Cannot ssh/ping instance

Celinio Fernandes cel975 at yahoo.com
Thu Jan 20 14:58:07 UTC 2022


 Thanks. I tried this on the host :

sudo ifconfig br-ex 172.24.4.1  netmask 255.255.255.0 up
sudo iptables -t nat -A POSTROUTING -s 172.24.4.254/24  -o wlo1 -j MASQUERADE

I then connect to the VM through ssh and still no internet:
sudo apt-get update returns :
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/focal/InRelease  Temporary failure resolving 'archive.ubuntu.com'

Any other suggestion please ?



    On Thursday, January 20, 2022, 11:46:12 AM GMT+1, Slawek Kaplonski <skaplons at redhat.com> wrote:  
 
 Hi,

In devstack, we are configureing MASQUARADE for the FLOATINT_RANGE to be able 
to go outside the devstack node. See https://github.com/openstack/devstack/
blob/24b65adc9cedff9c7a8ab412fb39613ef5d4a627/lib/neutron-legacy#L704 for the 
details. Maybe You need to configure something like that on Your setup?

On środa, 19 stycznia 2022 23:29:35 CET Celinio Fernandes wrote:
>  Hi,still trying to reach the external network from inside the VM.I have not
> set up any DNS server on any of the interfaces (shared and public).Do i need
> to add one ?
> 
> 
> 
> 
>    On Sunday, January 16, 2022, 02:12:00 PM GMT+1, Celinio Fernandes
> <cel975 at yahoo.com> wrote:
> 
>  Hi,
> I can ssh into the instance now but I noticed the VM does not have any
> external network access (internet). Before I dig any deeper into that
> problem, does anyone know what configuration i need to set up for that ? I
> already added 2 new security rules to make sure I can access HTTP and HTTPS
> ports (80 and 443), in vain : Ingress  IPv4  TCP  80 (HTTP)  0.0.0.0/0
> Ingress  IPv4  TCP  443 (HTTPS)  0.0.0.0/0
> 
> 
> Thanks.
> 
>    On Saturday, January 15, 2022, 12:29:40 AM GMT+1, Celinio Fernandes
> <cel975 at yahoo.com> wrote:
> 
>  Thanks very much for your help.
> Before you replied, I tried what you wrote but on the wrong interfaces :
> enp0s3 and virbr0.
> I had no idea I needed to add the IP address from the public network's 
subnet
> on the br-ex interface. So to ping/ssh the floating IP this is what I did :
> ip link set dev br-ex up
> ip link set dev br-ex state up
> sudo ip addr add 172.24.4.254/24 dev br-ex
> And then I can finally ping the floating IP :
> ping 172.24.4.133
> And I can also ssh into the VM :
> ssh cirros at 172.24.4.133
> 
> Thanks again :)
> 
> 
> 
>    On Sunday, January 9, 2022, 08:21:18 PM GMT+1, Slawek Kaplonski
> <skaplons at redhat.com> wrote:
> 
>  Hi,
> 
> On niedziela, 9 stycznia 2022 09:17:18 CET Celinio Fernandes wrote:
> > Hi,
> > I am running Ubuntu Server 20.04 LTS on Virtualbox. I installed OpenStack
> > (Xena release) through Devstack. Here is the content of my
> > /opt/stack/devstack/local.conf file :
> > [[local|localrc]]
> > ADMIN_PASSWORD=secret
> > DATABASE_PASSWORD=$ADMIN_PASSWORD
> > RABBIT_PASSWORD=$ADMIN_PASSWORD
> > SERVICE_PASSWORD=$ADMIN_PASSWORD
> > HOST_IP=10.0.2.15
> > 
> > 
> > I created an instance through Horizon. The security group contains the
> > 2 rules needed (one to be able to ping and one to be able to ssh the
> > instance). I also allocated and associated a floating IP address. And a ssh
> > key pair.
> > 
> > Here is the configuration :
> > openstack server list
> > ---------------------------------+--------------------------+---------+
> > 
> > | ID  | Name | Status | Networks | Image  | Flavor  |
> > 
> > ---------------------------------+--------------------------+---------+
> > 
> > | f5f0fdd5-298b-4fa3-9ee9-e6e4288f4327 | InstanceJanvier | ACTIVE |
> > | shared=172.24.4.133, 192.168.233.165 | cirros-0.5.2-x86_64-disk | 
m1.nano
> > 
> > ------------------------------------------------------+
> > 
> > 
> > openstack network list :
> > ------------------------------------------------------+
> > 
> > | ID    | Name    | Subnets            |
> > 
> > ------------------------------------------------------+
> > 
> > | 96a04799-7fc7-4525-b05c-ad57261aed38 | public  |
> > | 07ce42db-6f3f-4135-ace7-2fc104ea62a0,
> > | 6dba13fc-b10c-48b1-b1b4-e1f1afe25b53
> > | 
> > | | c42638dc-fa56-4644-ad34-295fce4811d2 | shared  |
> > | 
> > | a4e2d8cc-02b2-42e2-a525-e0eebbb08980                                    
 
> > | 
> > | | ffb8a527-266e-4e96-ad60-f7e9aba8f0c1 | private |
> > | 
> > | 42e36677-cf3c-4df4-88a1-8cf79b9d6060,
> > | e507e6dd-132a-4249-96b1-83761562dd73
> > 
> > ------------------------------------------------------+
> > 
> > openstack router list :
> > +--------------------------------------+----------------+--------+------
> > 
> > | ID    | Name  | Status | State | Project                          |
> > 
> > +--------------------------------------+----------------+--------+------
> > 
> > | b9a15051-a532-4c93-95ad-53c057720c62 | Virtual_router | ACTIVE | UP    |
> > | 6556c02dd88f4c45b535c2dbb8ba1a04 |
> > 
> > +--------------------------------------+----------------+--------+------
> > 
> > 
> > I cannot ping/ssh neither the fixed IP address or the floating IP address :
> > ping -c 3 172.24.4.133
> > PING 172.24.4.133 (172.24.4.133) 56(84) bytes of data.
> > --- 172.24.4.133 ping statistics ---
> > 3 packets transmitted, 0 received, 100% packet loss, time 2035ms
> > 
> > ping -c 3 192.168.233.165
> > PING 192.168.233.165 (192.168.233.165) 56(84) bytes of data.
> > --- 192.168.233.165 ping statistics ---
> > 3 packets transmitted, 0 received, 100% packet loss, time 2035ms
> > 
> > Maybe that has something to do with the network namespaces configuration on
> > Ubuntu. Does anyone know what could go wrong or what is missing ?
> > Thanks for helping.
> 
> If You are trying to ping Floating IP directly from the host where devstack
> is installed (Virtualbox VM in Your case IIUC) then You should first have
> those floating IP addresses somehow reachable on the host, otherwise traffic
> is probably going through default gateway so is going outside the VM.
> If You are using ML2/OVN (default in Devstack) or ML2/OVS You probably have
> in the openvswitch bridge called br-ex which is used to send external
> network traffic from the OpenStack networks in Devstack. In such case You
> can e.g. add some IP address from the public network's subnet on the br-ex
> interface, like 192.168.233.254/24 - that will tell Your OS to reach that
> subnet through br- ex, so traffic will be able to go "into" the OVS managed
> by Neutron.



-- 
Slawek Kaplonski
Principal Software Engineer
Red Hat  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20220120/1c96120c/attachment-0001.htm>


More information about the openstack-discuss mailing list