[openstack-dev] [Openstack] [qa] How to troubleshoot why a VM at Compute node won't response to ARP request from Neutron router
Shashank Hegde
hegde.shashank at gmail.com
Sun Oct 12 17:26:08 UTC 2014
Hi Danny,
You can ssh into your compute node with X forwarding:
ssh -X user at compute
You can then attach to the VM's console using the command:
vncviewer :<display-number>
You can find the display number using the command:
ps aux | grep kvm
Look for vnc there. Its of the form 127.0.0.1:<display-number>
~ Shashank
On Sun, Oct 12, 2014 at 10:17 AM, Danny Choi (dannchoi) <dannchoi at cisco.com>
wrote:
> I do have security rule configured to allow ICMP.
>
> localadmin at qa4:~/devstack$ nova secgroup-list-rules default
>
> +-------------+-----------+---------+-----------+--------------+
>
> | IP Protocol | From Port | To Port | IP Range | Source Group |
>
> +-------------+-----------+---------+-----------+--------------+
>
> | tcp | 22 | 22 | 0.0.0.0/0 | |
>
> | | | | | default |
>
> | | | | | default |
>
> | icmp | -1 | -1 | 0.0.0.0/0 | |
>
> +-------------+-----------+---------+-----------+———————+
>
>
> Danny
>
> From: Remo Mattei <remo at italy1.com>
> Date: Sunday, October 12, 2014 at 1:00 PM
> To: Danny Choi <dannchoi at cisco.com>
> Cc: "openstack at lists.openstack.org" <openstack at lists.openstack.org>, "
> openstack-dev at lists.openstack.org" <openstack-dev at lists.openstack.org>
> Subject: Re: [Openstack] [qa] How to troubleshoot why a VM at Compute
> node won't response to ARP request from Neutron router
>
> By default icmp is not allowed
>
> Inviato da iPhone ()
>
> Il giorno 12/ott/2014, alle ore 09:25, Danny Choi (dannchoi) <
> dannchoi at cisco.com> ha scritto:
>
> Hi,
>
> Using devstack to deploy OpenStack, I have Controller + Network running
> at one physical node and Compute at a separate node.
>
> I launched a VM at the Compute node with a private address 10.0.0.2
> (Neutron router interface is 10.0.0.1).
>
> At the Controller node, in the qrouter namespace, I could not ping the
> VM private address 10.0.0.2.
>
> At the Compute node, tcpdump of the tap interface indicated ARP requests
> were received.
>
> However, it did not show any ARP response.
>
> My understanding is that the VM’s virtual interface is directly
> connected to this tap interface. Since the VM is unreachable, I cannot
> launch its console to see if the ARP requests are received at the virtual
> interface.
>
> Any suggestions on how to troubleshoot this?
>
> localadmin at qa4:~/devstack$ nova show vm1
>
>
> +--------------------------------------+----------------------------------------------------------------+
>
> | Property | Value
> |
>
>
> +--------------------------------------+----------------------------------------------------------------+
>
> | OS-DCF:diskConfig | MANUAL
> |
>
> | OS-EXT-AZ:availability_zone | nova
> |
>
> | OS-EXT-STS:power_state | 1
> |
>
> | OS-EXT-STS:task_state | -
> |
>
> | OS-EXT-STS:vm_state | active
> |
>
> | OS-SRV-USG:launched_at | 2014-10-12T14:25:15.000000
> |
>
> | OS-SRV-USG:terminated_at | -
> |
>
> | accessIPv4 |
> |
>
> | accessIPv6 |
> |
>
> | config_drive |
> |
>
> | created | 2014-10-12T14:23:30Z
> |
>
> | flavor | m1.tiny (1)
> |
>
> | hostId |
> 00ac69883737ebd290ad4f38cae979a6e268902333261ba6bfbade44 |
>
> | id |
> 04b5a345-cadf-4dee-9209-5bcf589b6a3c |
>
> | image | cirros-0.3.2-x86_64-uec
> (14a55982-a093-4850-80c8-7b2ae3a7eaba) |
>
> | key_name | -
> |
>
> | metadata | {}
> |
>
> | name | vm1
> |
>
> | os-extended-volumes:volumes_attached | []
> |
>
> | private network | 10.0.0.2, 172.29.173.5
> |
>
> | progress | 0
> |
>
> | security_groups | default
> |
>
> | status | ACTIVE
> |
>
> | tenant_id | 90058797dddc49efae4d1f45aa5ab982
> |
>
> | updated | 2014-10-12T14:23:39Z
> |
>
> | user_id | 5ab6344540974a1fbda5b539778ebe35
> |
>
>
> +--------------------------------------+----------------------------------------------------------------+
>
> localadmin at qa4:~/devstack$
>
> localadmin at qa4:~/devstack$ ip netns
>
> qdhcp-f55f0683-830f-4523-82cb-46d638f91d47
>
> qrouter-62aecbdd-d58d-4b33-a743-b16ca38544c5
>
> localadmin at qa4:~/devstack$
>
> localadmin at qa4:~/devstack$
>
> localadmin at qa4:~/devstack$ sudo ip netns exec
> qrouter-62aecbdd-d58d-4b33-a743-b16ca38544c5 ping 10.0.0.2
>
> PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
>
> From 10.0.0.1 icmp_seq=1 Destination Host Unreachable
>
> From 10.0.0.1 icmp_seq=2 Destination Host Unreachable
>
> From 10.0.0.1 icmp_seq=3 Destination Host Unreachable
>
> From 10.0.0.1 icmp_seq=4 Destination Host Unreachable
>
> From 10.0.0.1 icmp_seq=5 Destination Host Unreachable
>
> From 10.0.0.1 icmp_seq=6 Destination Host Unreachable
>
>
>
> localadmin at qa5:~/devstack$ sudo tcpdump -i tapade47169-57
>
> tcpdump: WARNING: tapade47169-57: no IPv4 address assigned
>
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
>
> listening on tapade47169-57, link-type EN10MB (Ethernet), capture size
> 65535 bytes
>
> 11:58:30.042379 ARP, Request who-has 10.0.0.2 tell 10.0.0.1, length 42
>
> 11:58:31.041840 ARP, Request who-has 10.0.0.2 tell 10.0.0.1, length 42
>
> 11:58:32.041848 ARP, Request who-has 10.0.0.2 tell 10.0.0.1, length 42
>
> 11:58:33.044212 ARP, Request who-has 10.0.0.2 tell 10.0.0.1, length 42
>
> 11:58:34.041866 ARP, Request who-has 10.0.0.2 tell 10.0.0.1, length 42
>
>
> Thanks,
> Danny
> !DSPAM:1,543aaefc201211675819574!
>
> _______________________________________________
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack at lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
> !DSPAM:1,543aaefc201211675819574!
>
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20141012/5835d139/attachment.html>
More information about the OpenStack-dev
mailing list