[Openstack] can anybody help to explain how the packet of ping shoule be forwarded from vm
Sam Lee
lixq2000 at gmail.com
Tue Sep 23 07:59:41 UTC 2014
I ping www.sina.com.cn, so the destination address is 58.63.236.35. the
following route should be used .
0.0.0.0 172.16.10.1 0.0.0.0 UG 100 0 0 eth1
2014-09-23 15:56 GMT+08:00 严超 <yanchao727 at gmail.com>:
> Seems like the package show go to this route:
>
> 172.16.10.200 0.0.0.0 255.255.255.248 U 0 0 0 br100
>
> Which is br100 presents eth0.
>
>
> *Best Regards!*
>
>
> *Chao Yan--------------**My twitter:Andy Yan @yanchao727
> <https://twitter.com/yanchao727>*
>
>
> *My Weibo:http://weibo.com/herewearenow
> <http://weibo.com/herewearenow>--------------*
>
> 2014-09-23 15:51 GMT+08:00 Sam Lee <lixq2000 at gmail.com>:
>
>> I think routing is in step 4。 The packet shoule be processed by eth1
>> based on routing table. in fact eth0 process it. this is what I am puzzled
>>
>> 2014-09-23 15:47 GMT+08:00 Sam Lee <lixq2000 at gmail.com>:
>>
>>> Can you explain it more detail? when the routing table is used?
>>>
>>> 2014-09-23 15:39 GMT+08:00 严超 <yanchao727 at gmail.com>:
>>>
>>>> I think that path should depends on your route table. You can modify
>>>> route table to take some tests.
>>>>
>>>> *Best Regards!*
>>>>
>>>>
>>>> *Chao Yan--------------**My twitter:Andy Yan @yanchao727
>>>> <https://twitter.com/yanchao727>*
>>>>
>>>>
>>>> *My Weibo:http://weibo.com/herewearenow
>>>> <http://weibo.com/herewearenow>--------------*
>>>>
>>>> 2014-09-23 15:21 GMT+08:00 Sam Lee <lixq2000 at gmail.com>:
>>>>
>>>>> I have tracked the packets using tcpdump, and it shows that the eth0
>>>>> process the packets. When a floating ip is added on instance, eth1 process
>>>>> the packets.
>>>>>
>>>>> 2014-09-23 15:18 GMT+08:00 严超 <yanchao727 at gmail.com>:
>>>>>
>>>>>> Yes, that's what I suggest. You can use tcpdump to track packages as
>>>>>> well.
>>>>>>
>>>>>> *Best Regards!*
>>>>>>
>>>>>>
>>>>>> *Chao Yan--------------**My twitter:Andy Yan @yanchao727
>>>>>> <https://twitter.com/yanchao727>*
>>>>>>
>>>>>>
>>>>>> *My Weibo:http://weibo.com/herewearenow
>>>>>> <http://weibo.com/herewearenow>--------------*
>>>>>>
>>>>>> 2014-09-23 15:13 GMT+08:00 Sam Lee <lixq2000 at gmail.com>:
>>>>>>
>>>>>>> I am not sure you are right or not. Bridge is a virtual switch,
>>>>>>> if we want to communicate outside world using bridge, we must attach a
>>>>>>> physical devices to bridge. eth0 is just the device.
>>>>>>>
>>>>>>> 2014-09-23 15:04 GMT+08:00 严超 <yanchao727 at gmail.com>:
>>>>>>>
>>>>>>>> eth0 is virtualized as br100 , as your command show:
>>>>>>>>
>>>>>>>> 2: eth0: mtu 1500 qdisc pfifo_fast *master br100 state UP* qlen 1000
>>>>>>>> link/ether 00:1e:67:6a:8b:c9 brd ff:ff:ff:ff:ff:ff
>>>>>>>> inet6 fe80::21e:67ff:fe6a:8bc9/64 scope link
>>>>>>>> valid_lft forever preferred_lft forever
>>>>>>>>
>>>>>>>> So I think packages would be handled by eth0. Right?
>>>>>>>>
>>>>>>>>
>>>>>>>> *Best Regards!*
>>>>>>>>
>>>>>>>>
>>>>>>>> *Chao Yan--------------**My twitter:Andy Yan @yanchao727
>>>>>>>> <https://twitter.com/yanchao727>*
>>>>>>>>
>>>>>>>>
>>>>>>>> *My Weibo:http://weibo.com/herewearenow
>>>>>>>> <http://weibo.com/herewearenow>--------------*
>>>>>>>>
>>>>>>>> 2014-09-23 14:33 GMT+08:00 Sam Lee <lixq2000 at gmail.com>:
>>>>>>>>
>>>>>>>>> I set up an openstack environment using nova-network with
>>>>>>>>> multi_host mode.
>>>>>>>>>
>>>>>>>>> created network info as below,
>>>>>>>>>
>>>>>>>>> root at ubuntu:~# nova network-show e77b754d-5a89-41fd-8c82-69051e69c4ed
>>>>>>>>> +---------------------+--------------------------------------+
>>>>>>>>> | Property | Value |
>>>>>>>>> +---------------------+--------------------------------------+
>>>>>>>>> | bridge | br100 |
>>>>>>>>> | vpn_public_port | None |
>>>>>>>>> | dhcp_start | 172.16.10.202 |
>>>>>>>>> | bridge_interface | eth0 |
>>>>>>>>> | updated_at | None |
>>>>>>>>> | id | e77b754d-5a89-41fd-8c82-69051e69c4ed |
>>>>>>>>> | cidr_v6 | None |
>>>>>>>>> | deleted_at | None |
>>>>>>>>> | gateway | 172.16.10.1 |
>>>>>>>>> | rxtx_base | None |
>>>>>>>>> | label | private |
>>>>>>>>> | priority | None |
>>>>>>>>> | project_id | None |
>>>>>>>>> | vpn_private_address | None |
>>>>>>>>> | deleted | 0 |
>>>>>>>>> | vlan | None |
>>>>>>>>> | broadcast | 172.16.10.207 |
>>>>>>>>> | netmask | 255.255.255.248 |
>>>>>>>>> | injected | False |
>>>>>>>>> | cidr | 172.16.10.200/29 |
>>>>>>>>> | vpn_public_address | None |
>>>>>>>>> | multi_host | True |
>>>>>>>>> | dns2 | None |
>>>>>>>>> | created_at | 2014-09-11T07:58:13.000000 |
>>>>>>>>> | host | None |
>>>>>>>>> | gateway_v6 | None |
>>>>>>>>> | netmask_v6 | None |
>>>>>>>>> | dns1 | 8.8.4.4 |
>>>>>>>>> +---------------------+--------------------------------------+
>>>>>>>>> Note: 172.16.10.1 is the physical gateway
>>>>>>>>>
>>>>>>>>> route info of the host as below:
>>>>>>>>>
>>>>>>>>> Kernel IP routing table
>>>>>>>>> Destination Gateway Genmask Flags Metric Ref Use Iface
>>>>>>>>> 0.0.0.0 172.16.10.1 0.0.0.0 UG 100 0 0 eth1
>>>>>>>>> 10.10.100.0 0.0.0.0 255.255.255.0 U 0 0 0 br100
>>>>>>>>> 172.16.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
>>>>>>>>> 172.16.10.200 0.0.0.0 255.255.255.248 U 0 0 0 br100
>>>>>>>>>
>>>>>>>>> three instances has been created as below,
>>>>>>>>>
>>>>>>>>> root at ubuntu:~# nova list
>>>>>>>>> +--------------------------------------+-------+--------+-----------------------+
>>>>>>>>> | ID | Name | Status | Networks |
>>>>>>>>> +--------------------------------------+-------+--------+-----------------------+
>>>>>>>>> | 5867fa88-de5c-4656-9811-5c86128b786b | test3 | ACTIVE | private=172.16.10.202 |
>>>>>>>>> | 272f8d4f-f924-488b-855f-7f53a2372708 | test4 | ACTIVE | private=172.16.10.204 |
>>>>>>>>> | aec01738-996f-42dc-a921-1c859c79ffed | test5 | ACTIVE | private=172.16.10.205 |
>>>>>>>>> +--------------------------------------+-------+--------+-----------------------+
>>>>>>>>>
>>>>>>>>> ip info of host:
>>>>>>>>>
>>>>>>>>> root at ubuntu:~# ip a
>>>>>>>>> 1: lo: mtu 16436 qdisc noqueue state UNKNOWN
>>>>>>>>> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>>>>>>>>> inet 127.0.0.1/8 scope host lo
>>>>>>>>> inet 169.254.169.254/32 scope link lo
>>>>>>>>> inet6 ::1/128 scope host
>>>>>>>>> valid_lft forever preferred_lft forever
>>>>>>>>> 2: eth0: mtu 1500 qdisc pfifo_fast master br100 state UP qlen 1000
>>>>>>>>> link/ether 00:1e:67:6a:8b:c9 brd ff:ff:ff:ff:ff:ff
>>>>>>>>> inet6 fe80::21e:67ff:fe6a:8bc9/64 scope link
>>>>>>>>> valid_lft forever preferred_lft forever
>>>>>>>>> 3: eth1: mtu 1500 qdisc pfifo_fast state UP qlen 1000
>>>>>>>>> link/ether 00:1e:67:6a:8b:c8 brd ff:ff:ff:ff:ff:ff
>>>>>>>>> inet 172.16.10.16/24 brd 172.16.10.255 scope global eth1
>>>>>>>>> inet6 fe80::21e:67ff:fe6a:8bc8/64 scope link
>>>>>>>>> valid_lft forever preferred_lft forever
>>>>>>>>> 5: br100: mtu 1500 qdisc noqueue state UP
>>>>>>>>> link/ether 00:1e:67:6a:8b:c9 brd ff:ff:ff:ff:ff:ff
>>>>>>>>> inet 172.16.10.203/29 brd 172.16.10.207 scope global br100
>>>>>>>>> inet 10.10.100.52/24 brd 10.10.100.255 scope global br100
>>>>>>>>> inet6 fe80::44c7:b4ff:fe0c:3f/64 scope link
>>>>>>>>> valid_lft forever preferred_lft forever
>>>>>>>>> 6: vnet0: mtu 1500 qdisc pfifo_fast master br100 state UNKNOWN qlen 500
>>>>>>>>> link/ether fe:16:3e:0f:03:49 brd ff:ff:ff:ff:ff:ff
>>>>>>>>> inet6 fe80::fc16:3eff:fe0f:349/64 scope link
>>>>>>>>> valid_lft forever preferred_lft forever
>>>>>>>>> 7: vnet1: mtu 1500 qdisc pfifo_fast master br100 state UNKNOWN qlen 500
>>>>>>>>> link/ether fe:16:3e:b3:d8:a1 brd ff:ff:ff:ff:ff:ff
>>>>>>>>> inet6 fe80::fc16:3eff:feb3:d8a1/64 scope link
>>>>>>>>> valid_lft forever preferred_lft forever
>>>>>>>>> 8: vnet2: mtu 1500 qdisc pfifo_fast master br100 state UNKNOWN qlen 500
>>>>>>>>> link/ether fe:16:3e:0e:7a:0d brd ff:ff:ff:ff:ff:ff
>>>>>>>>> inet6 fe80::fc16:3eff:fe0e:7a0d/64 scope link
>>>>>>>>> valid_lft forever preferred_lft forever
>>>>>>>>>
>>>>>>>>> mac table of br100:
>>>>>>>>>
>>>>>>>>> root at ubuntu:~# brctl showmacs br100
>>>>>>>>> port no mac addr is local? ageing timer
>>>>>>>>> 1 00:0c:29:27:9d:7e no 16.79
>>>>>>>>> 1 00:0c:29:27:9d:88 no 5.49
>>>>>>>>> 1 00:0c:29:58:9a:64 no 31.86
>>>>>>>>> 1 00:0c:29:f3:cf:7b no 21.28
>>>>>>>>> 1 00:12:7f:7d:37:a1 no 35.54
>>>>>>>>> 1 00:14:5e:ac:7c:b5 no 26.20
>>>>>>>>> 1 00:14:5e:e8:03:d1 no 13.31
>>>>>>>>> 1 00:14:f2:a8:00:81 no 1.11
>>>>>>>>> 1 00:1e:67:45:85:ad no 14.02
>>>>>>>>> 1 00:1e:67:64:ed:c9 no 10.10
>>>>>>>>> 1 00:1e:67:64:ee:a5 no 9.38
>>>>>>>>> 1 00:1e:67:6a:8b:c9 yes 0.00
>>>>>>>>> 1 00:1e:67:97:17:ee no 52.97
>>>>>>>>> 1 52:54:00:01:40:23 no 10.72
>>>>>>>>> 1 52:54:00:1c:71:3d no 5.50
>>>>>>>>> 1 52:54:00:47:9c:ee no 8.70
>>>>>>>>> 1 52:54:00:b8:aa:45 no 9.79
>>>>>>>>> 1 52:54:00:ee:60:44 no 7.61
>>>>>>>>> 1 5c:f3:fc:00:0e:da no 56.27
>>>>>>>>> 1 5c:f3:fc:00:ad:02 no 1.13
>>>>>>>>> 1 6c:ae:8b:51:49:12 no 0.64
>>>>>>>>> 1 8a:62:65:05:8d:02 no 5.38
>>>>>>>>> 1 ae:2a:9d:74:11:03 no 155.47
>>>>>>>>> 1 e4:1f:13:75:47:e0 no 8.24
>>>>>>>>> 1 e4:1f:13:fc:a8:21 no 176.11
>>>>>>>>> 1 fa:16:3e:00:c8:ce no 0.38
>>>>>>>>> 1 fa:16:3e:05:61:a3 no 4.29
>>>>>>>>> 4 fa:16:3e:0e:7a:0d no 11.35
>>>>>>>>> 2 fa:16:3e:0f:03:49 no 9.90
>>>>>>>>> 1 fa:16:3e:2c:6c:55 no 24.90
>>>>>>>>> 1 fa:16:3e:2d:f0:f0 no 7.40
>>>>>>>>> 1 fa:16:3e:3b:35:e1 no 27.88
>>>>>>>>> 1 fa:16:3e:3f:1a:0c no 9.18
>>>>>>>>> 1 fa:16:3e:49:d6:54 no 10.57
>>>>>>>>> 1 fa:16:3e:4a:47:6e no 13.07
>>>>>>>>> 1 fa:16:3e:61:d5:0c no 24.14
>>>>>>>>> 1 fa:16:3e:6b:89:c1 no 25.96
>>>>>>>>> 1 fa:16:3e:85:80:df no 3.74
>>>>>>>>> 1 fa:16:3e:8d:a4:da no 28.20
>>>>>>>>> 1 fa:16:3e:9f:bb:0c no 13.65
>>>>>>>>> 1 fa:16:3e:a6:88:1d no 24.17
>>>>>>>>> 3 fa:16:3e:b3:d8:a1 no 6.07
>>>>>>>>> 1 fa:16:3e:c8:42:0d no 27.80
>>>>>>>>> 1 fa:16:3e:ca:a8:8e no 4.70
>>>>>>>>> 1 fa:16:3e:e8:a7:9b no 27.31
>>>>>>>>> 4 fe:16:3e:0e:7a:0d yes 0.00
>>>>>>>>> 2 fe:16:3e:0f:03:49 yes 0.00
>>>>>>>>> 3 fe:16:3e:b3:d8:a1 yes 0.00
>>>>>>>>>
>>>>>>>>> arp table of instance test5:
>>>>>>>>>
>>>>>>>>> [root at test5 ~]# arp -a
>>>>>>>>> ? (172.16.10.203) at 00:1e:67:6a:8b:c9 [ether] on eth0
>>>>>>>>> ? (172.16.10.1) at 00:12:7f:7d:37:a1 [ether] on eth0
>>>>>>>>>
>>>>>>>>> route info of instance test5
>>>>>>>>>
>>>>>>>>> [root at test5 ~]# route -n
>>>>>>>>> Kernel IP routing table
>>>>>>>>> Destination Gateway Genmask Flags Metric Ref Use Iface
>>>>>>>>> 172.16.10.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
>>>>>>>>> 172.16.10.200 0.0.0.0 255.255.255.248 U 1 0 0 eth0
>>>>>>>>> 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
>>>>>>>>> 0.0.0.0 172.16.10.1 0.0.0.0 UG 0 0 0 eth0
>>>>>>>>>
>>>>>>>>> I ping www.sina.com.cn in instances test5(172.16.10.205)
>>>>>>>>>
>>>>>>>>> [root at test5 ~]# ping www.sina.com.cn
>>>>>>>>> PING ara.sina.com.cn (58.63.236.35) 56(84) bytes of data.
>>>>>>>>> 64 bytes from 58.63.236.35: icmp_seq=1 ttl=49 time=38.4 ms
>>>>>>>>> 64 bytes from 58.63.236.35: icmp_seq=2 ttl=49 time=38.5 ms
>>>>>>>>> 64 bytes from 58.63.236.35: icmp_seq=3 ttl=49 time=38.2 ms
>>>>>>>>> ^C
>>>>>>>>> --- ara.sina.com.cn ping statistics ---
>>>>>>>>> 3 packets transmitted, 3 received, 0% packet loss, time 2436ms
>>>>>>>>> rtt min/avg/max/mdev = 38.259/38.427/38.536/0.256 ms
>>>>>>>>>
>>>>>>>>> In my option, the packet will go through as follow,
>>>>>>>>> 1. vm eth0
>>>>>>>>> 2. br100
>>>>>>>>> 3. according the mac table of switch br100, the packet will go
>>>>>>>>> through to port 1
>>>>>>>>>
>>>>>>>>> the next step has always puzzled me
>>>>>>>>> 4. the packet arrived at host eth0. Once the packet arrived eth0,
>>>>>>>>> it will be processed by iptables chains, INPUT, PREROUTING, kernel routing,
>>>>>>>>> OUTPUT and so on. the destination address is 58.63.236.35, based on the
>>>>>>>>> kernel routing table, the packet will be processed by eth1. *In
>>>>>>>>> fact, eth0 processes it.*can anyone explain why??
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Thanks in advance.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> Mailing list:
>>>>>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>>>>>>> Post to : openstack at lists.openstack.org
>>>>>>>>> Unsubscribe :
>>>>>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140923/d71b3faa/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: images.png
Type: image/png
Size: 5494 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140923/d71b3faa/attachment.png>
More information about the Openstack
mailing list
