cannot ping my guest's floating ip
I am struggling with the fact that I cannot ping my guest's floating ip. I have one Controller node and one Compute node brought up with devstack. Any help would be appreciated! Kendal Details follow... Controller node... [1 picasso@controller ~]$ openstack server list +--------------------------------------+----------+--------+-------------------------------+----------------+----------+ | ID | Name | Status | Networks | Image | Flavor | +--------------------------------------+----------+--------+-------------------------------+----------------+----------+ | c5a7fd0a-61a1-4698-9c12-45b44cb20e54 | myserver | ACTIVE | private=10.0.1.12, 10.0.0.196 | picasso-server | m1.small | +--------------------------------------+----------+--------+-------------------------------+----------------+----------+ [1 picasso@controller ~]$ openstack floating ip list +--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+ | ID | Floating IP Address | Fixed IP Address | Port | Floating Network | Project | +--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+ | 055d825f-9398-4a11-bf5e-ff3d1a9fc8be | 10.0.0.196 | 10.0.1.12 | 9d036770-e1ba-4d5f-8f16-780a066416fd | 32631db5-7798-47df-8af6-7ee8fca011e4 | a0e078d4bac34db89105a2eb0ba4d896 | +--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+ [0 picasso@controller ~]$ ping -c 1 -W 1 10.0.1.1 PING 10.0.1.1 (10.0.1.1) 56(84) bytes of data. 64 bytes from 10.0.1.1: icmp_seq=1 ttl=64 time=0.066 ms --- 10.0.1.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.066/0.066/0.066/0.000 ms [0 picasso@controller ~]$ ping -c 1 -W 1 10.0.1.12 PING 10.0.1.12 (10.0.1.12) 56(84) bytes of data. --- 10.0.1.12 ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 0ms [1 picasso@controller ~]$ ping -c 1 -W 1 10.0.0.196 PING 10.0.0.196 (10.0.0.196) 56(84) bytes of data. --- 10.0.0.196 ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 0ms [0 picasso@controller ~]$ ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 1000 link/ether 08:00:27:72:b2:e5 brd ff:ff:ff:ff:ff:ff inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic enp0s3 valid_lft 77664sec preferred_lft 77664sec inet6 fe80::a00:27ff:fe72:b2e5/64 scope link valid_lft forever preferred_lft forever 3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 1000 link/ether 02:00:68:ed:7c:08 brd ff:ff:ff:ff:ff:ff inet 192.168.1.6/24 brd 192.168.1.255 scope global enp0s8 valid_lft forever preferred_lft forever inet6 fe80::68ff:feed:7c08/64 scope link valid_lft forever preferred_lft forever 4: enp0s9: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc fq_codel master ovs-system state UNKNOWN group default qlen 1000 link/ether 02:00:b6:d5:fe:c5 brd ff:ff:ff:ff:ff:ff inet6 fe80::b6ff:fed5:fec5/64 scope link valid_lft forever preferred_lft forever 5: enp0s10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 02:00:72:74:73:d0 brd ff:ff:ff:ff:ff:ff inet 10.0.1.1/24 brd 10.0.1.255 scope global enp0s10 valid_lft forever preferred_lft forever inet6 fe80::72ff:fe74:73d0/64 scope link valid_lft forever preferred_lft forever 6: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether e6:fd:7a:97:a1:32 brd ff:ff:ff:ff:ff:ff 7: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether f6:38:eb:d2:ce:41 brd ff:ff:ff:ff:ff:ff 8: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000 link/ether ba:d2:e4:c1:7f:48 brd ff:ff:ff:ff:ff:ff inet 10.0.0.8/24 brd 10.0.0.255 scope global br-ex valid_lft forever preferred_lft forever inet6 fe80::b8d2:e4ff:fec1:7f48/64 scope link valid_lft forever preferred_lft forever 9: br-tun: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether ca:5b:f2:bd:65:40 brd ff:ff:ff:ff:ff:ff 13: vxlan_sys_4789: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 65000 qdisc noqueue master ovs-system state UNKNOWN group default qlen 1000 link/ether ca:7f:ae:3b:5a:14 brd ff:ff:ff:ff:ff:ff inet6 fe80::c87f:aeff:fe3b:5a14/64 scope link valid_lft forever preferred_lft forever [0 picasso@controller ~]$ ip r default via 10.0.2.2 dev enp0s3 proto dhcp src 10.0.2.15 metric 100 10.0.0.0/24 dev br-ex proto kernel scope link src 10.0.0.8 10.0.1.0/24 dev enp0s10 proto kernel scope link src 10.0.1.1 10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 10.0.2.2 dev enp0s3 proto dhcp scope link src 10.0.2.15 metric 100 192.168.1.0/24 dev enp0s8 proto kernel scope link src 192.168.1.6 [0 picasso@controller ~]$ neutron net-show "public" +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | True | | availability_zone_hints | | | availability_zones | nova | | created_at | 2020-10-29T18:21:07Z | | description | | | id | 32631db5-7798-47df-8af6-7ee8fca011e4 | | ipv4_address_scope | | | ipv6_address_scope | | | is_default | False | | mtu | 1500 | | name | public | | port_security_enabled | True | | project_id | a0e078d4bac34db89105a2eb0ba4d896 | | provider:network_type | flat | | provider:physical_network | public | | provider:segmentation_id | | | revision_number | 2 | | router:external | True | | shared | True | | status | ACTIVE | | subnets | daab0afa-9adc-4978-9e00-65669b89fec5 | | tags | | | tenant_id | a0e078d4bac34db89105a2eb0ba4d896 | | updated_at | 2020-10-29T18:21:14Z | +---------------------------+--------------------------------------+ [0 picasso@controller ~]$ neutron subnet-show public-subnet +-------------------+----------------------------------------------+ | Field | Value | +-------------------+----------------------------------------------+ | allocation_pools | {"start": "10.0.0.128", "end": "10.0.0.254"} | | cidr | 10.0.0.0/24 | | created_at | 2020-10-29T18:21:14Z | | description | | | dns_nameservers | 10.0.0.1 | | enable_dhcp | False | | gateway_ip | 10.0.0.1 | | host_routes | | | id | daab0afa-9adc-4978-9e00-65669b89fec5 | | ip_version | 4 | | ipv6_address_mode | | | ipv6_ra_mode | | | name | public-subnet | | network_id | 32631db5-7798-47df-8af6-7ee8fca011e4 | | project_id | a0e078d4bac34db89105a2eb0ba4d896 | | revision_number | 0 | | service_types | | | subnetpool_id | | | tags | | | tenant_id | a0e078d4bac34db89105a2eb0ba4d896 | | updated_at | 2020-10-29T18:21:14Z | +-------------------+----------------------------------------------+ [1 picasso@controller ~]$ neutron net-show private +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | True | | availability_zone_hints | | | availability_zones | nova | | created_at | 2020-10-29T18:20:56Z | | description | | | id | b440a536-a69c-42c8-b05d-5f8323f22cc0 | | ipv4_address_scope | | | ipv6_address_scope | | | mtu | 1450 | | name | private | | port_security_enabled | True | | project_id | 682549fcfe3b4645a21b59290e62e453 | | provider:network_type | vxlan | | provider:physical_network | | | provider:segmentation_id | 1 | | revision_number | 2 | | router:external | False | | shared | False | | status | ACTIVE | | subnets | 35a88fb9-e1e6-4195-9c6b-95d96545d4c4 | | tags | | | tenant_id | 682549fcfe3b4645a21b59290e62e453 | | updated_at | 2020-10-29T18:21:02Z | +---------------------------+--------------------------------------+ [0 picasso@controller ~]$ neutron subnet-show private-subnet +-------------------+---------------------------------------------+ | Field | Value | +-------------------+---------------------------------------------+ | allocation_pools | {"start": "10.0.1.10", "end": "10.0.1.254"} | | cidr | 10.0.1.0/24 | | created_at | 2020-10-29T18:21:02Z | | description | | | dns_nameservers | 10.0.0.1 | | enable_dhcp | True | | gateway_ip | 10.0.1.1 | | host_routes | | | id | 35a88fb9-e1e6-4195-9c6b-95d96545d4c4 | | ip_version | 4 | | ipv6_address_mode | | | ipv6_ra_mode | | | name | private-subnet | | network_id | b440a536-a69c-42c8-b05d-5f8323f22cc0 | | project_id | 682549fcfe3b4645a21b59290e62e453 | | revision_number | 0 | | service_types | | | subnetpool_id | | | tags | | | tenant_id | 682549fcfe3b4645a21b59290e62e453 | | updated_at | 2020-10-29T18:21:02Z | +-------------------+---------------------------------------------+ [0 picasso@controller ~]$ neutron router-show public +-------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Field | Value | +-------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | admin_state_up | True | | availability_zone_hints | | | availability_zones | nova | | created_at | 2020-10-29T18:21:20Z | | description | | | distributed | False | | external_gateway_info | {"network_id": "32631db5-7798-47df-8af6-7ee8fca011e4", "external_fixed_ips": [{"subnet_id": "daab0afa-9adc-4978-9e00-65669b89fec5", "ip_address": "10.0.0.169"}], "enable_snat": true} | | flavor_id | | | ha | False | | id | d424d63e-cc93-4d02-afad-5851bc7f96cd | | name | public | | project_id | a0e078d4bac34db89105a2eb0ba4d896 | | revision_number | 4 | | routes | | | status | ACTIVE | | tags | | | tenant_id | a0e078d4bac34db89105a2eb0ba4d896 | | updated_at | 2020-10-29T18:21:28Z | +-------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ [1 picasso@controller ~]$ sudo ovs-vsctl show f2c58de6-9a33-4222-94f5-da1e4a2cfdbb Manager "ptcp:6640:127.0.0.1" is_connected: true Bridge br-tun Controller "tcp:127.0.0.1:6633" is_connected: true fail_mode: secure datapath_type: system Port patch-int Interface patch-int type: patch options: {peer=patch-tun} Port br-tun Interface br-tun type: internal Port "vxlan-c0a801c8" Interface "vxlan-c0a801c8" type: vxlan options: {df_default="true", egress_pkt_mark="0", in_key=flow, local_ip="192.168.1.6", out_key=flow, remote_ip="192.168.1.200"} Bridge br-ex Controller "tcp:127.0.0.1:6633" is_connected: true fail_mode: secure datapath_type: system Port br-ex Interface br-ex type: internal Port phy-br-ex Interface phy-br-ex type: patch options: {peer=int-br-ex} Port "enp0s9" Interface "enp0s9" Bridge br-int Controller "tcp:127.0.0.1:6633" is_connected: true fail_mode: secure datapath_type: system Port "tap456085c0-61" tag: 1 Interface "tap456085c0-61" type: internal Port "qr-0434594d-ee" tag: 1 Interface "qr-0434594d-ee" type: internal Port patch-tun Interface patch-tun type: patch options: {peer=patch-int} Port int-br-ex Interface int-br-ex type: patch options: {peer=phy-br-ex} Port br-int Interface br-int type: internal Port "qg-77ed5bcd-25" tag: 2 Interface "qg-77ed5bcd-25" type: internal ovs_version: "2.12.1" router_name=public ROUTER_ID=$(openstack router show $router_name -f value -c id) QROUTER="qrouter-$ROUTER_ID" [0 picasso@controller ~]$ sudo ip netns exec $QROUTER ifconfig lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 45 bytes 4424 (4.4 KB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 45 bytes 4424 (4.4 KB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 qg-77ed5bcd-25: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.0.0.169 netmask 255.255.255.0 broadcast 10.0.0.255 inet6 fe80::f816:3eff:febc:990c prefixlen 64 scopeid 0x20<link> ether fa:16:3e:bc:99:0c txqueuelen 1000 (Ethernet) RX packets 944 bytes 146787 (146.7 KB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 164 bytes 16468 (16.4 KB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 qr-0434594d-ee: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450 inet 10.0.1.1 netmask 255.255.255.0 broadcast 10.0.1.255 inet6 fe80::f816:3eff:fe5c:9a7d prefixlen 64 scopeid 0x20<link> ether fa:16:3e:5c:9a:7d txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 169 bytes 7550 (7.5 KB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [0 picasso@controller ~]$ sudo ip netns exec $QROUTER ping -c 1 -W 1 10.0.1.1 PING 10.0.1.1 (10.0.1.1) 56(84) bytes of data. 64 bytes from 10.0.1.1: icmp_seq=1 ttl=64 time=0.034 ms --- 10.0.1.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.034/0.034/0.034/0.000 ms [0 picasso@controller ~]$ sudo ip netns exec $QROUTER ping -c 1 -W 1 10.0.1.196 PING 10.0.1.196 (10.0.1.196) 56(84) bytes of data. --- 10.0.1.196 ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 0ms [1 picasso@controller ~]$ sudo ip netns exec $QROUTER ping -c 1 -W 1 10.0.1.169 PING 10.0.1.169 (10.0.1.169) 56(84) bytes of data. --- 10.0.1.169 ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 0ms ---------- Compute node... [1 picasso@compute ~]$ ping -c 1 -W 1 10.0.1.1 PING 10.0.1.1 (10.0.1.1) 56(84) bytes of data. 64 bytes from 10.0.1.1: icmp_seq=1 ttl=64 time=0.425 ms --- 10.0.1.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.425/0.425/0.425/0.000 ms [0 picasso@compute ~]$ ping -c 1 -W 1 10.0.1.12 PING 10.0.1.12 (10.0.1.12) 56(84) bytes of data. --- 10.0.1.12 ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 0ms [1 picasso@compute ~]$ ping -c 1 -W 1 10.0.0.196 PING 10.0.0.196 (10.0.0.196) 56(84) bytes of data. --- 10.0.0.196 ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 0ms [0 picasso@compute ~]$ ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 1000 link/ether 08:00:27:72:b2:e5 brd ff:ff:ff:ff:ff:ff inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic enp0s3 valid_lft 79425sec preferred_lft 79425sec inet6 fe80::a00:27ff:fe72:b2e5/64 scope link valid_lft forever preferred_lft forever 3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 1000 link/ether 02:00:73:9d:41:7d brd ff:ff:ff:ff:ff:ff inet 192.168.1.200/24 brd 192.168.1.255 scope global enp0s8 valid_lft forever preferred_lft forever inet6 fe80::73ff:fe9d:417d/64 scope link valid_lft forever preferred_lft forever 4: enp0s9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 02:00:08:c1:84:db brd ff:ff:ff:ff:ff:ff inet 10.0.1.31/24 brd 10.0.1.255 scope global enp0s9 valid_lft forever preferred_lft forever inet6 fe80::8ff:fec1:84db/64 scope link valid_lft forever preferred_lft forever 5: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 52:54:00:ee:20:86 brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 6: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr0 state DOWN group default qlen 1000 link/ether 52:54:00:ee:20:86 brd ff:ff:ff:ff:ff:ff 7: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether 9e:52:8b:6f:f1:47 brd ff:ff:ff:ff:ff:ff 8: br-int: <BROADCAST,MULTICAST> mtu 1450 qdisc noop state DOWN group default qlen 1000 link/ether 76:e6:90:cc:01:48 brd ff:ff:ff:ff:ff:ff 9: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000 link/ether aa:09:9f:d9:1d:4f brd ff:ff:ff:ff:ff:ff inet6 fe80::a809:9fff:fed9:1d4f/64 scope link valid_lft forever preferred_lft forever 10: br-tun: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether 26:76:22:af:06:40 brd ff:ff:ff:ff:ff:ff 11: vxlan_sys_4789: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 65000 qdisc noqueue master ovs-system state UNKNOWN group default qlen 1000 link/ether 8a:87:fb:68:ec:8c brd ff:ff:ff:ff:ff:ff inet6 fe80::8887:fbff:fe68:ec8c/64 scope link valid_lft forever preferred_lft forever 12: tap9d036770-e1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc fq_codel master ovs-system state UNKNOWN group default qlen 1000 link/ether fe:16:3e:f5:f5:c0 brd ff:ff:ff:ff:ff:ff inet6 fe80::fc16:3eff:fef5:f5c0/64 scope link valid_lft forever preferred_lft forever [0 picasso@compute ~]$ ip r default via 10.0.2.2 dev enp0s3 proto dhcp src 10.0.2.15 metric 100 10.0.1.0/24 dev enp0s9 proto kernel scope link src 10.0.1.31 10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 10.0.2.2 dev enp0s3 proto dhcp scope link src 10.0.2.15 metric 100 192.168.1.0/24 dev enp0s8 proto kernel scope link src 192.168.1.200 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown [130 picasso@compute ~]$ sudo ovs-vsctl show a75bdb8e-9266-48f4-bab5-e119cf07c6af Manager "ptcp:6640:127.0.0.1" is_connected: true Bridge br-tun Controller "tcp:127.0.0.1:6633" is_connected: true fail_mode: secure datapath_type: system Port br-tun Interface br-tun type: internal Port "vxlan-c0a80106" Interface "vxlan-c0a80106" type: vxlan options: {df_default="true", egress_pkt_mark="0", in_key=flow, local_ip="192.168.1.200", out_key=flow, remote_ip="192.168.1.6"} Port patch-int Interface patch-int type: patch options: {peer=patch-tun} Bridge br-int Controller "tcp:127.0.0.1:6633" is_connected: true fail_mode: secure datapath_type: system Port br-int Interface br-int type: internal Port "tap9d036770-e1" tag: 1 Interface "tap9d036770-e1" Port int-br-ex Interface int-br-ex type: patch options: {peer=phy-br-ex} Port patch-tun Interface patch-tun type: patch options: {peer=patch-int} Bridge br-ex Controller "tcp:127.0.0.1:6633" is_connected: true fail_mode: secure datapath_type: system Port phy-br-ex Interface phy-br-ex type: patch options: {peer=int-br-ex} Port br-ex Interface br-ex type: internal ovs_version: "2.12.1"
Does the guest have its internal ip configured as shown by openstack (10.0.1.12)? Did you open the security-group to allow icmp traffic? Zitat von R Kendal <r.kendal@gmail.com>:
I am struggling with the fact that I cannot ping my guest's floating ip.
I have one Controller node and one Compute node brought up with devstack.
Any help would be appreciated! Kendal
Details follow...
Controller node...
[1 picasso@controller ~]$ openstack server list +--------------------------------------+----------+--------+-------------------------------+----------------+----------+ | ID | Name | Status | Networks | Image | Flavor | +--------------------------------------+----------+--------+-------------------------------+----------------+----------+ | c5a7fd0a-61a1-4698-9c12-45b44cb20e54 | myserver | ACTIVE | private=10.0.1.12, 10.0.0.196 | picasso-server | m1.small | +--------------------------------------+----------+--------+-------------------------------+----------------+----------+
[1 picasso@controller ~]$ openstack floating ip list +--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+ | ID | Floating IP Address | Fixed IP Address | Port | Floating Network | Project | +--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+ | 055d825f-9398-4a11-bf5e-ff3d1a9fc8be | 10.0.0.196 | 10.0.1.12 | 9d036770-e1ba-4d5f-8f16-780a066416fd | 32631db5-7798-47df-8af6-7ee8fca011e4 | a0e078d4bac34db89105a2eb0ba4d896 | +--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+
[0 picasso@controller ~]$ ping -c 1 -W 1 10.0.1.1 PING 10.0.1.1 (10.0.1.1) 56(84) bytes of data. 64 bytes from 10.0.1.1: icmp_seq=1 ttl=64 time=0.066 ms --- 10.0.1.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.066/0.066/0.066/0.000 ms
[0 picasso@controller ~]$ ping -c 1 -W 1 10.0.1.12 PING 10.0.1.12 (10.0.1.12) 56(84) bytes of data. --- 10.0.1.12 ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 0ms
[1 picasso@controller ~]$ ping -c 1 -W 1 10.0.0.196 PING 10.0.0.196 (10.0.0.196) 56(84) bytes of data. --- 10.0.0.196 ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 0ms
[0 picasso@controller ~]$ ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 1000 link/ether 08:00:27:72:b2:e5 brd ff:ff:ff:ff:ff:ff inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic enp0s3 valid_lft 77664sec preferred_lft 77664sec inet6 fe80::a00:27ff:fe72:b2e5/64 scope link valid_lft forever preferred_lft forever 3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 1000 link/ether 02:00:68:ed:7c:08 brd ff:ff:ff:ff:ff:ff inet 192.168.1.6/24 brd 192.168.1.255 scope global enp0s8 valid_lft forever preferred_lft forever inet6 fe80::68ff:feed:7c08/64 scope link valid_lft forever preferred_lft forever 4: enp0s9: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc fq_codel master ovs-system state UNKNOWN group default qlen 1000 link/ether 02:00:b6:d5:fe:c5 brd ff:ff:ff:ff:ff:ff inet6 fe80::b6ff:fed5:fec5/64 scope link valid_lft forever preferred_lft forever 5: enp0s10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 02:00:72:74:73:d0 brd ff:ff:ff:ff:ff:ff inet 10.0.1.1/24 brd 10.0.1.255 scope global enp0s10 valid_lft forever preferred_lft forever inet6 fe80::72ff:fe74:73d0/64 scope link valid_lft forever preferred_lft forever 6: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether e6:fd:7a:97:a1:32 brd ff:ff:ff:ff:ff:ff 7: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether f6:38:eb:d2:ce:41 brd ff:ff:ff:ff:ff:ff 8: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000 link/ether ba:d2:e4:c1:7f:48 brd ff:ff:ff:ff:ff:ff inet 10.0.0.8/24 brd 10.0.0.255 scope global br-ex valid_lft forever preferred_lft forever inet6 fe80::b8d2:e4ff:fec1:7f48/64 scope link valid_lft forever preferred_lft forever 9: br-tun: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether ca:5b:f2:bd:65:40 brd ff:ff:ff:ff:ff:ff 13: vxlan_sys_4789: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 65000 qdisc noqueue master ovs-system state UNKNOWN group default qlen 1000 link/ether ca:7f:ae:3b:5a:14 brd ff:ff:ff:ff:ff:ff inet6 fe80::c87f:aeff:fe3b:5a14/64 scope link valid_lft forever preferred_lft forever
[0 picasso@controller ~]$ ip r default via 10.0.2.2 dev enp0s3 proto dhcp src 10.0.2.15 metric 100 10.0.0.0/24 dev br-ex proto kernel scope link src 10.0.0.8 10.0.1.0/24 dev enp0s10 proto kernel scope link src 10.0.1.1 10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 10.0.2.2 dev enp0s3 proto dhcp scope link src 10.0.2.15 metric 100 192.168.1.0/24 dev enp0s8 proto kernel scope link src 192.168.1.6
[0 picasso@controller ~]$ neutron net-show "public" +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | True | | availability_zone_hints | | | availability_zones | nova | | created_at | 2020-10-29T18:21:07Z | | description | | | id | 32631db5-7798-47df-8af6-7ee8fca011e4 | | ipv4_address_scope | | | ipv6_address_scope | | | is_default | False | | mtu | 1500 | | name | public | | port_security_enabled | True | | project_id | a0e078d4bac34db89105a2eb0ba4d896 | | provider:network_type | flat | | provider:physical_network | public | | provider:segmentation_id | | | revision_number | 2 | | router:external | True | | shared | True | | status | ACTIVE | | subnets | daab0afa-9adc-4978-9e00-65669b89fec5 | | tags | | | tenant_id | a0e078d4bac34db89105a2eb0ba4d896 | | updated_at | 2020-10-29T18:21:14Z | +---------------------------+--------------------------------------+
[0 picasso@controller ~]$ neutron subnet-show public-subnet +-------------------+----------------------------------------------+ | Field | Value | +-------------------+----------------------------------------------+ | allocation_pools | {"start": "10.0.0.128", "end": "10.0.0.254"} | | cidr | 10.0.0.0/24 | | created_at | 2020-10-29T18:21:14Z | | description | | | dns_nameservers | 10.0.0.1 | | enable_dhcp | False | | gateway_ip | 10.0.0.1 | | host_routes | | | id | daab0afa-9adc-4978-9e00-65669b89fec5 | | ip_version | 4 | | ipv6_address_mode | | | ipv6_ra_mode | | | name | public-subnet | | network_id | 32631db5-7798-47df-8af6-7ee8fca011e4 | | project_id | a0e078d4bac34db89105a2eb0ba4d896 | | revision_number | 0 | | service_types | | | subnetpool_id | | | tags | | | tenant_id | a0e078d4bac34db89105a2eb0ba4d896 | | updated_at | 2020-10-29T18:21:14Z | +-------------------+----------------------------------------------+
[1 picasso@controller ~]$ neutron net-show private +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | True | | availability_zone_hints | | | availability_zones | nova | | created_at | 2020-10-29T18:20:56Z | | description | | | id | b440a536-a69c-42c8-b05d-5f8323f22cc0 | | ipv4_address_scope | | | ipv6_address_scope | | | mtu | 1450 | | name | private | | port_security_enabled | True | | project_id | 682549fcfe3b4645a21b59290e62e453 | | provider:network_type | vxlan | | provider:physical_network | | | provider:segmentation_id | 1 | | revision_number | 2 | | router:external | False | | shared | False | | status | ACTIVE | | subnets | 35a88fb9-e1e6-4195-9c6b-95d96545d4c4 | | tags | | | tenant_id | 682549fcfe3b4645a21b59290e62e453 | | updated_at | 2020-10-29T18:21:02Z | +---------------------------+--------------------------------------+
[0 picasso@controller ~]$ neutron subnet-show private-subnet +-------------------+---------------------------------------------+ | Field | Value | +-------------------+---------------------------------------------+ | allocation_pools | {"start": "10.0.1.10", "end": "10.0.1.254"} | | cidr | 10.0.1.0/24 | | created_at | 2020-10-29T18:21:02Z | | description | | | dns_nameservers | 10.0.0.1 | | enable_dhcp | True | | gateway_ip | 10.0.1.1 | | host_routes | | | id | 35a88fb9-e1e6-4195-9c6b-95d96545d4c4 | | ip_version | 4 | | ipv6_address_mode | | | ipv6_ra_mode | | | name | private-subnet | | network_id | b440a536-a69c-42c8-b05d-5f8323f22cc0 | | project_id | 682549fcfe3b4645a21b59290e62e453 | | revision_number | 0 | | service_types | | | subnetpool_id | | | tags | | | tenant_id | 682549fcfe3b4645a21b59290e62e453 | | updated_at | 2020-10-29T18:21:02Z | +-------------------+---------------------------------------------+
[0 picasso@controller ~]$ neutron router-show public +-------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Field | Value
| +-------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | admin_state_up | True
| | availability_zone_hints |
| | availability_zones | nova
| | created_at | 2020-10-29T18:21:20Z
| | description |
| | distributed | False
| | external_gateway_info | {"network_id": "32631db5-7798-47df-8af6-7ee8fca011e4", "external_fixed_ips": [{"subnet_id": "daab0afa-9adc-4978-9e00-65669b89fec5", "ip_address": "10.0.0.169"}], "enable_snat": true} | | flavor_id |
| | ha | False
| | id | d424d63e-cc93-4d02-afad-5851bc7f96cd
| | name | public
| | project_id | a0e078d4bac34db89105a2eb0ba4d896
| | revision_number | 4
| | routes |
| | status | ACTIVE
| | tags |
| | tenant_id | a0e078d4bac34db89105a2eb0ba4d896
| | updated_at | 2020-10-29T18:21:28Z
| +-------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[1 picasso@controller ~]$ sudo ovs-vsctl show f2c58de6-9a33-4222-94f5-da1e4a2cfdbb Manager "ptcp:6640:127.0.0.1" is_connected: true Bridge br-tun Controller "tcp:127.0.0.1:6633" is_connected: true fail_mode: secure datapath_type: system Port patch-int Interface patch-int type: patch options: {peer=patch-tun} Port br-tun Interface br-tun type: internal Port "vxlan-c0a801c8" Interface "vxlan-c0a801c8" type: vxlan options: {df_default="true", egress_pkt_mark="0", in_key=flow, local_ip="192.168.1.6", out_key=flow, remote_ip="192.168.1.200"} Bridge br-ex Controller "tcp:127.0.0.1:6633" is_connected: true fail_mode: secure datapath_type: system Port br-ex Interface br-ex type: internal Port phy-br-ex Interface phy-br-ex type: patch options: {peer=int-br-ex} Port "enp0s9" Interface "enp0s9" Bridge br-int Controller "tcp:127.0.0.1:6633" is_connected: true fail_mode: secure datapath_type: system Port "tap456085c0-61" tag: 1 Interface "tap456085c0-61" type: internal Port "qr-0434594d-ee" tag: 1 Interface "qr-0434594d-ee" type: internal Port patch-tun Interface patch-tun type: patch options: {peer=patch-int} Port int-br-ex Interface int-br-ex type: patch options: {peer=phy-br-ex} Port br-int Interface br-int type: internal Port "qg-77ed5bcd-25" tag: 2 Interface "qg-77ed5bcd-25" type: internal ovs_version: "2.12.1"
router_name=public ROUTER_ID=$(openstack router show $router_name -f value -c id) QROUTER="qrouter-$ROUTER_ID"
[0 picasso@controller ~]$ sudo ip netns exec $QROUTER ifconfig lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 45 bytes 4424 (4.4 KB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 45 bytes 4424 (4.4 KB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qg-77ed5bcd-25: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.0.0.169 netmask 255.255.255.0 broadcast 10.0.0.255 inet6 fe80::f816:3eff:febc:990c prefixlen 64 scopeid 0x20<link> ether fa:16:3e:bc:99:0c txqueuelen 1000 (Ethernet) RX packets 944 bytes 146787 (146.7 KB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 164 bytes 16468 (16.4 KB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qr-0434594d-ee: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450 inet 10.0.1.1 netmask 255.255.255.0 broadcast 10.0.1.255 inet6 fe80::f816:3eff:fe5c:9a7d prefixlen 64 scopeid 0x20<link> ether fa:16:3e:5c:9a:7d txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 169 bytes 7550 (7.5 KB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[0 picasso@controller ~]$ sudo ip netns exec $QROUTER ping -c 1 -W 1 10.0.1.1 PING 10.0.1.1 (10.0.1.1) 56(84) bytes of data. 64 bytes from 10.0.1.1: icmp_seq=1 ttl=64 time=0.034 ms --- 10.0.1.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.034/0.034/0.034/0.000 ms
[0 picasso@controller ~]$ sudo ip netns exec $QROUTER ping -c 1 -W 1 10.0.1.196 PING 10.0.1.196 (10.0.1.196) 56(84) bytes of data. --- 10.0.1.196 ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 0ms
[1 picasso@controller ~]$ sudo ip netns exec $QROUTER ping -c 1 -W 1 10.0.1.169 PING 10.0.1.169 (10.0.1.169) 56(84) bytes of data. --- 10.0.1.169 ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 0ms
---------- Compute node...
[1 picasso@compute ~]$ ping -c 1 -W 1 10.0.1.1 PING 10.0.1.1 (10.0.1.1) 56(84) bytes of data. 64 bytes from 10.0.1.1: icmp_seq=1 ttl=64 time=0.425 ms --- 10.0.1.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.425/0.425/0.425/0.000 ms
[0 picasso@compute ~]$ ping -c 1 -W 1 10.0.1.12 PING 10.0.1.12 (10.0.1.12) 56(84) bytes of data. --- 10.0.1.12 ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 0ms
[1 picasso@compute ~]$ ping -c 1 -W 1 10.0.0.196 PING 10.0.0.196 (10.0.0.196) 56(84) bytes of data. --- 10.0.0.196 ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 0ms
[0 picasso@compute ~]$ ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 1000 link/ether 08:00:27:72:b2:e5 brd ff:ff:ff:ff:ff:ff inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic enp0s3 valid_lft 79425sec preferred_lft 79425sec inet6 fe80::a00:27ff:fe72:b2e5/64 scope link valid_lft forever preferred_lft forever 3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 1000 link/ether 02:00:73:9d:41:7d brd ff:ff:ff:ff:ff:ff inet 192.168.1.200/24 brd 192.168.1.255 scope global enp0s8 valid_lft forever preferred_lft forever inet6 fe80::73ff:fe9d:417d/64 scope link valid_lft forever preferred_lft forever 4: enp0s9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 02:00:08:c1:84:db brd ff:ff:ff:ff:ff:ff inet 10.0.1.31/24 brd 10.0.1.255 scope global enp0s9 valid_lft forever preferred_lft forever inet6 fe80::8ff:fec1:84db/64 scope link valid_lft forever preferred_lft forever 5: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 52:54:00:ee:20:86 brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 6: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr0 state DOWN group default qlen 1000 link/ether 52:54:00:ee:20:86 brd ff:ff:ff:ff:ff:ff 7: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether 9e:52:8b:6f:f1:47 brd ff:ff:ff:ff:ff:ff 8: br-int: <BROADCAST,MULTICAST> mtu 1450 qdisc noop state DOWN group default qlen 1000 link/ether 76:e6:90:cc:01:48 brd ff:ff:ff:ff:ff:ff 9: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000 link/ether aa:09:9f:d9:1d:4f brd ff:ff:ff:ff:ff:ff inet6 fe80::a809:9fff:fed9:1d4f/64 scope link valid_lft forever preferred_lft forever 10: br-tun: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether 26:76:22:af:06:40 brd ff:ff:ff:ff:ff:ff 11: vxlan_sys_4789: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 65000 qdisc noqueue master ovs-system state UNKNOWN group default qlen 1000 link/ether 8a:87:fb:68:ec:8c brd ff:ff:ff:ff:ff:ff inet6 fe80::8887:fbff:fe68:ec8c/64 scope link valid_lft forever preferred_lft forever 12: tap9d036770-e1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc fq_codel master ovs-system state UNKNOWN group default qlen 1000 link/ether fe:16:3e:f5:f5:c0 brd ff:ff:ff:ff:ff:ff inet6 fe80::fc16:3eff:fef5:f5c0/64 scope link valid_lft forever preferred_lft forever
[0 picasso@compute ~]$ ip r default via 10.0.2.2 dev enp0s3 proto dhcp src 10.0.2.15 metric 100 10.0.1.0/24 dev enp0s9 proto kernel scope link src 10.0.1.31 10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 10.0.2.2 dev enp0s3 proto dhcp scope link src 10.0.2.15 metric 100 192.168.1.0/24 dev enp0s8 proto kernel scope link src 192.168.1.200 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown
[130 picasso@compute ~]$ sudo ovs-vsctl show a75bdb8e-9266-48f4-bab5-e119cf07c6af Manager "ptcp:6640:127.0.0.1" is_connected: true Bridge br-tun Controller "tcp:127.0.0.1:6633" is_connected: true fail_mode: secure datapath_type: system Port br-tun Interface br-tun type: internal Port "vxlan-c0a80106" Interface "vxlan-c0a80106" type: vxlan options: {df_default="true", egress_pkt_mark="0", in_key=flow, local_ip="192.168.1.200", out_key=flow, remote_ip="192.168.1.6"} Port patch-int Interface patch-int type: patch options: {peer=patch-tun} Bridge br-int Controller "tcp:127.0.0.1:6633" is_connected: true fail_mode: secure datapath_type: system Port br-int Interface br-int type: internal Port "tap9d036770-e1" tag: 1 Interface "tap9d036770-e1" Port int-br-ex Interface int-br-ex type: patch options: {peer=phy-br-ex} Port patch-tun Interface patch-tun type: patch options: {peer=patch-int} Bridge br-ex Controller "tcp:127.0.0.1:6633" is_connected: true fail_mode: secure datapath_type: system Port phy-br-ex Interface phy-br-ex type: patch options: {peer=int-br-ex} Port br-ex Interface br-ex type: internal ovs_version: "2.12.1"
participants (2)
-
Eugen Block
-
R Kendal