[Openstack] able to ping but not able to ssh to instance

Srinivasreddy R srinivasreddy4390 at gmail.com
Thu Sep 18 14:02:40 UTC 2014 

hi ,
thanks for your reply .

1. i have checked ssh server is running in instance ..
    ssh from one instance to another is possible using private
network[demo-net] .
2. checked  ssh is running in port 22
3. telnet <ip>  22 is not working .


4. output when i run ssh using verbose  pasted at

http://paste.openstack.org/show/112860/




==================================
ip tables output

my internal network for vm is 11.0.0.x and external network is 172.0.0.x


root at user-ThinkCentre-M73:/home/user# ip netns exec
qrouter-f6e00f94-1c6d-4cf5-8cae-319e393240fe  iptables -t nat -S
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT
-N neutron-l3-agent-OUTPUT
-N neutron-l3-agent-POSTROUTING
-N neutron-l3-agent-PREROUTING
-N neutron-l3-agent-float-snat
-N neutron-l3-agent-snat
-N neutron-postrouting-bottom
-A PREROUTING -j neutron-l3-agent-PREROUTING
-A OUTPUT -j neutron-l3-agent-OUTPUT
-A POSTROUTING -j neutron-l3-agent-POSTROUTING
-A POSTROUTING -j neutron-postrouting-bottom
-A neutron-l3-agent-OUTPUT -d 172.0.0.7/32 -j DNAT --to-destination 11.0.0.9
-A neutron-l3-agent-OUTPUT -d 172.0.0.3/32 -j DNAT --to-destination 11.0.0.2
-A neutron-l3-agent-OUTPUT -d 172.0.0.4/32 -j DNAT --to-destination 11.0.0.5
-A neutron-l3-agent-POSTROUTING ! -i qg-ec80d9fb-82 ! -o qg-ec80d9fb-82 -m
conntrack ! --ctstate DNAT -j ACCEPT
-A neutron-l3-agent-PREROUTING -d 169.254.169.254/32 -p tcp -m tcp --dport
80 -j REDIRECT --to-ports 9697
-A neutron-l3-agent-PREROUTING -d 172.0.0.7/32 -j DNAT --to-destination
11.0.0.9
-A neutron-l3-agent-PREROUTING -d 172.0.0.3/32 -j DNAT --to-destination
11.0.0.2
-A neutron-l3-agent-PREROUTING -d 172.0.0.4/32 -j DNAT --to-destination
11.0.0.5
-A neutron-l3-agent-float-snat -s 11.0.0.9/32 -j SNAT --to-source 172.0.0.7
-A neutron-l3-agent-float-snat -s 11.0.0.2/32 -j SNAT --to-source 172.0.0.3
-A neutron-l3-agent-float-snat -s 11.0.0.5/32 -j SNAT --to-source 172.0.0.4
-A neutron-l3-agent-snat -j neutron-l3-agent-float-snat
-A neutron-l3-agent-snat -s 11.0.0.0/24 -j SNAT --to-source 172.0.0.2
-A neutron-postrouting-bottom -j neutron-l3-agent-snat




=====================
i pasted my dump flows of br-tun at
http://paste.openstack.org/show/112859/



as per the doc
 https://openstack.redhat.com/Networking_in_too_much_detail

br-ex is connected to router , router is connected to br-int , br-int is
connected to bt-tun .

i have captured at br-int . my ssh request is reaching to br-int but not
going through tunnel .

please help me .




thanks,
srinivas.




On Wed, Sep 17, 2014 at 9:30 PM, Sajith Kariyawasam <sajhak at gmail.com>
wrote:

> Hi,
>
> Could be due to,
>     ssh server is not up and running in your instance,
>     or running in a different port rather than port 22,
>     or, ssh port access is restricted in openstack key pair configuration
>
> You could also try telnet to check the connectivity,
> $ telnet <ip> 22
>
> Thanks,
> Sajith
>
>
> On Wed, Sep 17, 2014 at 8:59 PM, Zoltán Lajos Kis <
> zoltan.lajos.kis at ericsson.com> wrote:
>
>>  Hi,
>>
>>
>>
>> What’s the output of running ssh with the verbose (-v) flag?
>>
>>
>>
>> BR,
>>
>> Zoltan
>>
>>
>>
>> *From:* Srinivasreddy R [mailto:srinivasreddy4390 at gmail.com]
>> *Sent:* Wednesday, September 17, 2014 5:16 PM
>> *To:* openstack at lists.openstack.org
>> *Subject:* [Openstack] able to ping but not able to ssh to instance
>>
>>
>>
>> hi,
>>
>> i am able to ping my instance form external network .
>>
>> but  not able to ssh to the instance .
>>
>> i am using floating ip s for ping,ssh.
>>
>> please help me .
>>
>> thanks,
>> srinivas.
>>
>> _______________________________________________
>> Mailing list:
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> Post to     : openstack at lists.openstack.org
>> Unsubscribe :
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>
>>
>
>
> --
> Best Regards
> Sajith
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140918/3e26206b/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Netwk-node-arch.png
Type: image/png
Size: 61575 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140918/3e26206b/attachment.png>

More information about the Openstack mailing list