CentOS

Possible routing issue: Cannot get VM access outside

Asked by Mehmet

Hi guys,

I am trying to get quantum working with Grizzly on my single node POC environment.

My issue is VMs cannot access outside network.

I have 2 interface on the host

em1 with IP
em2 without IP for br-ex

I have Openvswitch + dhcp + l3 agents running

I have one interface on the VM with DHCP. DNS look ups also don't work on the VMs. I am able to ping Host public IPs.

I am able to assign floating IP to VMs and access to it from outside. That works

But I cannot access outside from VMs, no ping, no ssh, no http access.

I am guessing this might be a routing issue within the Openstack host. Maybe routing issue on the subnet I am creating ?

What would be the things I should check to troubleshoot this issue ?

I would appreciate it if you quantum experts can help me and brainstorm on this issue.

Question information

Language:
English Edit question
Status:
Expired
For:
CentOS Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Aaron Rosen (arosen) said : 		#1

I'd guess the issue is on br-ex. If you do a tcpdump there you should be able to figure out what's going on with your traffic. Is your physical router to your external network pool reachable via em2?

Revision history for this message
Mehmet (mtecer) said : 		#2

I moved this configuration to VMware Fusion so I can test it faster. I am still having the same issue.

I suspect, this is something little I am overlooking but no luck on this issue yet.

Problem : My VMs cannot access Internet.

More Info:
No errors in any of the openstack log files, so I know all services are working. Also, I can Create and assign floating IPs from public network with no issues.

I am able to ping External router's public network IP (10.0.1.201) from VM (10.0.5.2).
Also, I am able to ping br-ex's public network IP (10.0.1.100) from VM. (10.0.5.2)
I cannot ping Gateway for 10.0.1.0/24 network, or any other public IP is pingable from VM.

Also I am able to ping VM (10.0.5.2) from OpenStack host.

So outgoing traffic is hosed on VMs by default. This is a CentOS 6.4 server without namespaces. Do I need to create any masquerading anywhere ?

Networks:
External ( public )Network is 10.0.1.0/24
Internal ( internal )Network is 10.0.5.0/24

Server is on 10.0.0.0/24 network. Here is how I created my allinone environment:

ovs-vsctl add-br br-ex
ovs-vsctl add-port br-ex eth1

quantum net-create public --router:external=True
quantum subnet-create public --allocation-pool start=10.0.1.201,end=10.0.1.230 --gateway 10.0.1.2 10.0.1.0/24 -- --enable_dhcp=False

quantum router-gateway-set l3router public

quantum net-create internal
quantum subnet-create internal 10.0.5.0/24

quantum router-interface-add <ROUTER_ID> <SUBNET_ID>

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.5.0 10.0.5.1 255.255.255.0 UG 0 0 0 qr-8fb6eabd-df
10.0.5.0 0.0.0.0 255.255.255.0 U 0 0 0 tapdd99ba29-4a
10.0.5.0 0.0.0.0 255.255.255.0 U 0 0 0 qr-8fb6eabd-df
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.0.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br-ex
10.0.1.0 0.0.0.0 255.255.255.0 U 0 0 0 qg-b65048c8-e6
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1008 0 0 br-int
169.254.0.0 0.0.0.0 255.255.0.0 U 1011 0 0 br-ex
0.0.0.0 10.0.1.2 0.0.0.0 UG 0 0 0 br-ex
0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0 eth0

Services running:

openstack-cinder-api 0:off 1:off 2:on 3:on 4:on 5:on 6:off
openstack-cinder-scheduler 0:off 1:off 2:on 3:on 4:on 5:on 6:off
openstack-cinder-volume 0:off 1:off 2:on 3:on 4:on 5:on 6:off
openstack-glance-api 0:off 1:off 2:on 3:on 4:on 5:on 6:off
openstack-glance-registry 0:off 1:off 2:on 3:on 4:on 5:on 6:off
openstack-keystone 0:off 1:off 2:on 3:on 4:on 5:on 6:off
openstack-nova-api 0:off 1:off 2:on 3:on 4:on 5:on 6:off
openstack-nova-cert 0:off 1:off 2:on 3:on 4:on 5:on 6:off
openstack-nova-compute 0:off 1:off 2:on 3:on 4:on 5:on 6:off
openstack-nova-conductor 0:off 1:off 2:on 3:on 4:on 5:on 6:off
openstack-nova-objectstore 0:off 1:off 2:on 3:on 4:on 5:on 6:off
openstack-nova-scheduler 0:off 1:off 2:on 3:on 4:on 5:on 6:off
openstack-swift-account 0:off 1:off 2:on 3:on 4:on 5:on 6:off
openstack-swift-container 0:off 1:off 2:on 3:on 4:on 5:on 6:off
openstack-swift-object 0:off 1:off 2:on 3:on 4:on 5:on 6:off
openstack-swift-proxy 0:off 1:off 2:on 3:on 4:on 5:on 6:off
openvswitch 0:off 1:off 2:on 3:on 4:on 5:on 6:off
qpidd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
quantum-dhcp-agent 0:off 1:off 2:on 3:on 4:on 5:on 6:off
quantum-l3-agent 0:off 1:off 2:on 3:on 4:on 5:on 6:off
quantum-openvswitch-agent 0:off 1:off 2:on 3:on 4:on 5:on 6:off
quantum-ovs-cleanup 0:off 1:off 2:on 3:on 4:on 5:on 6:off
quantum-server 0:off 1:off 2:on 3:on 4:on 5:on 6:off

- Do I have to alter routing on VM end at all ?

I would really appreciate any help or insights. I been trying to get this working for the last 2 weeks and had no chance so far.

Revision history for this message
Mehmet (mtecer) said : 		#3

Any help you could offer on this virtual networking issue would be great.!

Revision history for this message
Launchpad Janitor (janitor) said : 		#4

This question was expired because it remained in the 'Open' state without activity for the last 15 days.