search

bilelmsekni / OpenStack-Grizzly-Install-Guide

A full install guide for OpenStack Grizzly
352 stars 218 forks source link

VM and External network can't reach internet #39

Closed Mandalavandalz closed 11 years ago

Mandalavandalz commented 11 years ago

Hi, everything is work ok except that when I try to add external network to the router gataway interface on the external network is a Status Down. I can ping local interface on router via namespaces and VM get IP but can't ping router external gw interface outside (from internet).

I have exactly the same issue. With 3 machines - controler, network and compute node. The local network is a ok VM get IP, and i can ping them but external network interface GW 95.214.x.x is listed as Status DOWN.

quantum net-list +--------------------------------------+---------------+--------------------------------------------------------+ | id | name | subnets | +--------------------------------------+---------------+--------------------------------------------------------+ +---------------------------+--------------------------------------+ | 8c2d3c27-6f5c-4b40-9db7-5aa8bcc9335e | StudioWeb_INT | 364e67ef-ce7c-4649-aeeb-c15f4483c3f8 10.1.1.0/24 | | d1eccd72-cd5a-4532-8cc8-c6c4ffdd8bff | StudioWeb_EXT | a025b78b-264c-4961-9b6d-79782364c105 95.169.x.x/26 |

quantum net-show d1eccd72-cd5a-4532-8cc8-c6c4ffdd8bff +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | True | | id | d1eccd72-cd5a-4532-8cc8-c6c4ffdd8bff | | name | StudioWeb_EXT | | provider:network_type | gre | | provider:physical_network | | | provider:segmentation_id | 2 | | router:external | True | | shared | False | | status | ACTIVE | | subnets | a025b78b-264c-4961-9b6d-79782364c105 | | tenant_id | f73d5c7c26cd4f24aef990928fbb68b3 | +---------------------------+--------------------------------------+

quantum router-list +--------------------------------------+------------------+--------------------------------------------------------+ | id | name | external_gateway_info | +--------------------------------------+------------------+--------------------------------------------------------+ | e090b0c8-ab49-4ae7-a7f8-91c8eb0b7789 | StudioWeb_Router | {"network_id": "d1eccd72-cd5a-4532-8cc8-c6c4ffdd8bff"} | +--------------------------------------+------------------+--------------------------------------------------------+

quantum router-show StudioWeb_Router +-----------------------+--------------------------------------------------------+ | Field | Value | +-----------------------+--------------------------------------------------------+ | admin_state_up | True | | external_gateway_info | {"network_id": "d1eccd72-cd5a-4532-8cc8-c6c4ffdd8bff"} | | id | e090b0c8-ab49-4ae7-a7f8-91c8eb0b7789 | | name | StudioWeb_Router | | routes | | | status | ACTIVE | | tenant_id | aecab2512ceb4083a591bea7a7f2c89f | +-----------------------+--------------------------------------------------------+

quantum port-list +--------------------------------------+------+-------------------+---------------------------------------------------------------------------------------+ | id | name | mac_address | fixed_ips | +--------------------------------------+------+-------------------+---------------------------------------------------------------------------------------+ | 51db3736-e34c-4283-8075-947e439fe144 | | fa:16:3e:62:64:3d | {"subnet_id": "a025b78b-264c-4961-9b6d-79782364c105", "ip_address": "95.169.x.x"} | | 58d87d7a-57a7-4993-a429-b827e9b82cbc | | fa:16:3e:17:56:6e | {"subnet_id": "364e67ef-ce7c-4649-aeeb-c15f4483c3f8", "ip_address": "10.1.1.1"} | | c1845d95-f71d-492a-9edc-02f24e962535 | | fa:16:3e:0d:dd:c0 | {"subnet_id": "364e67ef-ce7c-4649-aeeb-c15f4483c3f8", "ip_address": "10.1.1.3"} | +--------------------------------------+------+-------------------+---------------------------------------------------------------------------------------+

quantum port-show 51db3736-e34c-4283-8075-947e439fe144 +----------------------+---------------------------------------------------------------------------------------+ | Field | Value | +----------------------+---------------------------------------------------------------------------------------+ [...] | admin_state_up | True | | binding:capabilities | {"port_filter": false} | | binding:vif_type | ovs | | device_id | e090b0c8-ab49-4ae7-a7f8-91c8eb0b7789 | | device_owner | network:router_gateway | | fixed_ips | {"subnet_id": "a025b78b-264c-4961-9b6d-79782364c105", "ip_address": "95.169.214.118"} | | id | 51db3736-e34c-4283-8075-947e439fe144 | | mac_address | fa:16:3e:62:64:3d | | name | | | network_id | d1eccd72-cd5a-4532-8cc8-c6c4ffdd8bff | | status | DOWN | | tenant_id | |

bilelmsekni commented 11 years ago

If the status is down, it's ok cause i have the same situation here. I had the same problem so i rebooted my network node and everything seemed to be fixed !

Can you try that ?

2013/4/27 Mandalavandalz notifications@github.com

Hi, everything is work ok except that when I try to add external network to the router gataway interface on the external network is a Status Down. I can ping local interface on router via namespaces and VM get IP but can't ping router external gw interface outside (from internet).

I have exactly the same issue. With 3 machines - controler, network and compute node. The local network is a ok VM get IP, and i can ping them but external network interface GW 95.214.x.x is listed as Status DOWN.

quantum net-list

+--------------------------------------+---------------+--------------------------------------------------------+ | id | name | subnets |

+--------------------------------------+---------------+--------------------------------------------------------+ +---------------------------+--------------------------------------+ | 8c2d3c27-6f5c-4b40-9db7-5aa8bcc9335e | StudioWeb_INT | 364e67ef-ce7c-4649-aeeb-c15f4483c3f8 10.1.1.0/24 | | d1eccd72-cd5a-4532-8cc8-c6c4ffdd8bff | StudioWeb_EXT | a025b78b-264c-4961-9b6d-79782364c105 95.169.x.x/26 |

quantum net-show d1eccd72-cd5a-4532-8cc8-c6c4ffdd8bff +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | True | | id | d1eccd72-cd5a-4532-8cc8-c6c4ffdd8bff | | name | StudioWeb_EXT | | provider:network_type | gre | | provider:physical_network | | | provider:segmentation_id | 2 | | router:external | True | | shared | False | | status | ACTIVE | | subnets | a025b78b-264c-4961-9b6d-79782364c105 | | tenant_id | f73d5c7c26cd4f24aef990928fbb68b3 | +---------------------------+--------------------------------------+

quantum router-list

+--------------------------------------+------------------+--------------------------------------------------------+ | id | name | external_gateway_info |

+--------------------------------------+------------------+--------------------------------------------------------+ | e090b0c8-ab49-4ae7-a7f8-91c8eb0b7789 | StudioWeb_Router | {"network_id": "d1eccd72-cd5a-4532-8cc8-c6c4ffdd8bff"} |

+--------------------------------------+------------------+--------------------------------------------------------+

quantum router-show StudioWeb_Router

+-----------------------+--------------------------------------------------------+ | Field | Value |

+-----------------------+--------------------------------------------------------+ | admin_state_up | True | | external_gateway_info | {"network_id": "d1eccd72-cd5a-4532-8cc8-c6c4ffdd8bff"} | | id | e090b0c8-ab49-4ae7-a7f8-91c8eb0b7789 | | name | StudioWeb_Router | | routes | | | status | ACTIVE | | tenant_id | aecab2512ceb4083a591bea7a7f2c89f |

+-----------------------+--------------------------------------------------------+

quantum port-list

+--------------------------------------+------+-------------------+---------------------------------------------------------------------------------------+ | id | name | mac_address | fixed_ips |

+--------------------------------------+------+-------------------+---------------------------------------------------------------------------------------+ | 51db3736-e34c-4283-8075-947e439fe144 | | fa:16:3e:62:64:3d | {"subnet_id": "a025b78b-264c-4961-9b6d-79782364c105", "ip_address": "95.169.x.x"} | | 58d87d7a-57a7-4993-a429-b827e9b82cbc | | fa:16:3e:17:56:6e | {"subnet_id": "364e67ef-ce7c-4649-aeeb-c15f4483c3f8", "ip_address": "10.1.1.1"} | | c1845d95-f71d-492a-9edc-02f24e962535 | | fa:16:3e:0d:dd:c0 | {"subnet_id": "364e67ef-ce7c-4649-aeeb-c15f4483c3f8", "ip_address": "10.1.1.3"} |

+--------------------------------------+------+-------------------+---------------------------------------------------------------------------------------+

quantum port-show 51db3736-e34c-4283-8075-947e439fe144

+----------------------+---------------------------------------------------------------------------------------+ | Field | Value |

+----------------------+---------------------------------------------------------------------------------------+ [...] | admin_state_up | True | | binding:capabilities | {"port_filter": false} | | binding:vif_type | ovs | | device_id | e090b0c8-ab49-4ae7-a7f8-91c8eb0b7789 | | device_owner | network:router_gateway | | fixed_ips | {"subnet_id": "a025b78b-264c-4961-9b6d-79782364c105", "ip_address": "95.169.214.118"} | | id | 51db3736-e34c-4283-8075-947e439fe144 | | mac_address | fa:16:3e:62:64:3d | | name | | | network_id | d1eccd72-cd5a-4532-8cc8-c6c4ffdd8bff | | status | DOWN | | tenant_id | |

— Reply to this email directly or view it on GitHubhttps://github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/issues/39 .

Best regards,

Bilel Msekni | IT Engineer Mobile: +33 6 49 52 42 17

hrushig commented 11 years ago

troubleshooting tips:

  1. Ext NIC settings – no ip on the logical and might like to assign ip on br-ex. Typically, looks like:

VM Internet Access

auto eth2

iface eth2 inet manual

up ifconfig $IFACE 0.0.0.0 up

up ip link set $IFACE promisc on

down ip link set $IFACE promisc off

down ifconfig $IFACE down

auto br-ex

iface br-ex inet static

address 192.168.100.52

netmask 255.255.255.0

  1.  All artificial bridges on all the nodes (br-ex, br-int, br-tun) needs to up and running (must add in interfaces to ensure it is UP on reboot)
  2.  If using vmware/virtualization, promiscuous setting to Accept on the vSwitch

Cheers ~hrushi

On Apr 27, 2013, at 12:35 AM, "SkiBLE" notifications@github.com<mailto:notifications@github.com> wrote:

If the status is down, it's ok cause i have the same situation here. I had the same problem so i rebooted my network node and everything seemed to be fixed !

Can you try that ?

2013/4/27 Mandalavandalz notifications@github.com<mailto:notifications@github.com>

Hi, everything is work ok except that when I try to add external network to the router gataway interface on the external network is a Status Down. I can ping local interface on router via namespaces and VM get IP but can't ping router external gw interface outside (from internet).

I have exactly the same issue. With 3 machines - controler, network and compute node. The local network is a ok VM get IP, and i can ping them but external network interface GW 95.214.x.x is listed as Status DOWN.

quantum net-list

+--------------------------------------+---------------+--------------------------------------------------------+ | id | name | subnets |

+--------------------------------------+---------------+--------------------------------------------------------+ +---------------------------+--------------------------------------+ | 8c2d3c27-6f5c-4b40-9db7-5aa8bcc9335e | StudioWeb_INT | 364e67ef-ce7c-4649-aeeb-c15f4483c3f8 10.1.1.0/24 | | d1eccd72-cd5a-4532-8cc8-c6c4ffdd8bff | StudioWeb_EXT | a025b78b-264c-4961-9b6d-79782364c105 95.169.x.x/26 |

quantum net-show d1eccd72-cd5a-4532-8cc8-c6c4ffdd8bff +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | True | | id | d1eccd72-cd5a-4532-8cc8-c6c4ffdd8bff | | name | StudioWeb_EXT | | provider:network_type | gre | | provider:physical_network | | | provider:segmentation_id | 2 | | router:external | True | | shared | False | | status | ACTIVE | | subnets | a025b78b-264c-4961-9b6d-79782364c105 | | tenant_id | f73d5c7c26cd4f24aef990928fbb68b3 | +---------------------------+--------------------------------------+

quantum router-list

+--------------------------------------+------------------+--------------------------------------------------------+ | id | name | external_gateway_info |

+--------------------------------------+------------------+--------------------------------------------------------+ | e090b0c8-ab49-4ae7-a7f8-91c8eb0b7789 | StudioWeb_Router | {"network_id": "d1eccd72-cd5a-4532-8cc8-c6c4ffdd8bff"} |

+--------------------------------------+------------------+--------------------------------------------------------+

quantum router-show StudioWeb_Router

+-----------------------+--------------------------------------------------------+ | Field | Value |

+-----------------------+--------------------------------------------------------+ | admin_state_up | True | | external_gateway_info | {"network_id": "d1eccd72-cd5a-4532-8cc8-c6c4ffdd8bff"} | | id | e090b0c8-ab49-4ae7-a7f8-91c8eb0b7789 | | name | StudioWeb_Router | | routes | | | status | ACTIVE | | tenant_id | aecab2512ceb4083a591bea7a7f2c89f |

+-----------------------+--------------------------------------------------------+

quantum port-list

+--------------------------------------+------+-------------------+---------------------------------------------------------------------------------------+ | id | name | mac_address | fixed_ips |

+--------------------------------------+------+-------------------+---------------------------------------------------------------------------------------+ | 51db3736-e34c-4283-8075-947e439fe144 | | fa:16:3e:62:64:3d | {"subnet_id": "a025b78b-264c-4961-9b6d-79782364c105", "ip_address": "95.169.x.x"} | | 58d87d7a-57a7-4993-a429-b827e9b82cbc | | fa:16:3e:17:56:6e | {"subnet_id": "364e67ef-ce7c-4649-aeeb-c15f4483c3f8", "ip_address": "10.1.1.1"} | | c1845d95-f71d-492a-9edc-02f24e962535 | | fa:16:3e:0d:dd:c0 | {"subnet_id": "364e67ef-ce7c-4649-aeeb-c15f4483c3f8", "ip_address": "10.1.1.3"} |

+--------------------------------------+------+-------------------+---------------------------------------------------------------------------------------+

quantum port-show 51db3736-e34c-4283-8075-947e439fe144

+----------------------+---------------------------------------------------------------------------------------+ | Field | Value |

+----------------------+---------------------------------------------------------------------------------------+ [...] | admin_state_up | True | | binding:capabilities | {"port_filter": false} | | binding:vif_type | ovs | | device_id | e090b0c8-ab49-4ae7-a7f8-91c8eb0b7789 | | device_owner | network:router_gateway | | fixed_ips | {"subnet_id": "a025b78b-264c-4961-9b6d-79782364c105", "ip_address": "95.169.214.118"} | | id | 51db3736-e34c-4283-8075-947e439fe144 | | mac_address | fa:16:3e:62:64:3d | | name | | | network_id | d1eccd72-cd5a-4532-8cc8-c6c4ffdd8bff | | status | DOWN | | tenant_id | |

— Reply to this email directly or view it on GitHubhttps://github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/issues/39 .

Best regards,

Bilel Msekni | IT Engineer Mobile: +33 6 49 52 42 17

— Reply to this email directly or view it on GitHubhttps://github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/issues/39#issuecomment-17112039.

Mandalavandalz commented 11 years ago

Actually I see this in the log file of ovs when I add ext gw: netdev_linux|INFO|ioctl(SIOCGIFHWADDR) on qg-33eaf07c-0e device failed: No such device So i think it is namespaces issue maby.

Mandalavandalz commented 11 years ago

hrushig I think it is from promiscuous mode because i have: device br-int entered promiscuous mode [ 7.837734] device br-tun entered promiscuous mode [ 7.838056] device br-ex entered promiscuous mode [ 7.840779] device qr-baad9045-01 entered promiscuous mode [ 7.844777] device qg-33eaf07c-0e entered promiscuous mode [ 7.934350] skge 0000:05:01.0 eth0: Link is up at 100 Mbps, full duplex, flow control none [ 7.934365] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 8.492482] device br-tun left promiscuous mode [ 8.605615] device br-tun entered promiscuous mode

So how can I add promiscuous mode accept in openvswitch config?

Mandalavandalz commented 11 years ago

Ok. When I reboot network node it was working then I reinstall all quantum configuration again on all machines and it stop working :). Something is generaly wrong hire.

Mandalavandalz commented 11 years ago

I made it by adding ovs-vsctl add-port br-ex eth2 in rc.local evereything is ok now with router ext interface i have ping from outside and from itself but now when I run instance and asociate floating ip from openstack dashboard (i was trying and with quantum command line) i can't ping floating IP from internet and from host. Actualy i can't see floating ip in namespaces:

ip netns exec qrouter-c757416f-f4d0-4acf-88fd-86322df2adb4 ifconfig lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:4 errors:0 dropped:0 overruns:0 frame:0 TX packets:4 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:336 (336.0 B) TX bytes:336 (336.0 B)

qg-295565c9-a7 Link encap:Ethernet HWaddr fa:16:3e:fd:8c:56 inet addr:95.169.xxx.xxx Bcast:95.169.214.127 Mask:255.255.255.192 inet6 addr: fe80::f816:3eff:fefd:8c56/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3022 errors:0 dropped:0 overruns:0 frame:0 TX packets:47 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1025029 (1.0 MB) TX bytes:3353 (3.3 KB)

qr-9a060989-91 Link encap:Ethernet HWaddr fa:16:3e:55:bf:af inet addr:10.1.1.1 Bcast:10.1.1.255 Mask:255.255.255.0 inet6 addr: fe80::f816:3eff:fe55:bfaf/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:144 errors:0 dropped:0 overruns:0 frame:0 TX packets:63 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:32375 (32.3 KB) TX bytes:6169 (6.1 KB)

That one interface qg-295565c9-a7 is a router IP

maller commented 11 years ago

i have a similar problem, i can ping my instances from the networknode but from other Nodes in the external Network i can't ping the instances.

external network: 10.123.4.xxx networknode 10.123.4.103 computenode 10.123.4.102 controlnode 10.123.4.101

quantum router project_one_router 10.123.4.130 externalgw 10.5.5.1 internal project_two_router 10.123.4.133 externalgw 10.6.6.1 internal

quantum network project_one 10.5.5.0/24 project_two 10.6.6.0/24

floatingIPS instance1 10.123.4.132 instance2 10.123.4.134

From the networknode can i connect with ssh to the instances. From the Instances can i ping the internal and externalGW from the project router and the networknode, but i can't ping to other IPs from the external network.

The externalGateway hast the status DOWN. I have restart my networknode but no change. The br-int,br-ex, br-tun are up.

where could be the problem?

bilelmsekni commented 11 years ago

First check out your VM log to verify if your VM is getting an IP address ( probably Yes in your case) and talking to metadata server.

Second, the namespace is set to true, so expect that you need to set the namespace before you ping the VM directly using its private IP.

Finally, Give the VM a floating IP and see if you can ping it !

2013/4/30 Oliver Müller notifications@github.com

i have a similar problem, i can ping my instances from the networknode but from other Nodes in the external Network i can't ping the instances.

external network: 10.123.4.xxx networknode 10.123.4.103 computenode 10.123.4.102 controlnode 10.123.4.101

quantum router project_one_router 10.123.4.130 externalgw 10.5.5.1 internal project_two_router 10.123.4.133 externalgw 10.6.6.1 internal

quantum network project_one 10.5.5.0/24 project_two 10.6.6.0/24

floatingIPS instance1 10.123.4.132 instance2 10.123.4.134

From the networknode can i connect with ssh to the instances. From the Instances can i ping the internal and externalGW from the project router and the networknode, but i can't ping to other IPs from the external network.

The externalGateway hast the status DOWN. I have restart my networknode but no change. The br-int,br-ex, br-tun are up.

where could be the problem?

— Reply to this email directly or view it on GitHubhttps://github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/issues/39#issuecomment-17226591 .

Best regards,

Bilel Msekni | IT Engineer Mobile: +33 6 49 52 42 17

maller commented 11 years ago

The VM logs are empty, i don't use a UEC Image, i have installed a Oracle Linux from a ISO. The namespace in the L3_agent.ini is True. I can ping the floatingIP from the networknode only.

I have a error in the dhcp_agent.log 2013-04-30 15:54:59 ERROR [quantum.agent.dhcp_agent] Unable to sync network state. Stdout: '' Stderr: 'sudo: no tty present and no askpass program specified

bilelmsekni commented 11 years ago

You can alter the quantum rootwrap in /etc/sudoers.d to give it full access like this: quantum ALL=NOPASSWD: ALL

that should fix your problems.

rubber-ant commented 11 years ago

I have the same problem so after last comment dhcp_agent.log is empty ;) it will better to add https://github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/blob/OVS_MultiNode/OpenStack_Grizzly_Install_Guide.rst#35-quantum

ghost commented 9 years ago

I had a similar problem , i had a issue with promiscuous setting in VSWITCH . Thanks a lot hrushig