[openstack-dev] Cannot ping or ssh to floating ip assigned to instance [neutron][floating ip]
Shanker Gudipati
shanker.gudipati at tcs.com
Tue Dec 13 05:24:06 UTC 2016
Hi all,
I have devstack setup which of newton version. (Lab setup)
Issue : cannot ping or ssh to floating ip assigned to instance(Security groups are allowed).
172.16.73.0/24 is the external network or lab network.
neutron net-list
+--------------------------------------+----------+-----------------------------------------------------+
| id | name | subnets |
+--------------------------------------+----------+-----------------------------------------------------+
| ccdb22fe-8bae-4378-9b47-82c04a16186e | ext-net | af84a87f-ce6f-4da3-a6bb-5238e97cabd4 172.16.73.0/24 |
| e5999086-9fb1-403b-9273-7bb218ceebe8 | demo-net | 734e5660-807b-4038-9a86-096889f5d188 10.10.1.0/24 |
+--------------------------------------+----------+-----------------------------------------------------+
neutron net-show e5999086-9fb1-403b-9273-7bb218ceebe8
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| availability_zone_hints | |
| availability_zones | nova |
| created_at | 2016-12-12T13:16:49Z |
| description | |
| id | e5999086-9fb1-403b-9273-7bb218ceebe8 |
| ipv4_address_scope | |
| ipv6_address_scope | |
| mtu | 1450 |
| name | demo-net |
| port_security_enabled | True |
| project_id | 03959ecbd383459eaf5d5389ab4372ac |
| provider:network_type | vxlan |
| provider:physical_network | |
| provider:segmentation_id | 61 |
| revision_number | 5 |
| router:external | False |
| shared | False |
| status | ACTIVE |
| subnets | 734e5660-807b-4038-9a86-096889f5d188 |
| tags | |
| tenant_id | 03959ecbd383459eaf5d5389ab4372ac |
| updated_at | 2016-12-12T13:17:31Z |
+---------------------------+--------------------------------------+
neutron net-list
+--------------------------------------+----------+-----------------------------------------------------+
| id | name | subnets |
+--------------------------------------+----------+-----------------------------------------------------+
| ccdb22fe-8bae-4378-9b47-82c04a16186e | ext-net | af84a87f-ce6f-4da3-a6bb-5238e97cabd4 172.16.73.0/24 |
| e5999086-9fb1-403b-9273-7bb218ceebe8 | demo-net | 734e5660-807b-4038-9a86-096889f5d188 10.10.1.0/24 |
+--------------------------------------+----------+-----------------------------------------------------+
ubuntu at ubuntu-HP-Compaq-Elite-8300-SFF:/etc/neutron/plugins/ml2$ neutron router-list
+--------------------------------------+-------------+-----------------------------------------------------+-------------+-------+
| id | name | external_gateway_info | distributed | ha |
+--------------------------------------+-------------+-----------------------------------------------------+-------------+-------+
| ce901ef7-60cd-4d88-828a-3bb5a7e3c9d5 | demo-router | {"network_id": "ccdb22fe- | False | False |
| | | 8bae-4378-9b47-82c04a16186e", "enable_snat": true, | | |
| | | "external_fixed_ips": [{"subnet_id": "af84a87f- | | |
| | | ce6f-4da3-a6bb-5238e97cabd4", "ip_address": | | |
| | | "172.16.73.247"}]} | | |
+--------------------------------------+-------------+-----------------------------------------------------+-------------+-------+
nova floating-ip-list
WARNING: Command floating-ip-list is deprecated and will be removed after Nova 15.0.0 is released. Use python-neutronclient or python-openstackclient instead.
+--------------------------------------+---------------+--------------------------------------+-----------+---------+
| Id | IP | Server Id | Fixed IP | Pool |
+--------------------------------------+---------------+--------------------------------------+-----------+---------+
| 7a5c87ca-d9e1-4340-91b0-3783f946f731 | 172.16.73.242 | f2878936-9938-4e81-8fd5-828ca68d1d3b | 10.10.1.5 | ext-net |
+--------------------------------------+---------------+--------------------------------------+-----------+---------+
ubuntu at ubuntu-HP-Compaq-Elite-8300-SFF:/etc/neutron/plugins/ml2$ nova list
+--------------------------------------+-----------+--------+------------+-------------+-----------------------------------+
| ID ÿ ÿ ÿ ÿ ÿ ÿ ÿ ÿ ÿ ÿ ÿ ÿ ÿ ÿ ÿ ÿ ÿ | Name ÿ ÿ ÿ| Status | Task State | Power State | Networks ÿ ÿ ÿ ÿ ÿ ÿ ÿ ÿ ÿ ÿ ÿ ÿ ÿ|
+--------------------------------------+-----------+--------+------------+-------------+-----------------------------------+
| f2878936-9938-4e81-8fd5-828ca68d1d3b | test_cirr | ACTIVE | - ÿ ÿ ÿ ÿ ÿ| Running ÿ ÿ | demo-net=10.10.1.5, 172.16.73.242 |
+--------------------------------------+-----------+--------+------------+-------------+-----------------------------------+
ubuntu at ubuntu-HP-Compaq-Elite-8300-SFF:/etc/neutron/plugins/ml2$ ping 172.16.73.242
PING 172.16.73.242 (172.16.73.242) 56(84) bytes of data.
>From 172.16.73.55 icmp_seq=1 Destination Host Unreachable
>From 172.16.73.55 icmp_seq=2 Destination Host Unreachable
>From 172.16.73.55 icmp_seq=3 Destination Host Unreachable
^C
--- 172.16.73.242 ping statistics ---
4 packets transmitted, 0 received, +3 errors, 100% packet loss, time 3016ms
pipe 3
ip netns
qrouter-ce901ef7-60cd-4d88-828a-3bb5a7e3c9d5
qdhcp-e5999086-9fb1-403b-9273-7bb218ceebe8
ubuntu at ubuntu-HP-Compaq-Elite-8300-SFF:/etc/neutron/plugins/ml2$ sudo ip netns exec qrouter-ce901ef7-60cd-4d88-828a-3bb5a7e3c9d5 ifconfig -a
lo ÿ ÿ ÿ ÿLink encap:Local Loopback ÿ
ÿÿ ÿ ÿ ÿ ÿinet addr:127.0.0.1 ÿMask:255.0.0.0
ÿÿ ÿ ÿ ÿ ÿinet6 addr: ::1/128 Scope:Host
ÿÿ ÿ ÿ ÿ ÿUP LOOPBACK RUNNING ÿMTU:65536 ÿMetric:1
ÿÿ ÿ ÿ ÿ ÿRX packets:10 errors:0 dropped:0 overruns:0 frame:0
ÿÿ ÿ ÿ ÿ ÿTX packets:10 errors:0 dropped:0 overruns:0 carrier:0
ÿÿ ÿ ÿ ÿ ÿcollisions:0 txqueuelen:0
ÿÿ ÿ ÿ ÿ ÿRX bytes:1008 (1.0 KB) ÿTX bytes:1008 (1.0 KB)
qg-3eab0d31-a5 Link encap:Ethernet ÿHWaddr fa:16:3e:a9:96:30 ÿ
ÿÿ ÿ ÿ ÿ ÿinet addr:172.16.73.247 ÿBcast:172.16.73.255 ÿMask:255.255.255.0
ÿÿ ÿ ÿ ÿ ÿinet6 addr: fe80::f816:3eff:fea9:9630/64 Scope:Link
ÿÿ ÿ ÿ ÿ ÿUP BROADCAST RUNNING ÿMTU:1500 ÿMetric:1
ÿÿ ÿ ÿ ÿ ÿRX packets:76 errors:0 dropped:0 overruns:0 frame:0
ÿÿ ÿ ÿ ÿ ÿTX packets:38 errors:0 dropped:0 overruns:0 carrier:0
ÿÿ ÿ ÿ ÿ ÿcollisions:0 txqueuelen:0
ÿÿ ÿ ÿ ÿ ÿRX bytes:25992 (25.9 KB) ÿTX bytes:2112 (2.1 KB)
qr-e87b6f5b-f7 Link encap:Ethernet ÿHWaddr fa:16:3e:e1:c0:29 ÿ
ÿÿ ÿ ÿ ÿ ÿinet addr:10.10.1.1 ÿBcast:10.10.1.255 ÿMask:255.255.255.0
ÿÿ ÿ ÿ ÿ ÿinet6 addr: fe80::f816:3eff:fee1:c029/64 Scope:Link
ÿÿ ÿ ÿ ÿ ÿUP BROADCAST RUNNING ÿMTU:1450 ÿMetric:1
ÿÿ ÿ ÿ ÿ ÿRX packets:118 errors:0 dropped:0 overruns:0 frame:0
ÿÿ ÿ ÿ ÿ ÿTX packets:90 errors:0 dropped:0 overruns:0 carrier:0
ÿÿ ÿ ÿ ÿ ÿcollisions:0 txqueuelen:0
ÿÿ ÿ ÿ ÿ ÿRX bytes:11251 (11.2 KB) ÿTX bytes:8442 (8.4 KB)
ubuntu at ubuntu-HP-Compaq-Elite-8300-SFF:/etc/neutron/plugins/ml2$ sudo ip netns exec qdhcp-e5999086-9fb1-403b-9273-7bb218ceebe8 ifconfig -a
lo ÿ ÿ ÿ ÿLink encap:Local Loopback ÿ
ÿÿ ÿ ÿ ÿ ÿinet addr:127.0.0.1 ÿMask:255.0.0.0
ÿÿ ÿ ÿ ÿ ÿinet6 addr: ::1/128 Scope:Host
ÿÿ ÿ ÿ ÿ ÿUP LOOPBACK RUNNING ÿMTU:65536 ÿMetric:1
ÿÿ ÿ ÿ ÿ ÿRX packets:0 errors:0 dropped:0 overruns:0 frame:0
ÿÿ ÿ ÿ ÿ ÿTX packets:0 errors:0 dropped:0 overruns:0 carrier:0
ÿÿ ÿ ÿ ÿ ÿcollisions:0 txqueuelen:0
ÿÿ ÿ ÿ ÿ ÿRX bytes:0 (0.0 B) ÿTX bytes:0 (0.0 B)
tap0bc58d9f-af Link encap:Ethernet ÿHWaddr fa:16:3e:51:b8:99 ÿ
ÿÿ ÿ ÿ ÿ ÿinet addr:10.10.1.2 ÿBcast:10.10.1.255 ÿMask:255.255.255.0
ÿÿ ÿ ÿ ÿ ÿinet6 addr: fe80::f816:3eff:fe51:b899/64 Scope:Link
ÿÿ ÿ ÿ ÿ ÿUP BROADCAST RUNNING ÿMTU:1450 ÿMetric:1
ÿÿ ÿ ÿ ÿ ÿRX packets:30 errors:0 dropped:0 overruns:0 frame:0
ÿÿ ÿ ÿ ÿ ÿTX packets:28 errors:0 dropped:0 overruns:0 carrier:0
ÿÿ ÿ ÿ ÿ ÿcollisions:0 txqueuelen:0
ÿÿ ÿ ÿ ÿ ÿRX bytes:2858 (2.8 KB) ÿTX bytes:2719 (2.7 KB)
sudo ip netns exec qdhcp-e5999086-9fb1-403b-9273-7bb218ceebe8 ÿping 10.10.1.2PING 10.10.1.2 (10.10.1.2) 56(84) bytes of data.
64 bytes from 10.10.1.2: icmp_seq=1 ttl=64 time=0.040 ms
64 bytes from 10.10.1.2: icmp_seq=2 ttl=64 time=0.036 ms
^C
--- 10.10.1.2 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.036/0.038/0.040/0.002 ms
ubuntu at ubuntu-HP-Compaq-Elite-8300-SFF:/etc/neutron/plugins/ml2$ sudo ip netns exec qdhcp-e5999086-9fb1-403b-9273-7bb218ceebe8 ÿping 172.16.73.247
PING 172.16.73.247 (172.16.73.247) 56(84) bytes of data.
64 bytes from 172.16.73.247: icmp_seq=1 ttl=64 time=0.253 ms
64 bytes from 172.16.73.247: icmp_seq=2 ttl=64 time=0.295 ms
^C
--- 172.16.73.247 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.253/0.274/0.295/0.021 ms
ubuntu at ubuntu-HP-Compaq-Elite-8300-SFF:/etc/neutron/plugins/ml2$ sudo ip netns exec qrouter-ce901ef7-60cd-4d88-828a-3bb5a7e3c9d5 ÿping 10.10.1.2
PING 10.10.1.2 (10.10.1.2) 56(84) bytes of data.
64 bytes from 10.10.1.2: icmp_seq=1 ttl=64 time=0.264 ms
64 bytes from 10.10.1.2: icmp_seq=2 ttl=64 time=0.061 ms
^C
--- 10.10.1.2 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.061/0.162/0.264/0.102 ms
ubuntu at ubuntu-HP-Compaq-Elite-8300-SFF:/etc/neutron/plugins/ml2$ sudo ip netns exec qrouter-ce901ef7-60cd-4d88-828a-3bb5a7e3c9d5 ÿping 172.16.73.247
PING 172.16.73.247 (172.16.73.247) 56(84) bytes of data.
64 bytes from 172.16.73.247: icmp_seq=1 ttl=64 time=0.041 ms
64 bytes from 172.16.73.247: icmp_seq=2 ttl=64 time=0.049 ms
^C
--- 172.16.73.247 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.041/0.045/0.049/0.004 ms
IMPORTANT :
sudo ip netns exec qrouter-ce901ef7-60cd-4d88-828a-3bb5a7e3c9d5ÿ ping 172.16.73.1
PING 172.16.73.1 (172.16.73.1) 56(84) bytes of data.
>From 172.16.73.247 icmp_seq=1 Destination Host Unreachable
>From 172.16.73.247 icmp_seq=2 Destination Host Unreachable
>From 172.16.73.247 icmp_seq=3 Destination Host Unreachable
>From 172.16.73.247 icmp_seq=4 Destination Host Unreachable
>From 172.16.73.247 icmp_seq=5 Destination Host Unreachable
>From 172.16.73.247 icmp_seq=6 Destination Host Unreachable
>From 172.16.73.247 icmp_seq=7 Destination Host Unreachable
>From 172.16.73.247 icmp_seq=8 Destination Host Unreachable
>From 172.16.73.247 icmp_seq=9 Destination Host Unreachable
ip r
default via 172.16.73.1 dev eth0
default dev br-intÿ scope linkÿ metric 1037
default dev br-exÿ scope linkÿ metric 1038
default dev br-tunÿ scope linkÿ metric 1039
169.254.0.0/16 dev br-tunÿ proto kernelÿ scope linkÿ src 169.254.6.191
169.254.0.0/16 dev br-exÿ proto kernelÿ scope linkÿ src 169.254.8.54
169.254.0.0/16 dev br-intÿ proto kernelÿ scope linkÿ src 169.254.6.25
172.16.73.0/24 dev eth0ÿ proto kernelÿ scope linkÿ src 172.16.73.55
192.168.122.0/24 dev virbr0ÿ proto kernelÿ scope linkÿ src 192.168.122.1
ovs-vsctl show
sudo ovs-vsctl show
c7c1de41-26ab-42c0-8db5-d805133bb801
ÿÿÿ Manager "ptcp:6640:127.0.0.1"
ÿÿÿÿÿÿÿ is_connected: true
ÿÿÿ Bridge br-int
ÿÿÿÿÿÿÿ Controller "tcp:127.0.0.1:6633"
ÿÿÿÿÿÿÿÿÿÿÿ is_connected: true
ÿÿÿÿÿÿÿ fail_mode: secure
ÿÿÿÿÿÿÿ Port "tap0bc58d9f-af"
ÿÿÿÿÿÿÿÿÿÿÿ tag: 41
ÿÿÿÿÿÿÿÿÿÿÿ Interface "tap0bc58d9f-af"
ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ type: internal
ÿÿÿÿÿÿÿ Port "qg-3eab0d31-a5"
ÿÿÿÿÿÿÿÿÿÿÿ tag: 42
ÿÿÿÿÿÿÿÿÿÿÿ Interface "qg-3eab0d31-a5"
ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ type: internal
ÿÿÿÿÿÿÿ Port int-br-ex
ÿÿÿÿÿÿÿÿÿÿÿ Interface int-br-ex
ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ type: patch
ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ options: {peer=phy-br-ex}
ÿÿÿÿÿÿÿ Port "qvoc32c7705-21"
ÿÿÿÿÿÿÿÿÿÿÿ tag: 41
ÿÿÿÿÿÿÿÿÿÿÿ Interface "qvoc32c7705-21"
ÿÿÿÿÿÿÿ Port br-int
ÿÿÿÿÿÿÿÿÿÿÿ Interface br-int
ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ type: internal
ÿÿÿÿÿÿÿ Port "qr-e87b6f5b-f7"
ÿÿÿÿÿÿÿÿÿÿÿ tag: 41
ÿÿÿÿÿÿÿÿÿÿÿ Interface "qr-e87b6f5b-f7"
ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ type: internal
ÿÿÿÿÿÿÿ Port patch-tun
ÿÿÿÿÿÿÿÿÿÿÿ Interface patch-tun
ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ type: patch
ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ options: {peer=patch-int}
ÿÿÿ Bridge br-ex
ÿÿÿÿÿÿÿ Controller "tcp:127.0.0.1:6633"
ÿÿÿÿÿÿÿÿÿÿÿ is_connected: true
ÿÿÿÿÿÿÿ fail_mode: secure
ÿÿÿÿÿÿÿ Port br-ex
ÿÿÿÿÿÿÿÿÿÿÿ Interface br-ex
ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ type: internal
ÿÿÿÿÿÿÿ Port phy-br-ex
ÿÿÿÿÿÿÿÿÿÿÿ Interface phy-br-ex
ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ type: patch
ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ options: {peer=int-br-ex}
ÿÿÿ Bridge br-tun
ÿÿÿÿÿÿÿ Controller "tcp:127.0.0.1:6633"
ÿÿÿÿÿÿÿÿÿÿÿ is_connected: true
ÿÿÿÿÿÿÿ fail_mode: secure
ÿÿÿÿÿÿÿ Port br-tun
ÿÿÿÿÿÿÿÿÿÿÿ Interface br-tun
ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ type: internal
ÿÿÿÿÿÿÿ Port patch-int
ÿÿÿÿÿÿÿÿÿÿÿ Interface patch-int
ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ type: patch
ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ options: {peer=patch-tun}
ÿÿÿ ovs_version: "2.0.2"
Unable to ping the gateway of external network from router namesapce. 172.16.73.1 is the gateway of public network. Please reply if you need any info.
Please help. thanks in advance.
regards
Shanker
=====-----=====-----=====
Notice: The information contained in this e-mail
message and/or attachments to it may contain
confidential or privileged information. If you are
not the intended recipient, any dissemination, use,
review, distribution, printing or copying of the
information contained in this e-mail message
and/or attachments to it are strictly prohibited. If
you have received this communication in error,
please notify us by reply e-mail or telephone and
immediately and permanently delete the message
and any attachments. Thank you
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20161213/b3df2583/attachment.html>
More information about the OpenStack-dev
mailing list