[Openstack] No ping or SSH to the instance
wahi
wahi at sci.am
Thu Mar 29 10:52:39 UTC 2018
Thanks a lot Jorge for your response, these are the outputs:
ip netns exec qrouter-570a7359-1658-4ff4-8f0c-947e487ffc76 ifconfig
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qg-1fd409f8-91: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet XXXXXX.8 netmask 255.255.255.0 broadcast XXXXXX
inet6 fe80::f816:3eff:fef7:a0db prefixlen 64 scopeid 0x20<link>
ether fa:16:3e:f7:a0:db txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 37 bytes 2082 (2.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qr-5ac8cae0-61: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet 10.10.0.1 netmask 255.255.255.0 broadcast 10.10.0.255
inet6 fe80::f816:3eff:fe3b:b19b prefixlen 64 scopeid 0x20<link>
ether fa:16:3e:3b:b1:9b txqueuelen 1000 (Ethernet)
RX packets 338 bytes 31394 (30.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 360 bytes 38637 (37.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
The main strange part is here: qg-1fd409f8-91:
flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet XXXXXX.8 netmask 255.255.255.0 broadcast XXXXXX
xxxx.8 strange IP it is not my network node IP.
And here are more outputs:
ip netns exec qrouter-570a7359-1658-4ff4-8f0c-947e487ffc76 iptables -L -n -v
Chain INPUT (policy ACCEPT 116 packets, 15374 bytes)
pkts bytes target prot opt in out source
destination
308 29294 neutron-l3-agent-INPUT all -- * *
0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT 6 packets, 504 bytes)
pkts bytes target prot opt in out source
destination
6 504 neutron-filter-top all -- * * 0.0.0.0/0
0.0.0.0/0
6 504 neutron-l3-agent-FORWARD all -- * *
0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 342 packets, 32649 bytes)
pkts bytes target prot opt in out source
destination
342 32649 neutron-filter-top all -- * * 0.0.0.0/0
0.0.0.0/0
342 32649 neutron-l3-agent-OUTPUT all -- * *
0.0.0.0/0 0.0.0.0/0
Chain neutron-filter-top (2 references)
pkts bytes target prot opt in out source
destination
348 33153 neutron-l3-agent-local all -- * *
0.0.0.0/0 0.0.0.0/0
Chain neutron-l3-agent-FORWARD (1 references)
pkts bytes target prot opt in out source
destination
6 504 neutron-l3-agent-scope all -- * *
0.0.0.0/0 0.0.0.0/0
Chain neutron-l3-agent-INPUT (1 references)
pkts bytes target prot opt in out source
destination
192 13920 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 mark match 0x1/0xffff
0 0 DROP tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:9697
Chain neutron-l3-agent-OUTPUT (1 references)
pkts bytes target prot opt in out source
destination
Chain neutron-l3-agent-local (1 references)
pkts bytes target prot opt in out source
destination
Chain neutron-l3-agent-scope (1 references)
pkts bytes target prot opt in out source
destination
0 0 DROP all -- * qr-5ac8cae0-61
0.0.0.0/0 0.0.0.0/0 mark match ! 0x4000000/0xffff0000
On 03/28/2018 11:03 PM, Jorge Luiz Correa wrote:
> You can use
>
> ip netns exec qroute-ID ifconfig
> ip netns exec qroute-ID tcpdump -eni <some qr or qg interface>
>
> to verify if packages are arriving. And, you can also use
>
> ip netns exec qroute-ID iptables -L -n -v
>
> to see where packages are being dropped (there will be counters on
> DROP rules).
>
> Regards.
>
> - JLC
>
> On Wed, Mar 28, 2018 at 3:38 PM, wahi <wahi at sci.am
> <mailto:wahi at sci.am>> wrote:
>
> Dear all,
>
> I installed Openstack ocata using the packstack on Centos 7, so
> there is a controller node, network node and four compute nodes.
>
> I created the private and public network. The instance is running
> and getting the internal IP then I am associating the external IP
> without any problem.
>
> From the network node I can use:
> ip netns exec qroute-ID ping external-IP or SSH
>
> But no ping or ssh using the ping or ssh command from the network
> or controller node or even the compute node where the instance is
> running.
>
> No selinux or firewall on all nodes.
>
> SSH enabled between controller and all remaining nodes.
>
> Security rules for SSH and ping has been added.
>
> Really appreciate any help or suggestion to identify the problem.
>
>
> Many thanks in advance.
>
>
>
> Regards,
> Wahi
>
>
>
> _______________________________________________
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> <http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack>
> Post to : openstack at lists.openstack.org
> <mailto:openstack at lists.openstack.org>
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> <http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack>
>
>
--
Wahi Narsisian
Vice-Head of Center for Scientific Computing,
Institute for Informatics and Automation Problems,
National Academy of Sciences of the Republic of Armenia
1, P. Sevak str., Yerevan 0014, Armenia
t: 374 91 557285
e: wahi at sci.am
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20180329/1aa8b212/attachment.html>
More information about the Openstack
mailing list