Instances cannot ping each other and cannot ping virtual-router
Hi, I deployed OpenStack Train using TripleO using this tutorial : https://kdjlab.com/deploying-rdo-in-a-cohesive-manner/ and the documentation of TripleO. I deployed it with DVR. In my deployment I am using virtual machines with nested-kvm. The deployment went well, I am using network isolation like this : - nic1 : provisioning - nic2 and nic3 (bond0) storage and storage mgmt networks, each one in it's VLAN - nic3 and nic5 (bond1) tenant, api and *external* (10.0.2.0/24 VLAN2100) networks, each one in it's VLAN In my physical host (the bare metal KVM) I created a bridge which handles the provisioning, tenant, api and external networks. I created a private tenant network (172.16.100.0/24). openstack network create private neutron subnet-create private 172.16.100.0/24 --name private-sub --dns-nameserver 172.16.0.252 I created a public network and I attached it to the external network using the same VLAN tag (10.0.2.0/24 VLAN 2100, pool: 10.0.2.100-10.0.2.120) : *openstack network create --provider-network-type vlan --provider-physical-network datacentre --provider-segment 2100 --external public* neutron subnet-create public 10.0.2.0/24 --name public-sub --disable-dhcp --allocation-pool=start=10.0.2.100,end=10.0.2.120 --gateway=10.0.2.1 --dns-nameserver 172.16.0.252 I created a vrouter, one port in the public network and the other in the private network. I created two cirrus instances, each one got it's ip address from the private network. I found : cirrus-1 : 172.16.100.81 cirrus-2 : 172.16.100.103 vrouter : 172.16.100.1 private : 10.0.2.101 external neutron:dhcp : 172.16.100.2 The problems : - The instances cannot ping each other. - The instances cannot ping the vrouter. - I cannot ping the public vrouter interface. But both instances can ping neutron:dhcp Could someone help me dig into this. Thanks in advance, Regards.
Hi, After some reading, I found out that I needed to specify the physical port that will be used to connect my infrastructure to the external world. In my configuration I created two ovs bridges over two bonds : br0 : is used for storage and storage management networks. br1 : is used for api, tenant and external networks. So I added this to my network-environment.yaml file : *Neu*tronBridgeMappings: 'datacentre:br1' And it did fix the majority of my connectivity problems, now the instances can ping each other, the instances can ping the internet. I can ping the external vrouter interface, but when I associate a floating IP with an instance, I cannot ping or ssh that instance from the external network. I have any to any security group rules for icmp and ssh (for test). How can I debug that? I have some other questions : What does mean technically these variables ? 1) What is the difference between these two lines? NeutronNetworkVLANRanges: 'datacentre:1:4000' NeutronNetworkVLANRanges: 'datacentre:1:1000,tenant:500:1000' 2) What is the difference between NeutronNetworkType and NeutronTunnelType Regards. Le mer. 8 sept. 2021 à 17:13, wodel youchi <wodel.youchi@gmail.com> a écrit :
Hi,
I deployed OpenStack Train using TripleO using this tutorial : https://kdjlab.com/deploying-rdo-in-a-cohesive-manner/ and the documentation of TripleO. I deployed it with DVR.
In my deployment I am using virtual machines with nested-kvm.
The deployment went well, I am using network isolation like this : - nic1 : provisioning - nic2 and nic3 (bond0) storage and storage mgmt networks, each one in it's VLAN - nic3 and nic5 (bond1) tenant, api and *external* (10.0.2.0/24 VLAN2100) networks, each one in it's VLAN
In my physical host (the bare metal KVM) I created a bridge which handles the provisioning, tenant, api and external networks.
I created a private tenant network (172.16.100.0/24).
openstack network create private neutron subnet-create private 172.16.100.0/24 --name private-sub --dns-nameserver 172.16.0.252
I created a public network and I attached it to the external network using the same VLAN tag (10.0.2.0/24 VLAN 2100, pool: 10.0.2.100-10.0.2.120) :
*openstack network create --provider-network-type vlan --provider-physical-network datacentre --provider-segment 2100 --external public* neutron subnet-create public 10.0.2.0/24 --name public-sub --disable-dhcp --allocation-pool=start=10.0.2.100,end=10.0.2.120 --gateway=10.0.2.1 --dns-nameserver 172.16.0.252
I created a vrouter, one port in the public network and the other in the private network. I created two cirrus instances, each one got it's ip address from the private network.
I found : cirrus-1 : 172.16.100.81 cirrus-2 : 172.16.100.103 vrouter : 172.16.100.1 private : 10.0.2.101 external neutron:dhcp : 172.16.100.2
The problems : - The instances cannot ping each other. - The instances cannot ping the vrouter. - I cannot ping the public vrouter interface.
But both instances can ping neutron:dhcp
Could someone help me dig into this.
Thanks in advance, Regards.
participants (1)
-
wodel youchi