[Openstack-operators] [Grizzly] Multiple l3-agent hosts, single network.
Darragh O'Reilly
dara2002-openstack at yahoo.com
Tue Oct 1 15:02:39 UTC 2013
Sam,
being able to reach http but not https sites sounds like the mtu issue we have seen before. As a quick test try reducing the mtu on the instance:
$ sudo ip link set mtu 1400 dev eth0
and see if the wget to the https site works.
Re, Darragh.
>Hello,
>
>
>I have two external network hosts (test1 and test2) both running the l3 agent on the same network (XXX.YYY.0.0/24). I am using OVS/namespace/gre networking. When a neutron/quantum router is set to use the l3-agent on test1 everything works fine. If I set the same router to use the l3-agent on test2 I experience some odd problems: From within a VM using the router on test2 I can wget files from http sites but not from https sites. I have noticed that the iptables (not within any namespace) are VERY different for the two servers:
>
>
>Working l3-agent (test1) iptables: http://paste.openstack.org/show/47695/
>Non-working l3-agent (test2) iptables: http://paste.openstack.org/show/47696/
>
>
>Notice that the iptables for test1 contain chains for the security groups such as quantum-openvswi-i435b8f52-6. I do not see anything like this on test2.
>
>
>
>
>Does anyone have any idea what might be causing this issue?
>
>
>Thanks!
>Sam
>
>
>
>
>_______________________________________________
>OpenStack-operators mailing list
>OpenStack-operators at lists.openstack.org
>http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>
>
>
More information about the OpenStack-operators
mailing list