[Openstack] Can not ping the tenant router gateway from host
Andreas Scheuring
scheuran at linux.vnet.ibm.com
Thu Mar 5 11:41:44 UTC 2015
Hi Mitchel,
please see my response from Tuesday.
https://www.mail-archive.com/openstack%
40lists.openstack.org/msg11364.html
Hope it helps!
--
Andreas
(irc: scheuran)
On Wed, 2015-03-04 at 21:03 +0000, Mitchell Chen wrote:
> Hi All,
>
>
>
> I am struggling with not being able to ping the router gateway. I am
> able to ping from router to the router gateway (172.29.105.101) and
> router to internal tenant gateway (192.168.2.1), but still can not
> ping from control node to the router gateway. I am using GRE
> tunneling. I saw there is a tag 4095 in the tap port of the br-int
> bridge. Is this OK? Please advise. From the following data, is there a
> way to debug the issue?
>
>
>
> Thanks,
>
> Mitchell
>
>
>
>
>
> root at control:~# ovs-vsctl show
>
> f22d3ba4-d785-4fe7-a283-16ffbc75c434
>
> Bridge br-int
>
> fail_mode: secure
>
> Port "qr-784a2f1c-e6"
>
> tag: 1
>
> Interface "qr-784a2f1c-e6"
>
> type: internal
>
> Port "tap27dd1b25-62"
>
> tag: 4095
>
> Interface "tap27dd1b25-62"
>
> type: internal
>
> Port br-int
>
> Interface br-int
>
> type: internal
>
> Port patch-tun
>
> Interface patch-tun
>
> type: patch
>
> options: {peer=patch-int}
>
> Bridge br-tun
>
> Port patch-int
>
> Interface patch-int
>
> type: patch
>
> options: {peer=patch-tun}
>
> Port "gre-c0a801cc"
>
> Interface "gre-c0a801cc"
>
> type: gre
>
> options: {in_key=flow, local_ip="192.168.1.220",
> out_key=flow, remote_ip="192.168.1.204"}
>
> Port "gre-c0a801d5"
>
> Interface "gre-c0a801d5"
>
> type: gre
>
> options: {in_key=flow, local_ip="192.168.1.220",
> out_key=flow, remote_ip="192.168.1.213"}
>
> Port br-tun
>
> Interface br-tun
>
> type: internal
>
> Port "gre-c0a801d2"
>
> Interface "gre-c0a801d2"
>
> type: gre
>
> options: {in_key=flow, local_ip="192.168.1.220",
> out_key=flow, remote_ip="192.168.1.210"}
>
> Bridge br-ex
>
> Port "qg-6849da02-da"
>
> Interface "qg-6849da02-da"
>
> type: internal
>
> Port br-ex
>
> Interface br-ex
>
> type: internal
>
> Port "eth2"
>
> Interface "eth2"
>
> ovs_version: "2.0.2"
>
>
>
> root at control:~# ovs-ofctl dump-flows br-int
>
> NXST_FLOW reply (xid=0x4):
>
> cookie=0x0, duration=55.846s, table=0, n_packets=2, n_bytes=214,
> idle_age=8, priority=1 actions=NORMAL
>
> cookie=0x0, duration=55.649s, table=22, n_packets=0, n_bytes=0,
> idle_age=55, priority=0 actions=drop
>
>
>
> root@ control:~# ovs-ofctl dump-flows br-tun
>
> NXST_FLOW reply (xid=0x4):
>
> cookie=0x0, duration=66.836s, table=0, n_packets=0, n_bytes=0,
> idle_age=66, priority=1,in_port=3 actions=resubmit(,2)
>
> cookie=0x0, duration=68.694s, table=0, n_packets=0, n_bytes=0,
> idle_age=68, priority=1,in_port=1 actions=resubmit(,1)
>
> cookie=0x0, duration=66.545s, table=0, n_packets=0, n_bytes=0,
> idle_age=66, priority=1,in_port=4 actions=resubmit(,2)
>
> cookie=0x0, duration=67.159s, table=0, n_packets=32, n_bytes=5592,
> idle_age=1, priority=1,in_port=2 actions=resubmit(,2)
>
> cookie=0x0, duration=68.59s, table=0, n_packets=5, n_bytes=390,
> idle_age=59, priority=0 actions=drop
>
> cookie=0x0, duration=68.495s, table=1, n_packets=0, n_bytes=0,
> idle_age=68, priority=1,dl_dst=00:00:00:00:00:00/01:00:00:00:00:00
> actions=resubmit(,20)
>
> cookie=0x0, duration=68.391s, table=1, n_packets=0, n_bytes=0,
> idle_age=68, priority=1,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00
> actions=resubmit(,21)
>
> cookie=0x0, duration=64.686s, table=2, n_packets=32, n_bytes=5592,
> idle_age=1, priority=1,tun_id=0x2 actions=mod_vlan_vid:1,resubmit(,10)
>
> cookie=0x0, duration=68.293s, table=2, n_packets=0, n_bytes=0,
> idle_age=68, priority=0 actions=drop
>
> cookie=0x0, duration=68.193s, table=3, n_packets=0, n_bytes=0,
> idle_age=68, priority=0 actions=drop
>
> cookie=0x0, duration=68.082s, table=10, n_packets=32, n_bytes=5592,
> idle_age=1, priority=1
> actions=learn(table=20,hard_timeout=300,priority=1,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:0->NXM_OF_VLAN_TCI[],load:NXM_NX_TUN_ID[]->NXM_NX_TUN_ID[],output:NXM_OF_IN_PORT[]),output:1
>
> cookie=0x0, duration=56.741s, table=20, n_packets=0, n_bytes=0,
> hard_timeout=300, idle_age=56, hard_age=1,
> priority=1,vlan_tci=0x0001/0x0fff,dl_dst=b2:a9:8f:0a:42:fb
> actions=load:0->NXM_OF_VLAN_TCI[],load:0x2->NXM_NX_TUN_ID[],output:2
>
> cookie=0x0, duration=22.544s, table=20, n_packets=0, n_bytes=0,
> hard_timeout=300, idle_age=22, hard_age=9,
> priority=1,vlan_tci=0x0001/0x0fff,dl_dst=62:bb:fb:a4:92:db
> actions=load:0->NXM_OF_VLAN_TCI[],load:0x2->NXM_NX_TUN_ID[],output:2
>
> cookie=0x0, duration=67.982s, table=20, n_packets=0, n_bytes=0,
> idle_age=67, priority=0 actions=resubmit(,21)
>
> cookie=0x0, duration=64.782s, table=21, n_packets=0, n_bytes=0,
> idle_age=64, dl_vlan=1
> actions=strip_vlan,set_tunnel:0x2,output:4,output:3,output:2
>
> cookie=0x0, duration=67.87s, table=21, n_packets=0, n_bytes=0,
> idle_age=67, priority=0 actions=drop
>
>
>
> root@ control:~# ovs-ofctl dump-flows br-ex
>
> NXST_FLOW reply (xid=0x4):
>
> cookie=0x0, duration=558.95s, table=0, n_packets=479, n_bytes=102435,
> idle_age=10, priority=0 actions=NORMAL
>
>
>
> root at neutron:~# ip netns
>
> qrouter-09800b9c-7f2e-40d7-94e5-09e8f73d0302
>
> qdhcp-95f5f75f-577f-4827-b51c-f949fb46393b
>
> root at mussdhux20:~# ip netns exec
> qrouter-09800b9c-7f2e-40d7-94e5-09e8f73d0302 ip a
>
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
> group default
>
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>
> inet 127.0.0.1/8 scope host lo
>
> valid_lft forever preferred_lft forever
>
> inet6 ::1/128 scope host
>
> valid_lft forever preferred_lft forever
>
> 14: qr-784a2f1c-e6: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
> state UNKNOWN group default
>
> link/ether fa:16:3e:d2:db:51 brd ff:ff:ff:ff:ff:ff
>
> inet 192.168.2.1/24 brd 192.168.2.255 scope global qr-784a2f1c-e6
>
> valid_lft forever preferred_lft forever
>
> inet6 fe80::f816:3eff:fed2:db51/64 scope link
>
> valid_lft forever preferred_lft forever
>
> 15: qg-6849da02-da: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
> state UNKNOWN group default
>
> link/ether fa:16:3e:15:c8:76 brd ff:ff:ff:ff:ff:ff
>
> inet 172.29.105.101/24 brd 172.29.105.255 scope global
> qg-6849da02-da
>
> valid_lft forever preferred_lft forever
>
> inet 172.29.105.102/32 brd 172.29.105.102 scope global
> qg-6849da02-da
>
> valid_lft forever preferred_lft forever
>
> inet6 fe80::f816:3eff:fe15:c876/64 scope link
>
> valid_lft forever preferred_lft forever
>
>
>
> /// I can ping from router to external router gateway
>
> root@ neutron:~# ip netns exec
> qrouter-09800b9c-7f2e-40d7-94e5-09e8f73d0302 ping -I qg-6849da02-da
> 172.29.105.101
>
> PING 172.29.105.101 (172.29.105.101) from 172.29.105.101
> qg-6849da02-da: 56(84) bytes of data.
>
> 64 bytes from 172.29.105.101: icmp_seq=1 ttl=64 time=0.067 ms
>
> 64 bytes from 172.29.105.101: icmp_seq=2 ttl=64 time=0.048 ms
>
> 64 bytes from 172.29.105.101: icmp_seq=3 ttl=64 time=0.062 ms
>
> 64 bytes from 172.29.105.101: icmp_seq=4 ttl=64 time=0.051 ms
>
> 64 bytes from 172.29.105.101: icmp_seq=5 ttl=64 time=0.061 ms
>
> 64 bytes from 172.29.105.101: icmp_seq=6 ttl=64 time=0.050 ms
>
> ^C
>
> --- 172.29.105.101 ping statistics ---
>
> 6 packets transmitted, 6 received, 0% packet loss, time 4998ms
>
> rtt min/avg/max/mdev = 0.048/0.056/0.067/0.010 ms
>
>
>
> /// I can ping from router to internal tenant gateway
>
> root at mussdhux20:~# ip netns exec
> qrouter-09800b9c-7f2e-40d7-94e5-09e8f73d0302 ping -I qr-784a2f1c-e6
> 192.168.2.1
>
> PING 192.168.2.1 (192.168.2.1) from 192.168.2.1 qr-784a2f1c-e6: 56(84)
> bytes of data.
>
> 64 bytes from 192.168.2.1: icmp_seq=1 ttl=64 time=0.045 ms
>
> 64 bytes from 192.168.2.1: icmp_seq=2 ttl=64 time=0.047 ms
>
> 64 bytes from 192.168.2.1: icmp_seq=3 ttl=64 time=0.064 ms
>
> 64 bytes from 192.168.2.1: icmp_seq=4 ttl=64 time=0.049 ms
>
> 64 bytes from 192.168.2.1: icmp_seq=5 ttl=64 time=0.056 ms
>
> 64 bytes from 192.168.2.1: icmp_seq=6 ttl=64 time=0.044 ms
>
> ^C
>
> --- 192.168.2.1 ping statistics ---
>
> 6 packets transmitted, 6 received, 0% packet loss, time 4998ms
>
> rtt min/avg/max/mdev = 0.044/0.050/0.064/0.011 ms
>
>
>
> root@ neutron:~# ip a
>
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
> group default
>
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>
> inet 127.0.0.1/8 scope host lo
>
> valid_lft forever preferred_lft forever
>
> inet6 ::1/128 scope host
>
> valid_lft forever preferred_lft forever
>
> 2: eth2: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc
> pfifo_fast master ovs-system state UP group default qlen 1000
>
> link/ether 00:d0:b7:9d:be:de brd ff:ff:ff:ff:ff:ff
>
> inet6 fe80::2d0:b7ff:fe9d:bede/64 scope link
>
> valid_lft forever preferred_lft forever
>
> 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
> state UP group default qlen 1000
>
> link/ether 00:02:b3:ea:fd:36 brd ff:ff:ff:ff:ff:ff
>
> inet 192.168.1.220/24 brd 192.168.1.255 scope global eth1
>
> valid_lft forever preferred_lft forever
>
> inet6 fe80::202:b3ff:feea:fd36/64 scope link
>
> valid_lft forever preferred_lft forever
>
> 4: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
> state UP group default qlen 1000
>
> link/ether 00:0f:fe:5e:2b:52 brd ff:ff:ff:ff:ff:ff
>
> inet 172.29.106.220/24 brd 172.29.106.255 scope global eth0
>
> valid_lft forever preferred_lft forever
>
> inet6 fe80::20f:feff:fe5e:2b52/64 scope link
>
> valid_lft forever preferred_lft forever
>
> 5: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
> group default
>
> link/ether 42:ad:09:62:3e:ff brd ff:ff:ff:ff:ff:ff
>
> 6: br-ex: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
> group default
>
> link/ether 00:d0:b7:9d:be:de brd ff:ff:ff:ff:ff:ff
>
> inet6 fe80::4460:3dff:fe54:774a/64 scope link
>
> valid_lft forever preferred_lft forever
>
> 9: br-int: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
> UNKNOWN group default
>
> link/ether 0e:51:a9:81:c8:4b brd ff:ff:ff:ff:ff:ff
>
> inet6 fe80::50b6:6dff:fe2b:497f/64 scope link
>
> valid_lft forever preferred_lft forever
>
> 17: br-tun: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
> UNKNOWN group default
>
> link/ether 96:20:ae:89:c4:49 brd ff:ff:ff:ff:ff:ff
>
> inet6 fe80::14bd:19ff:fe80:55f7/64 scope link
>
> valid_lft forever preferred_lft forever
>
>
>
> root@ neutron:~# ip route
>
> default via 172.29.106.254 dev eth0
>
> 169.254.0.0/16 dev eth1 scope link metric 1000
>
> 172.29.106.0/24 dev eth0 proto kernel scope link src 172.29.106.220
>
> 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.220
>
>
>
> > > root at control# neutron net-list
>
> +--------------------------------------+----------+------------------------------------------------------+
>
> | id | name | subnets
> |
>
> +--------------------------------------+----------+------------------------------------------------------+
>
> | 95f5f75f-577f-4827-b51c-f949fb46393b | demo-net |
> 33d60404-d979-4b63-83ef-653268195872 192.168.2.0/24 |
>
> | e567fd9d-f87a-491c-b8f1-32d28de4069e | ext-net |
> 0f5d2be9-74b0-466e-b0e6-4be8f646338a 172.29.105.0/24 |
>
> +--------------------------------------+----------+------------------------------------------------------+
>
> root control # neutron subnet-list
>
> +--------------------------------------+-------------+-----------------+------------------------------------------------------+
>
> | id | name | cidr
> | allocation_pools |
>
> +--------------------------------------+-------------+-----------------+------------------------------------------------------+
>
> | 0f5d2be9-74b0-466e-b0e6-4be8f646338a | ext-subnet | 172.29.105.0/24
> | {"start": "172.29.105.101", "end": "172.29.105.127"} |
>
> | 33d60404-d979-4b63-83ef-653268195872 | demo-subnet | 192.168.2.0/24
> | {"start": "192.168.2.2", "end": "192.168.2.254"} |
>
> +--------------------------------------+-------------+-----------------+------------------------------------------------------+
>
> > >
>
> > > root@ control# neutron subnet-show ext-subnet
>
> +------------------+------------------------------------------------------+
>
> | Field | Value
> |
>
> +------------------+------------------------------------------------------+
>
> | allocation_pools | {"start": "172.29.105.101", "end":
> "172.29.105.127"} |
>
> | cidr | 172.29.105.0/24
> |
>
> | dns_nameservers |
> |
>
> | enable_dhcp | False
> |
>
> | gateway_ip | 172.29.105.254
> |
>
> | host_routes |
> |
>
> | id | 0f5d2be9-74b0-466e-b0e6-4be8f646338a
> |
>
> | ip_version | 4
> |
>
> | name | ext-subnet
> |
>
> | network_id | e567fd9d-f87a-491c-b8f1-32d28de4069e
> |
>
> | tenant_id | 7479d4eabeb14b45a7f38269155ec0f5
> |
>
> +------------------+------------------------------------------------------+
>
> > > root@ control# neutron subnet-show demo-subnet
>
> +------------------+--------------------------------------------------+
>
> | Field | Value
> |
>
> +------------------+--------------------------------------------------+
>
> | allocation_pools | {"start": "192.168.2.2", "end": "192.168.2.254"}
> |
>
> | cidr | 192.168.2.0/24
> |
>
> | dns_nameservers | 8.8.8.8
> |
>
> | enable_dhcp | True
> |
>
> | gateway_ip | 192.168.2.1
> |
>
> | host_routes |
> |
>
> | id | 33d60404-d979-4b63-83ef-653268195872
> |
>
> | ip_version | 4
> |
>
> | name | demo-subnet
> |
>
> | network_id | 95f5f75f-577f-4827-b51c-f949fb46393b
> |
>
> | tenant_id | 1bc3de8b19384858a1a7a6395e1845e3
> |
>
> +------------------+--------------------------------------------------+
>
>
> ************* Email Confidentiality Notice ********************
> The information contained in this e-mail message (including any
> attachments) may be confidential, proprietary, privileged, or otherwise
> exempt from disclosure under applicable laws. It is intended to be
> conveyed only to the designated recipient(s). Any use, dissemination,
> distribution, printing, retaining or copying of this e-mail (including its
> attachments) by unintended recipient(s) is strictly prohibited and may
> be unlawful. If you are not an intended recipient of this e-mail, or believe
> that you have received this e-mail in error, please notify the sender
> immediately (by replying to this e-mail), delete any and all copies of
> this e-mail (including any attachments) from your system, and do not
> disclose the content of this e-mail to any other person. Thank you!
More information about the Openstack
mailing list