); margin: 0px; line-height: auto;">ciao </div>
<div id="bloop_sign_1384300449952177920"><span
style="font-family:helvetica,arial;font-size:13px"></span>-- <br>
Remo Mattei<br>
<br>
</div>
<br>
<p style="color:#A0A0A8;"> November 12, 2013 at 14:32:52, Xin Zhao
(<a moz-do-not-send="true" href="mailto://xzhao@bnl.gov">xzhao@bnl.gov</a>)
ha scritto:</p>
<blockquote type="cite" class="clean_bq"><span>
<div>
<div>Hello,
<br>
<br>
I have a multi-host grizzly RHEL6 install, using OVS. From
the instance, <br>
I can ping external ips, but DNS resolv doesn't work, it
only works for <br>
other instances on the VM network.
<br>
If I do subnet-update to add public DNS server ips to the
vm network, <br>
DNS resolv works for external hosts, but stops working for
other <br>
instances on the same VM network.
<br>
Do I miss some configuration here?
<br>
<br>
Thanks,
<br>
Xin
<br>
<br>
_______________________________________________
<br>
Mailing list:
<a class="moz-txt-link-freetext" href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a>
<br>
Post to : <a class="moz-txt-link-abbreviated" href="mailto:openstack@lists.openstack.org">openstack@lists.openstack.org</a>
<br>
Unsubscribe :
<a class="moz-txt-link-freetext" href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a>
<br>
<br>
!DSPAM:2,5282ac94271465380316102!
<br>
<br>
</div>
</div>
</span></blockquote>
</blockquote>
<br>
</body>
</html>