[
https://issues.apache.org/jira/browse/CLOUDSTACK-938?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13555911#comment-13555911
]
Marcus Sorensen commented on CLOUDSTACK-938:
--------------------------------------------
I can verify that in my setup as well in cloud.log (the rp_filter issue), I'll
take a look and see what's going on there. However, the VPC router is
functional, as the rp_filter isn't strictly required. Your setup looks like it
got the interfaces set up properly, as opposed to the previous logs where one
interface is down. Despite that, it looks like the VPN failed in your setup,
I'll see if I can get that working.
> s2s VPN trouble
> ---------------
>
> Key: CLOUDSTACK-938
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-938
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Components: Network Controller
> Affects Versions: 4.0.0, 4.0.1
> Environment: CentOS 6.3 x86_64
> CS - 4.0.1-0.11
> Reporter: Richard Shevel
> Priority: Blocker
> Fix For: 4.0.1, 4.1.0
>
> Attachments: after_restart_VPC.zip, auth.log, catalina.zip,
> management-server_afer_upgrade2.zip, management-server_after_upgrade.zip,
> management-server.zip, messages, r-292-vm_log.tar.gz
>
>
> Dear colleagues, the problem is clearly a bug:
> I created a VPC
> Further, in my VPN Customer Gateway to the settings
> Gateway 217.70.20.213
> CIDR list 192.168.10.0/24
> IPsec Preshared-Key blablablablablabla
> IKE Encryption 3des
> IKE Hash md5
> IKE DH None
> ESP Encryption 3des
> ESP Hash md5
> Perfect Forward Secrecy None
> IKE lifetime (second) 86 400
> ESP Lifetime (second) 28 800
> Dead Peer Detection Yes
> In the setting of VPC I create VPN Gateway
> When creating a VPN Connection get the error:
> Resource [Site2SiteVpnConnection:15] is unreachable: Failed to apply
> site-to-site VPN
> catalina.out:
> WARN [cloud.api.ApiDispatcher] (Job-Executor-11:job-463) class
> com.cloud.api.ServerApiException : Resource [Site2SiteVpnConnection:15] is
> unreachable: Failed to apply site-to-site VPN
> WARN [cloud.async.AsyncJobManagerImpl] (Job-Executor-11:job-463) Unable to
> unregister active job 463 from JMX monitoring
> WARN [network.router.VirtualNetworkApplianceManagerImpl]
> (RouterStatusMonitor-1:) Unable to update router r-288-VM's VPN connection
> status
> WARN [network.router.VirtualNetworkApplianceManagerImpl]
> (RouterStatusMonitor-1:) Unable to update router r-288-VM's VPN connection
> status
> WARN [network.router.VirtualNetworkApplianceManagerImpl]
> (RouterStatusMonitor-1:) Unable to update router r-288-VM's VPN connection
> status
> WARN [network.router.VirtualNetworkApplianceManagerImpl]
> (RouterStatusMonitor-1:) Unable to update router r-288-VM's VPN connection
> status
> WARN [network.router.VirtualNetworkApplianceManagerImpl]
> (RouterStatusMonitor-1:) Unable to update router r-288-VM's VPN connection
> status
> management-server.log:
> 2013-01-09 21:27:54,587 DEBUG [agent.manager.AgentManagerImpl]
> (AgentManager-Handler-4:null) Ping from 5
> 2013-01-09 21:27:54,623 DEBUG [agent.manager.AgentManagerImpl]
> (AgentManager-Handler-2:null) Ping from 3
> 2013-01-09 21:28:17,546 DEBUG [storage.secondary.SecondaryStorageManagerImpl]
> (secstorage-1:null) Zone 1 is ready to launch secondary storage VM
> 2013-01-09 21:28:17,656 DEBUG [cloud.consoleproxy.ConsoleProxyManagerImpl]
> (consoleproxy-1:null) Zone 1 is ready to launch console proxy
> 2013-01-09 21:28:18,306 DEBUG
> [network.router.VirtualNetworkApplianceManagerImpl]
> (RouterStatusMonitor-1:null) Found 3 routers.
> 2013-01-09 21:28:18,316 DEBUG [agent.transport.Request]
> (RouterStatusMonitor-1:null) Seq 5-223284290: Sending { Cmd , MgmtId:
> 52239887788, via: 5, Ver: v1, Flags: 100111,
> [{"CheckS2SVpnConnectionsCommand":{"vpnIps":[],"accessDetails":{"router.ip":"169.254.1.232","router.name":"r-288-VM"},"wait":30}}]
> }
> 2013-01-09 21:28:18,458 DEBUG [agent.transport.Request]
> (AgentManager-Handler-3:null) Seq 5-223284290: Processing: { Ans: , MgmtId:
> 52239887788, via: 5, Ver: v1, Flags: 110,
> [{"CheckS2SVpnConnectionsAnswer":{"ipToConnected":{},"ipToDetail":{},"details":"CheckS2SVpnConneciontsCommand
> failed","result":false,"wait":0}}] }
> 2013-01-09 21:28:18,458 DEBUG [agent.manager.AgentAttache]
> (AgentManager-Handler-3:null) Seq 5-223284290: No more commands found
> 2013-01-09 21:28:18,458 DEBUG [agent.transport.Request]
> (RouterStatusMonitor-1:null) Seq 5-223284290: Received: { Ans: , MgmtId:
> 52239887788, via: 5, Ver: v1, Flags: 110, { CheckS2SVpnConnectionsAnswer } }
> 2013-01-09 21:28:18,458 DEBUG [agent.manager.AgentManagerImpl]
> (RouterStatusMonitor-1:null) Details from executing class
> com.cloud.agent.api.CheckS2SVpnConnectionsCommand:
> CheckS2SVpnConneciontsCommand failed
> 2013-01-09 21:28:18,458 WARN
> [network.router.VirtualNetworkApplianceManagerImpl]
> (RouterStatusMonitor-1:null) Unable to update router r-288-VM's VPN
> connection status
> 2013-01-09 21:28:43,063 DEBUG [cloud.server.StatsCollector]
> (StatsCollector-2:null) StorageCollector is running...
> 2013-01-09 21:28:43,117 DEBUG [agent.transport.Request]
> (StatsCollector-2:null) Seq 17-292881626: Received: { Ans: , MgmtId:
> 52239887788, via: 17, Ver: v1, Flags: 10, { GetStorageStatsAnswer } }
> 2013-01-09 21:28:45,185 DEBUG [agent.transport.Request]
> (StatsCollector-2:null) Seq 3-1166872144: Received: { Ans: , MgmtId:
> 52239887788, via: 3, Ver: v1, Flags: 10, { GetStorageStatsAnswer } }
> 2013-01-09 21:28:47,545 DEBUG [storage.secondary.SecondaryStorageManagerImpl]
> (secstorage-1:null) Zone 1 is ready to launch secondary storage VM
> 2013-01-09 21:28:47,655 DEBUG [cloud.consoleproxy.ConsoleProxyManagerImpl]
> (consoleproxy-1:null) Zone 1 is ready to launch console proxy
> 2013-01-09 21:28:48,305 DEBUG
> [network.router.VirtualNetworkApplianceManagerImpl]
> (RouterStatusMonitor-1:null) Found 3 routers.
> 2013-01-09 21:28:48,328 DEBUG [agent.transport.Request]
> (RouterStatusMonitor-1:null) Seq 5-223284291: Sending { Cmd , MgmtId:
> 52239887788, via: 5, Ver: v1, Flags: 100111,
> [{"CheckS2SVpnConnectionsCommand":{"vpnIps":[],"accessDetails":{"router.ip":"169.254.1.232","router.name":"r-288-VM"},"wait":30}}]
> }
> 2013-01-09 21:28:48,430 DEBUG [agent.transport.Request]
> (AgentManager-Handler-9:null) Seq 5-223284291: Processing: { Ans: , MgmtId:
> 52239887788, via: 5, Ver: v1, Flags: 110,
> [{"CheckS2SVpnConnectionsAnswer":{"ipToConnected":{},"ipToDetail":{},"details":"CheckS2SVpnConneciontsCommand
> failed","result":false,"wait":0}}] }
> 2013-01-09 21:28:48,430 DEBUG [agent.manager.AgentAttache]
> (AgentManager-Handler-9:null) Seq 5-223284291: No more commands found
> 2013-01-09 21:28:48,430 DEBUG [agent.transport.Request]
> (RouterStatusMonitor-1:null) Seq 5-223284291: Received: { Ans: , MgmtId:
> 52239887788, via: 5, Ver: v1, Flags: 110, { CheckS2SVpnConnectionsAnswer } }
> 2013-01-09 21:28:48,430 DEBUG [agent.manager.AgentManagerImpl]
> (RouterStatusMonitor-1:null) Details from executing class
> com.cloud.agent.api.CheckS2SVpnConnectionsCommand:
> CheckS2SVpnConneciontsCommand failed
> 2013-01-09 21:28:48,430 WARN
> [network.router.VirtualNetworkApplianceManagerImpl]
> (RouterStatusMonitor-1:null) Unable to update router r-288-VM's VPN
> connection status
> 2013-01-09 21:28:49,298 DEBUG [agent.manager.AgentManagerImpl]
> (AgentManager-Handler-7:null) Ping from 11
> 2013-01-09 21:28:49,299 DEBUG [agent.manager.AgentManagerImpl]
> (AgentManager-Handler-6:null) Ping from 17
> 2013-01-09 21:28:51,594 DEBUG [cloud.server.StatsCollector]
> (StatsCollector-3:null) HostStatsCollector is running...
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
