Open Stack

The regular conf files look fine, from the physical network host, 
nslookup works fine, I also tried with iptables stopped on the network 
host, it doesn't help.

Below is some output from tcpdump run on the network host:
(10.0.1.3 is the dns server for the VM network, 10.0.1.5 is an instance)

I can resolve names for other VMs within the same VM subnet:

12:03:13.862982 IP 10.0.1.5.49737 > 10.0.1.3.domain: 42560+ PTR? 
2.1.0.10.in-addr.arpa. (39)
12:03:13.863109 IP 10.0.1.3.domain > 10.0.1.5.49737: 42560* 1/0/0 PTR 
host-10-0-1-2.openstacklocal. (81)

But when I try "nslookup www.google.com", it gave the "Refused" message:

12:03:21.991820 IP 10.0.1.5.56262 > 10.0.1.3.domain: 39784+ A? 
www.google.com. (32)
12:03:21.991931 IP 10.0.1.3.domain > 10.0.1.5.56262: 39784 Refused 0/0/0 
(32)
12:03:21.992711 IP 10.0.1.5.47311 > 10.0.1.3.domain: 38835+ A? 
www.google.com.openstacklocal. (47)
12:03:21.992788 IP 10.0.1.3.domain > 10.0.1.5.47311: 38835 Refused 0/0/0 
(47)

The error message from the instance is "server can't find 
www.google.com.openstacklocal: REFUSED"

Below is the dnsmasq processes running on the network host (the 
-conf-file is empty, is that normal?) :

nobody   28843     1  0 Nov13 ?        00:00:00 dnsmasq --no-hosts 
--no-resolv --strict-order --bind-interfaces --interface=tap4aafbf9c-49 
--except-interface=lo 
--pid-file=/var/lib/quantum/dhcp/fea3d2fb-2b50-47e8-ba28-e68f094606bc/pid --dhcp-hostsfile=/var/lib/quantum/dhcp/fea3d2fb-2b50-47e8-ba28-e68f094606bc/host 
--dhcp-optsfile=/var/lib/quantum/dhcp/fea3d2fb-2b50-47e8-ba28-e68f094606bc/opts 
--dhcp-script=/usr/bin/quantum-dhcp-agent-dnsmasq-lease-update 
--leasefile-ro --dhcp-range=tag0,10.0.1.0,static,120s --conf-file= 
--domain=openstacklocal
root     28844 28843  0 Nov13 ?        00:00:00 dnsmasq --no-hosts 
--no-resolv --strict-order --bind-interfaces --interface=tap4aafbf9c-49 
--except-interface=lo 
--pid-file=/var/lib/quantum/dhcp/fea3d2fb-2b50-47e8-ba28-e68f094606bc/pid --dhcp-hostsfile=/var/lib/quantum/dhcp/fea3d2fb-2b50-47e8-ba28-e68f094606bc/host 
--dhcp-optsfile=/var/lib/quantum/dhcp/fea3d2fb-2b50-47e8-ba28-e68f094606bc/opts 
--dhcp-script=/usr/bin/quantum-dhcp-agent-dnsmasq-lease-update 
--leasefile-ro --dhcp-range=tag0,10.0.1.0,static,120s --conf-file= 
--domain=openstacklocal

Any help will be greatly appreciated.

Thanks,
Xin



On 11/12/2013 6:55 PM, Remo Mattei wrote:
> RH does have firewall rules you may want to see if DNS is going out. I 
> know you said that it goes outside but you can also check the order if 
> in nsswitch.conf  etc..
>
> Have a good day,
>
> ciao
> -- 
> Remo Mattei
>
>
> November 12, 2013 at 14:32:52, Xin Zhao (xzhao at bnl.gov 
> <mailto://xzhao@bnl.gov>) ha scritto:
>
>> Hello,
>>
>> I have a multi-host grizzly RHEL6 install, using OVS. From the instance,
>> I can ping external ips, but DNS resolv doesn't work, it only works for
>> other instances on the VM network.
>> If I do subnet-update to add public DNS server ips to the vm network,
>> DNS resolv works for external hosts, but stops working for other
>> instances on the same VM network.
>> Do I miss some configuration here?
>>
>> Thanks,
>> Xin
>>
>> _______________________________________________
>> Mailing list: 
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> Post to : openstack at lists.openstack.org
>> Unsubscribe : 
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>
>> !DSPAM:2,5282ac94271465380316102!
>>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20131114/7ff020fc/attachment.html>