[Openstack] problem with metadata and ping

Jay S Bryant jsbryant at us.ibm.com
Wed Apr 24 15:55:12 UTC 2013 

Arindam,

Ooops, I had a typo.   The command should have been:  iptables -I input -i 
tap+ -p udp -dport 67:68 --sport 67:68 -j ACCEPT

You need the iptables configuration on the system where dnsmasq is 
running.  It shouldn't be necessary in the compute nodes that are being 
booted.


Jay S. Bryant
Linux Developer - 
    OpenStack Enterprise Edition
                   
Department 7YLA, Building 015-2, Office E125, Rochester, MN
Telephone: (507) 253-4270, FAX (507) 253-6410
TIE Line: 553-4270
E-Mail:  jsbryant at us.ibm.com
--------------------------------------------------------------------
 All the world's a stage and most of us are desperately unrehearsed.
                   -- Sean O'Casey
--------------------------------------------------------------------



From:   Arindam Choudhury <arindam at live.com>
To:     Jay S Bryant/Rochester/IBM at IBMUS, openstack 
<openstack at lists.launchpad.net>, 
Date:   04/24/2013 10:47 AM
Subject:        RE: [Openstack] problem with metadata and ping



Hi,

Thanks for your reply.

The dnsmasq is running properly.

when I tried to run iptables -I input -i tap+ -p udp 67:68 --sport 67:68 
-j ACCEPT 
it says, 
#  iptables -I input -i tap+ -p udp 67:68 --sport 67:68 -j ACCEPT
Bad argument `67:68'

Do I have to do this iptables configuration in controller or in compute 
nodes also.

To: arindam at live.com
Subject: Re: [Openstack] problem with metadata and ping
From: jsbryant at us.ibm.com
Date: Wed, 24 Apr 2013 10:17:41 -0500

Arindam, 

I saw a similar problem with quantum.  If you have iptables running on the 
hosting system you may need to update the rules to allow the DHCP Discover 
packet through:  iptables -I input -i tap+ -p udp 67:68 --sport 67:68 -j 
ACCEPT 

Also ensure that dnsmasq is running properly. 



Jay S. Bryant
Linux Developer - 
   OpenStack Enterprise Edition
                  
Department 7YLA, Building 015-2, Office E125, Rochester, MN
Telephone: (507) 253-4270, FAX (507) 253-6410
TIE Line: 553-4270
E-Mail:  jsbryant at us.ibm.com
--------------------------------------------------------------------
All the world's a stage and most of us are desperately unrehearsed.
                  -- Sean O'Casey
-------------------------------------------------------------------- 



From:        Arindam Choudhury <arindam at live.com> 
To:        openstack <openstack at lists.launchpad.net>, 
Date:        04/24/2013 10:12 AM 
Subject:        Re: [Openstack] problem with metadata and ping 
Sent by:        "Openstack" 
<openstack-bounces+jsbryant=us.ibm.com at lists.launchpad.net> 




hi,

I was misled by this:

[(keystone_user)]$ nova list
+--------------------------------------+--------+--------+-----------------------+
| ID                                   | Name   | Status | Networks  |
+--------------------------------------+--------+--------+-----------------------+
| 122ceb44-0b2d-442f-bb4b-c5a8cdbcb757 | cirros | ACTIVE | 
private=192.168.100.2 |
+--------------------------------------+--------+--------+-----------------------+

This is a nova-network problem.

From: arindam at live.com
To: openstack at lists.launchpad.net
Date: Wed, 24 Apr 2013 16:12:47 +0200
Subject: [Openstack] problem with metadata and ping

Hi,

I having problem with metadata service. I am using nova-network. The 
console log says:

Starting network... 
udhcpc (v1.18.5) started 
Sending discover... 
Sending discover... 
Sending discover... 
No lease, failing 
WARN: /etc/rc3.d/S40network failed 
cloudsetup: checking http://169.254.169.254/20090404/metadata/instanceid 
wget: can't connect to remote host (169.254.169.254): Network is 
unreachable 
cloudsetup: failed 1/30: up 10.06. request failed.

the whole console log is here: 
https://gist.github.com/arindamchoudhury/5452385
my nova.conf is here: https://gist.github.com/arindamchoudhury/5452410

[(keystone_user)]$ nova network-list 
+----+---------+------------------+
| ID | Label   | Cidr             |
+----+---------+------------------+
| 1  | private | 192.168.100.0/24 |
+----+---------+------------------+
[(keystone_user)]$ nova secgroup-list
+---------+-------------+
| Name    | Description |
+---------+-------------+
| default | default     |
+---------+-------------+
[(keystone_user)]$ nova secgroup-list-rules default
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range  | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp        | -1        | -1      | 0.0.0.0/0 |              |
| tcp         | 22        | 22      | 0.0.0.0/0 |              |
+-------------+-----------+---------+-----------+--------------+



_______________________________________________ Mailing list: 
https://launchpad.net/~openstack Post to : openstack at lists.launchpad.net 
Unsubscribe : https://launchpad.net/~openstack More help : 
https://help.launchpad.net/ListHelp
_______________________________________________
Mailing list: https://launchpad.net/~openstack
Post to     : openstack at lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help   : https://help.launchpad.net/ListHelp

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20130424/21811c46/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 4229 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20130424/21811c46/attachment.jpe>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 4229 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20130424/21811c46/attachment-0001.jpe>

More information about the Openstack mailing list