Can't ssh/ping my Windows instance

Asked by pet on 2011-08-08

I am setting up an all-in-one (single node) OpenStack compute cloud and I am new to this. I set my network as FlatDHCPManager mode and the first ubuntu instance is up and running well. (I follow the instructions through here http://wiki.openstack.org/GettingImages) When I try to create a Windows instance, the Windows XP instance could be up and running fine. But I can't ssh/ping to the instance at all. I follow the document listed here http://docs.openstack.org/cactus/openstack-compute/admin/content/creating-a-windows-image.html to create a Windows image. And I can vncview connect to the Windows XP and set up the applications & turn on the RDP ok. Just that I could not ssh/ping to the instance after I use euca-run-instance to boot the Windows instance. Is there any step I missed or the network setting was incorrect? Is there anyone who can give me some directions? Here is the nova configuration:

--dhcpbridge_flagfile=/etc/nova/nova.conf
--dhcpbridge=/usr/bin/nova-dhcpbridge
--logdir=/var/log/nova
--state_path=/var/lib/nova
--lock_path=/var/lock/nova
--verbose
--s3_host=172.18.2.238
--rabbit_host=192.168.0.1
--cc_host=192.168.0.1
--ec2_url=http://172.18.2.238:8773/services/Cloud
--FAKE_subdomain=ec2
--routing_source_ip=192.168.0.1
--sql_connection=mysql://root:111111@172.18.2.238/nova
--glance_host=192.168.0.1
--image_service=nova.image.glance.GlanceImageService
--flat_interface=eth1
--network_manager=nova.network.manager.FlatDHCPManager
--flat_network_dhcp_start=192.168.0.2
--flat_injected=False
--iscsi_ip_prefix=192.168.0
--use_ipv6=false

# euca-describe-instances
RESERVATION r-v0j55ny4 mycloud default
INSTANCE i-00000002 ami-00000002 172.18.2.229 192.168.0.3 running key (mycloud, openstack) 0 m1.small 2011-07-22T06:51:00Z nova
RESERVATION r-trm3r969 mycloud default
INSTANCE i-00000009 ami-00000004 192.168.0.2 192.168.0.2 running key (mycloud, openstack) 0 m1.small 2011-08-08T08:17:16Z nova

Among the above instances, the instance 2 could be connected alright. But not the instance 9.

And my dnsmasq processes are up and running:
nobody 1334 1 0 14:34 ? 00:00:00 dnsmasq --strict-order --bind-interfaces --pid-file=/var/run/libvirt/network/default.pid --conf-file= --except-interface lo --listen-address 192.168.122.1 --dhcp-range 192.168.122.2,192.168.122.254 --dhcp-lease-max=253 --dhcp-no-override
nobody 2156 1 0 14:34 ? 00:00:00 dnsmasq --strict-order --bind-interfaces --conf-file= --domain=novalocal --pid-file=/var/lib/nova/networks/nova-br100.pid --listen-address=192.168.0.1 --except-interface=lo --dhcp-range=192.168.0.2,static,120s --dhcp-hostsfile=/var/lib/nova/networks/nova-br100.conf --dhcp-script=/usr/bin/nova-dhcpbridge --leasefile-ro
root 2157 2156 0 14:34 ? 00:00:00 dnsmasq --strict-order --bind-interfaces --conf-file= --domain=novalocal --pid-file=/var/lib/nova/networks/nova-br100.pid --listen-address=192.168.0.1 --except-interface=lo --dhcp-range=192.168.0.2,static,120s --dhcp-hostsfile=/var/lib/nova/networks/nova-br100.conf --dhcp-script=/usr/bin/nova-dhcpbridge --leasefile-ro
root 6408 5117 0 17:11 pts/2 00:00:00 grep --color=auto dns

Here is the # ifconfig
br100 Link encap:Ethernet HWaddr 00:15:17:8a:7e:9c
          inet addr:192.168.0.1 Bcast:192.168.255.255 Mask:255.255.0.0
          inet6 addr: fe80::215:17ff:fe8a:7e9c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:615 errors:0 dropped:0 overruns:0 frame:0
          TX packets:924 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:90532 (90.5 KB) TX bytes:137559 (137.5 KB)

eth0 Link encap:Ethernet HWaddr 00:22:19:06:41:7f
          inet addr:172.18.2.238 Bcast:172.18.3.255 Mask:255.255.252.0
          inet6 addr: fe80::222:19ff:fe06:417f/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:5787816 errors:0 dropped:948 overruns:0 frame:0
          TX packets:2995721 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:4747451857 (4.7 GB) TX bytes:212518968 (212.5 MB)
          Interrupt:16 Memory:f8000000-f8012800

eth1 Link encap:Ethernet HWaddr 00:15:17:8a:7e:9c
          UP BROADCAST MULTICAST MTU:1500 Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
          Interrupt:18 Memory:fc5e0000-fc600000

eth2 Link encap:Ethernet HWaddr 00:15:17:8a:7e:9d
          UP BROADCAST MULTICAST MTU:1500 Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
          Interrupt:19 Memory:fc5a0000-fc5c0000

lo Link encap:Local Loopback
          inet addr:127.0.0.1 Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING MTU:16436 Metric:1
          RX packets:3473150 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3473150 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:288835207 (288.8 MB) TX bytes:288835207 (288.8 MB)

virbr0 Link encap:Ethernet HWaddr 86:8b:32:41:00:f7
          inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:98 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B) TX bytes:7738 (7.7 KB)

vnet0 Link encap:Ethernet HWaddr fe:16:3e:66:5f:27
          inet6 addr: fe80::fc16:3eff:fe66:5f27/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:692 errors:0 dropped:0 overruns:0 frame:0
          TX packets:795 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500
          RX bytes:105772 (105.7 KB) TX bytes:125100 (125.1 KB)

vnet1 Link encap:Ethernet HWaddr fe:16:3e:44:fc:24
          inet6 addr: fe80::fc16:3eff:fe44:fc24/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:90 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500
          RX bytes:0 (0.0 B) TX bytes:8860 (8.8 KB)

And the firewalll settings are listed
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
nova-compute-INPUT all -- anywhere anywhere
nova-network-INPUT all -- anywhere anywhere
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:bootps

Chain FORWARD (policy ACCEPT)
target prot opt source destination
nova-filter-top all -- anywhere anywhere
nova-compute-FORWARD all -- anywhere anywhere
nova-network-FORWARD all -- anywhere anywhere
ACCEPT all -- anywhere 192.168.122.0/24 state RELATED,ESTABLISHED
ACCEPT all -- 192.168.122.0/24 anywhere
ACCEPT all -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
nova-filter-top all -- anywhere anywhere
nova-compute-OUTPUT all -- anywhere anywhere
nova-network-OUTPUT all -- anywhere anywhere

Chain nova-compute-FORWARD (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere

Chain nova-compute-INPUT (1 references)
target prot opt source destination

Chain nova-compute-OUTPUT (1 references)
target prot opt source destination

Chain nova-compute-inst-2 (1 references)
target prot opt source destination
DROP all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- openstackYH1.local anywhere udp spt:bootps dpt:bootpc
ACCEPT all -- 192.168.0.0/25 anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:3389
nova-compute-sg-fallback all -- anywhere anywhere

Chain nova-compute-inst-9 (1 references)
target prot opt source destination
DROP all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- openstackYH1.local anywhere udp spt:bootps dpt:bootpc
ACCEPT all -- 192.168.0.0/25 anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:3389
nova-compute-sg-fallback all -- anywhere anywhere

Chain nova-compute-local (1 references)
target prot opt source destination
nova-compute-inst-9 all -- anywhere 192.168.0.2
nova-compute-inst-2 all -- anywhere 192.168.0.3

Chain nova-compute-sg-fallback (2 references)
target prot opt source destination
DROP all -- anywhere anywhere

Chain nova-filter-top (2 references)
target prot opt source destination
nova-compute-local all -- anywhere anywhere
nova-network-local all -- anywhere anywhere

Chain nova-network-FORWARD (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere

Chain nova-network-INPUT (1 references)
target prot opt source destination

Chain nova-network-OUTPUT (1 references)
target prot opt source destination

Chain nova-network-local (1 references)
target prot opt source destination

Question information

Language:
English Edit question
Status:
Solved
For:
OpenStack Compute (nova) Edit question
Assignee:
No assignee Edit question
Solved by:
pet
Solved:
2011-08-10
Last query:
2011-08-10
Last reply:
2011-08-08
Vish Ishaya (vishvananda) said : #1

Ping is often blocked by the windows firewall. If that is not it, you should check in vnc if the windows instance has received the correct ip. If not, try a ipconfig /release ipconfig /renew to see if it gets it.

Vish

On Aug 8, 2011, at 2:21 AM, pet wrote:

> New question #167297 on OpenStack Compute (nova):
> https://answers.launchpad.net/nova/+question/167297
>
> I am setting up an all-in-one (single node) OpenStack compute cloud and I am new to this. I set my network as FlatDHCPManager mode and the first ubuntu instance is up and running well. (I follow the instructions through here http://wiki.openstack.org/GettingImages) When I try to create a Windows instance, the Windows XP instance could be up and running fine. But I can't ssh/ping to the instance at all. I follow the document listed here http://docs.openstack.org/cactus/openstack-compute/admin/content/creating-a-windows-image.html to create a Windows image. And I can vncview connect to the Windows XP and set up the applications & turn on the RDP ok. Just that I could not ssh/ping to the instance after I use euca-run-instance to boot the Windows instance. Is there any step I missed or the network setting was incorrect? Is there anyone who can give me some directions? Here is the nova configuration:
>
> --dhcpbridge_flagfile=/etc/nova/nova.conf
> --dhcpbridge=/usr/bin/nova-dhcpbridge
> --logdir=/var/log/nova
> --state_path=/var/lib/nova
> --lock_path=/var/lock/nova
> --verbose
> --s3_host=172.18.2.238
> --rabbit_host=192.168.0.1
> --cc_host=192.168.0.1
> --ec2_url=http://172.18.2.238:8773/services/Cloud
> --FAKE_subdomain=ec2
> --routing_source_ip=192.168.0.1
> --sql_connection=mysql://root:111111@172.18.2.238/nova
> --glance_host=192.168.0.1
> --image_service=nova.image.glance.GlanceImageService
> --flat_interface=eth1
> --network_manager=nova.network.manager.FlatDHCPManager
> --flat_network_dhcp_start=192.168.0.2
> --flat_injected=False
> --iscsi_ip_prefix=192.168.0
> --use_ipv6=false
>
> # euca-describe-instances
> RESERVATION r-v0j55ny4 mycloud default
> INSTANCE i-00000002 ami-00000002 172.18.2.229 192.168.0.3 running key (mycloud, openstack) 0 m1.small 2011-07-22T06:51:00Z nova
> RESERVATION r-trm3r969 mycloud default
> INSTANCE i-00000009 ami-00000004 192.168.0.2 192.168.0.2 running key (mycloud, openstack) 0 m1.small 2011-08-08T08:17:16Z nova
>
> Among the above instances, the instance 2 could be connected alright. But not the instance 9.
>
> And my dnsmasq processes are up and running:
> nobody 1334 1 0 14:34 ? 00:00:00 dnsmasq --strict-order --bind-interfaces --pid-file=/var/run/libvirt/network/default.pid --conf-file= --except-interface lo --listen-address 192.168.122.1 --dhcp-range 192.168.122.2,192.168.122.254 --dhcp-lease-max=253 --dhcp-no-override
> nobody 2156 1 0 14:34 ? 00:00:00 dnsmasq --strict-order --bind-interfaces --conf-file= --domain=novalocal --pid-file=/var/lib/nova/networks/nova-br100.pid --listen-address=192.168.0.1 --except-interface=lo --dhcp-range=192.168.0.2,static,120s --dhcp-hostsfile=/var/lib/nova/networks/nova-br100.conf --dhcp-script=/usr/bin/nova-dhcpbridge --leasefile-ro
> root 2157 2156 0 14:34 ? 00:00:00 dnsmasq --strict-order --bind-interfaces --conf-file= --domain=novalocal --pid-file=/var/lib/nova/networks/nova-br100.pid --listen-address=192.168.0.1 --except-interface=lo --dhcp-range=192.168.0.2,static,120s --dhcp-hostsfile=/var/lib/nova/networks/nova-br100.conf --dhcp-script=/usr/bin/nova-dhcpbridge --leasefile-ro
> root 6408 5117 0 17:11 pts/2 00:00:00 grep --color=auto dns
>
> Here is the # ifconfig
> br100 Link encap:Ethernet HWaddr 00:15:17:8a:7e:9c
> inet addr:192.168.0.1 Bcast:192.168.255.255 Mask:255.255.0.0
> inet6 addr: fe80::215:17ff:fe8a:7e9c/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:615 errors:0 dropped:0 overruns:0 frame:0
> TX packets:924 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:90532 (90.5 KB) TX bytes:137559 (137.5 KB)
>
> eth0 Link encap:Ethernet HWaddr 00:22:19:06:41:7f
> inet addr:172.18.2.238 Bcast:172.18.3.255 Mask:255.255.252.0
> inet6 addr: fe80::222:19ff:fe06:417f/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:5787816 errors:0 dropped:948 overruns:0 frame:0
> TX packets:2995721 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:4747451857 (4.7 GB) TX bytes:212518968 (212.5 MB)
> Interrupt:16 Memory:f8000000-f8012800
>
> eth1 Link encap:Ethernet HWaddr 00:15:17:8a:7e:9c
> UP BROADCAST MULTICAST MTU:1500 Metric:1
> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
> Interrupt:18 Memory:fc5e0000-fc600000
>
> eth2 Link encap:Ethernet HWaddr 00:15:17:8a:7e:9d
> UP BROADCAST MULTICAST MTU:1500 Metric:1
> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
> Interrupt:19 Memory:fc5a0000-fc5c0000
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> inet6 addr: ::1/128 Scope:Host
> UP LOOPBACK RUNNING MTU:16436 Metric:1
> RX packets:3473150 errors:0 dropped:0 overruns:0 frame:0
> TX packets:3473150 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:288835207 (288.8 MB) TX bytes:288835207 (288.8 MB)
>
> virbr0 Link encap:Ethernet HWaddr 86:8b:32:41:00:f7
> inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> TX packets:98 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:0 (0.0 B) TX bytes:7738 (7.7 KB)
>
> vnet0 Link encap:Ethernet HWaddr fe:16:3e:66:5f:27
> inet6 addr: fe80::fc16:3eff:fe66:5f27/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:692 errors:0 dropped:0 overruns:0 frame:0
> TX packets:795 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:500
> RX bytes:105772 (105.7 KB) TX bytes:125100 (125.1 KB)
>
> vnet1 Link encap:Ethernet HWaddr fe:16:3e:44:fc:24
> inet6 addr: fe80::fc16:3eff:fe44:fc24/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> TX packets:90 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:500
> RX bytes:0 (0.0 B) TX bytes:8860 (8.8 KB)
>
>
>
> And the firewalll settings are listed
> # iptables -L
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
> nova-compute-INPUT all -- anywhere anywhere
> nova-network-INPUT all -- anywhere anywhere
> ACCEPT udp -- anywhere anywhere udp dpt:domain
> ACCEPT tcp -- anywhere anywhere tcp dpt:domain
> ACCEPT udp -- anywhere anywhere udp dpt:bootps
> ACCEPT tcp -- anywhere anywhere tcp dpt:bootps
>
> Chain FORWARD (policy ACCEPT)
> target prot opt source destination
> nova-filter-top all -- anywhere anywhere
> nova-compute-FORWARD all -- anywhere anywhere
> nova-network-FORWARD all -- anywhere anywhere
> ACCEPT all -- anywhere 192.168.122.0/24 state RELATED,ESTABLISHED
> ACCEPT all -- 192.168.122.0/24 anywhere
> ACCEPT all -- anywhere anywhere
> REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
> REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
>
> Chain OUTPUT (policy ACCEPT)
> target prot opt source destination
> nova-filter-top all -- anywhere anywhere
> nova-compute-OUTPUT all -- anywhere anywhere
> nova-network-OUTPUT all -- anywhere anywhere
>
> Chain nova-compute-FORWARD (1 references)
> target prot opt source destination
> ACCEPT all -- anywhere anywhere
> ACCEPT all -- anywhere anywhere
>
> Chain nova-compute-INPUT (1 references)
> target prot opt source destination
>
> Chain nova-compute-OUTPUT (1 references)
> target prot opt source destination
>
> Chain nova-compute-inst-2 (1 references)
> target prot opt source destination
> DROP all -- anywhere anywhere state INVALID
> ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
> ACCEPT udp -- openstackYH1.local anywhere udp spt:bootps dpt:bootpc
> ACCEPT all -- 192.168.0.0/25 anywhere
> ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
> ACCEPT icmp -- anywhere anywhere
> ACCEPT tcp -- anywhere anywhere tcp dpt:3389
> nova-compute-sg-fallback all -- anywhere anywhere
>
> Chain nova-compute-inst-9 (1 references)
> target prot opt source destination
> DROP all -- anywhere anywhere state INVALID
> ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
> ACCEPT udp -- openstackYH1.local anywhere udp spt:bootps dpt:bootpc
> ACCEPT all -- 192.168.0.0/25 anywhere
> ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
> ACCEPT icmp -- anywhere anywhere
> ACCEPT tcp -- anywhere anywhere tcp dpt:3389
> nova-compute-sg-fallback all -- anywhere anywhere
>
> Chain nova-compute-local (1 references)
> target prot opt source destination
> nova-compute-inst-9 all -- anywhere 192.168.0.2
> nova-compute-inst-2 all -- anywhere 192.168.0.3
>
> Chain nova-compute-sg-fallback (2 references)
> target prot opt source destination
> DROP all -- anywhere anywhere
>
> Chain nova-filter-top (2 references)
> target prot opt source destination
> nova-compute-local all -- anywhere anywhere
> nova-network-local all -- anywhere anywhere
>
> Chain nova-network-FORWARD (1 references)
> target prot opt source destination
> ACCEPT all -- anywhere anywhere
> ACCEPT all -- anywhere anywhere
>
> Chain nova-network-INPUT (1 references)
> target prot opt source destination
>
> Chain nova-network-OUTPUT (1 references)
> target prot opt source destination
>
> Chain nova-network-local (1 references)
> target prot opt source destination
>
>
> --
> You received this question notification because you are a member of Nova
> Core, which is an answer contact for OpenStack Compute (nova).

pet (musicholic) said : #2

I only installed the remote desktop on it, but I forgot to turn off the filrewall. The problem is solved! Thank you!