Hi guys. What I expected turns out not to be enough, must be something trivial - what am I missing? I set a port with --allowed-address and on the instance/guest using the port I did: -> $ ip add add 10.0.1.99/24 dev eth1 yet that IP other guest cannot reach. many thanks, L.
Couple of things to try - At the VM level, ping your own address on eth1 to see if local traffic works. - Using your existing port config, capture traffic at the VM level to see if the packets are reaching the VM. - Disable port-security on the port level and validate if the traffic is reaching the VM. - If you have access to the compute, capture traffic at the interface/tap/bridge level. Where to capture will depend on if you are using OVS/OVN/Linux-bridge. - I do believe that even with allowed-address on the port, you will need to have the corresponding traffic allowed in your sec-group. Can you paste the port info with "openstack port show $port_id_here"? On Mon, Oct 25, 2021 at 10:23 AM lejeczek <peljasz@yahoo.co.uk> wrote:
Hi guys.
What I expected turns out not to be enough, must be something trivial - what am I missing? I set a port with --allowed-address and on the instance/guest using the port I did: -> $ ip add add 10.0.1.99/24 dev eth1 yet that IP other guest cannot reach.
many thanks, L.
On 25/10/2021 15:20, lejeczek wrote:
Hi guys.
What I expected turns out not to be enough, must be something trivial - what am I missing? I set a port with --allowed-address and on the instance/guest using the port I did: -> $ ip add add 10.0.1.99/24 dev eth1 yet that IP other guest cannot reach.
many thanks, L.
turns out, even though I do not admin but only consume that deployment, is was "trivial" router missing on my part/end. thanks, L.
participants (2)
-
Laurent Dumont
-
lejeczek