<div dir="ltr"><div>Thank you Miguel, my openstack is working fine on ESXi. But when I try to do the same things with my openstack installation on real servers it doesn't work. I'm still stuck with br-ex problem and the vlans in which my interfaces are. br-ex can't reach the outside because eth0 is in a vlan. any idea<br></div></div><div class="gmail_extra"><br><div class="gmail_quote">2015-04-17 14:23 GMT+02:00 Miguel Angel Ajo Pelayo <span dir="ltr"><<a href="mailto:mangelajo@redhat.com" target="_blank">mangelajo@redhat.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><div><br></div><div>The traffic shows that neutron is doing the right thing,</div><div><br></div><div>Check that your ESX is not applying any MAC anti spoof on the </div><div>vmware vswitch, it looks like the ARP requests could be blocked at switch level</div><div>since every qrouter is going to have it’s own MAC address (separate from your own</div><div>VM one).</div><div><br></div><div>Otherwise connect other machine to the physical switch on vlan30 and check if</div><div>the ARP requests (it’s broadcast traffic) are arriving to confirm my above theory.</div><div><div class="h5"><div><br></div><div><br></div><br><div><blockquote type="cite"><div>On 17/4/2015, at 13:51, pauline phaure <<a href="mailto:phaurep@gmail.com" target="_blank">phaurep@gmail.com</a>> wrote:</div><br><div><div dir="ltr">i found these lines on the input file of <u><i>tcpdump -e -n -v -v -v -i eth0 <br><br></i></u>192.168.2.72 > <a href="http://10.0.0.4/" target="_blank">10.0.0.4</a>: ICMP host 192.168.2.1 unreachable, length 92<br> 192.168.2.72 > <a href="http://10.0.0.4/" target="_blank">10.0.0.4</a>: ICMP host 192.168.2.1 unreachable, length 92<br> 192.168.2.72 > <a href="http://10.0.0.4/" target="_blank">10.0.0.4</a>: ICMP host 192.168.2.1 unreachable, length 92<br> 192.168.2.72 > <a href="http://10.0.0.4/" target="_blank">10.0.0.4</a>: ICMP host 192.168.2.1 unreachable, length 92<br>11:41:46.661008 fa:16:3e:34:d5:6e > Broadcast, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.2.1 tell 192.168.2.72, length 28<br>11:41:47.663307 fa:16:3e:34:d5:6e > Broadcast, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.2.1 tell 192.168.2.72, length 28<br>11:41:48.665301 fa:16:3e:34:d5:6e > Broadcast, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.2.1 tell 192.168.2.72, length 28<br><u><i><br></i></u></div><div class="gmail_extra"><br><div class="gmail_quote">2015-04-17 11:52 GMT+02:00 pauline phaure <span dir="ltr"><<a href="mailto:phaurep@gmail.com" target="_blank">phaurep@gmail.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">hey Miguel, thank you for your response, plz found below the output of the commands:<br><br><br> <u>ip netns exec qrouter-f7194985-eb13-41bf-8158-f0e78fc932c4 ip a</u><br>1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN<br> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00<br> inet <a href="http://127.0.0.1/8" target="_blank">127.0.0.1/8</a> scope host lo<br> valid_lft forever preferred_lft forever<br> inet6 ::1/128 scope host<br> valid_lft forever preferred_lft forever<br>12: qr-207805ae-39: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN<br> link/ether fa:16:3e:1c:62:a8 brd ff:ff:ff:ff:ff:ff<br> inet <a href="http://10.0.0.1/24" target="_blank">10.0.0.1/24</a> brd 10.0.0.255 scope global qr-207805ae-39<br> valid_lft forever preferred_lft forever<br> inet6 fe80::f816:3eff:fe1c:62a8/64 scope link<br> valid_lft forever preferred_lft forever<br>13: qg-52b4d686-58: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN<br> link/ether fa:16:3e:34:d5:6e brd ff:ff:ff:ff:ff:ff<br> inet <a href="http://192.168.2.70/24" target="_blank">192.168.2.70/24</a> brd 192.168.2.255 scope global qg-52b4d686-58<br> valid_lft forever preferred_lft forever<br> inet <b><a href="http://192.168.2.72/32" target="_blank">192.168.2.72/32</a></b> brd 192.168.2.72 scope global <b><font size="4"><u>qg-52b4d686-58</u></font></b><br> valid_lft forever preferred_lft forever<br> inet6 fe80::f816:3eff:fe34:d56e/64 scope link<br> valid_lft forever preferred_lft forever<br><br><br><u><b>ip netns exec qrouter-f7194985-eb13-41bf-8158-f0e78fc932c4 tcpdump -e -n -v -v -v -i qg-52b4d686-58</b></u><br><br>equest who-has 192.168.2.1 tell 192.168.2.72, length 28<br>11:49:19.705378 fa:16:3e:34:d5:6e > Broadcast, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.2.1 tell 192.168.2.72, length 28<br>11:49:20.707292 fa:16:3e:34:d5:6e > Broadcast, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.2.1 tell 192.168.2.72, length 28<br>11:49:22.706910 fa:16:3e:34:d5:6e > Broadcast, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.2.1 tell 192.168.2.72, length 28<br>11:49:23.707412 fa:16:3e:34:d5:6e > Broadcast, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.2.1 tell 192.168.2.72, length 28<br>11:49:24.709292 fa:16:3e:34:d5:6e > Broadcast, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.2.1 tell 192.168.2.72, length 28<br>11:49:26.710264 fa:16:3e:34:d5:6e > Broadcast, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.2.1 tell 192.168.2.72, length 28<br>11:49:27.711297 fa:16:3e:34:d5:6e > Broadcast, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.2.1 tell 192.168.2.72, length 28<br>11:49:28.002005 00:23:48:9e:85:7c > Broadcast, ethertype ARP (0x0806), length 60: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.2.42 (Broadcast) tell 192.168.2.1, length 46<br>11:49:28.002064 fa:16:3e:34:d5:6e > 00:23:48:9e:85:7c, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 63, id 58298, offset 0, flags [DF], proto ICMP (1), length 84)<br> 192.168.2.72 > <a href="http://192.168.2.1/" target="_blank">192.168.2.1</a>: ICMP echo request, id 19201, seq 494, length 64<br>11:49:28.002079 fa:16:3e:34:d5:6e > 00:23:48:9e:85:7c, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 63, id 58299, offset 0, flags [DF], proto ICMP (1), length 84)<br> 192.168.2.72 > <a href="http://192.168.2.1/" target="_blank">192.168.2.1</a>: ICMP echo request, id 19201, seq 495, length 64<br>11:49:28.040439 00:23:48:9e:85:7c > Broadcast, ethertype ARP (0x0806), length 60: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.2.5 (Broadcast) tell 192.168.2.1, length 46<br>11:49:28.079105 00:23:48:9e:85:7c > Broadcast, ethertype ARP (0x0806), length 60: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.2.20 (Broadcast) tell 192.168.2.1, length 46<br>11:49:28.115671 00:23:48:9e:85:7c > Broadcast, ethertype ARP (0x0806), length 60: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.2.34 (Broadcast) tell 192.168.2.1, length 46<br>11:49:28.179014 00:23:48:9e:85:7c > Broadcast, ethertype ARP (0x0806), length 60: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.2.22 (Broadcast) tell 192.168.2.1, length 46<br>11:49:28.223391 00:23:48:9e:85:7c > Broadcast, ethertype ARP (0x0806), length 60: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.2.240 (Broadcast) tell 192.168.2.1, length 46<br><br><br> <u><i>tcpdump -e -n -v -v -v -i eth0 </i></u><br><br>11:41:44.953118 00:0c:29:56:d9:09 > 74:46:a0:9e:ff:a5, ethertype IPv4 (0x0800), length 166: (tos 0x10, ttl 64, id 10881, offset 0, flags [DF], proto TCP (6), length 152)<br> 192.168.2.19.ssh > 192.168.2.99.53021: Flags [P.], cksum 0x8651 (incorrect -> 0x9f53), seq 2550993953:2550994065, ack 2916435463, win 146, length 112<br>11:41:44.953804 74:46:a0:9e:ff:a5 > 00:0c:29:56:d9:09, ethertype IPv4 (0x0800), length 60: (tos 0x0, ttl 128, id 31471, offset 0, flags [DF], proto TCP (6), length 40)<br> 192.168.2.99.53021 > 192.168.2.19.ssh: Flags [.], cksum 0x7b65 (correct), seq 1, ack 112, win 16121, length 0<br>11:41:45.017729 00:0c:29:91:4c:ea > 00:0c:29:56:d9:09, ethertype IPv4 (0x0800), length 99: (tos 0x0, ttl 64, id 17044, offset 0, flags [DF], proto TCP (6), length 85)<br> 192.168.2.22.45167 > 192.168.2.19.amqp: Flags [P.], cksum 0x7339 (correct), seq 2968653045:2968653078, ack 1461763310, win 123, options [nop,nop,TS val 222978 ecr 218783], length 33<br>11:41:45.018242 00:0c:29:56:d9:09 > 00:0c:29:91:4c:ea, ethertype IPv4 (0x0800), length 78: (tos 0x0, ttl 64, id 47485, offset 0, flags [DF], proto TCP (6), length 64)<br> 192.168.2.19.amqp > 192.168.2.22.45167: Flags [P.], cksum 0x85ac (incorrect -> 0x4c5d), seq 1:13, ack 33, win 330, options [nop,nop,TS val 223746 ecr 222978], length 12<br>11:41:45.018453 00:0c:29:91:4c:ea > 00:0c:29:56:d9:09, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 17045, offset 0, flags [DF], proto TCP (6), length 52)<br> 192.168.2.22.45167 > 192.168.2.19.amqp: Flags [.], cksum 0x8701 (correct), seq 33, ack 13, win 123, options [nop,nop,TS val 222979 ecr 223746], length 0<br><br><br></div><div><div><div class="gmail_extra"><br><div class="gmail_quote">2015-04-17 10:42 GMT+02:00 Miguel Angel Ajo Pelayo <span dir="ltr"><<a href="mailto:mangelajo@redhat.com" target="_blank">mangelajo@redhat.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">To troubleshoot this I’d recommend you<br>
<br>
1) doing a tcpdump in the controller node, on the external interface attached to br-ex,<br>
and find what’s going on,<br>
<br>
tcpdump -e -n -v -v -v -i ethX<br>
<br>
note: as per your schema you may use an “external flat network”<br>
(no segmentation) from your network/controller node, so the packets going out from the router<br>
should not be tagged in your tcpdump.<br>
<br>
If you set the external network as vlan tagged, you may have to change it into flat. (such operation<br>
may require removing the floating ips from instances, removing legs from router (External, and internal),<br>
and then removing the router, then the external network/subnet).<br>
<br>
<br>
In a separate terminal, it may help to ..<br>
2) look for the router netns:<br>
<br>
# ip netns<br>
qrouter-8f2f7e69-02c3-4b75-9b25-e23b64757935<br>
<br>
note : this is the “virtual router”, it lives in a network namespace which is another isolated<br>
instance of the linux networking stack., you will find the interfaces and IPs attached with<br>
the following command:<br>
<br>
# ip netns exec qrouter-8f2f7e69-02c3-4b75-9b25-e23b64757935 ip a<br>
<br>
(here look for the external leg of the router, it will have the external router IP and the floating ip attached)<br>
it should look like qg-xxxxxxxx-xx<br>
<br>
<br>
# ip netns exec qrouter-8f2f7e69-02c3-4b75-9b25-e23b64757935 tcpdump -e -n -v -v -v -i qg-xxxxxxx-xx<br>
<br>
<br>
Please tell us how is it going .<br>
<span><br>
<br>
<br>
> On 17/4/2015, at 9:48, pauline phaure <<a href="mailto:phaurep@gmail.com" target="_blank">phaurep@gmail.com</a>> wrote:<br>
><br>
> Hello everyone,<br>
> I have some troubles making the floating IP work. When I associate a floating IP to my instance, the instance can reach the neutron-router and ping but cannot ping the external gateway. any ideas where to look?<br>
><br>
><br>
</span>> <image.png><br>
> _______________________________________________<br>
> Rdo-list mailing list<br>
> <a href="mailto:Rdo-list@redhat.com" target="_blank">Rdo-list@redhat.com</a><br>
> <a href="https://www.redhat.com/mailman/listinfo/rdo-list" target="_blank">https://www.redhat.com/mailman/listinfo/rdo-list</a><br>
><br>
> To unsubscribe: <a href="mailto:rdo-list-unsubscribe@redhat.com" target="_blank">rdo-list-unsubscribe@redhat.com</a><br>
<span><font color="#888888"><br>
Miguel Angel Ajo<br>
<br>
<br>
<br>
</font></span></blockquote></div><br></div>
</div></div></blockquote></div><br></div>
</div></blockquote></div><br></div></div><span class="HOEnZb"><font color="#888888"><div>
<div>Miguel Angel Ajo</div><div><br></div><br>
</div>
<br></font></span></div></blockquote></div><br></div>