Hi,
I am trying to install a 3 node Icehouse cluster. Each node has a *single NIC*. For now, I just need nova-network, but I plan to use neutron in a couple of months. I created the network with: nova network-create vmnet --fixed-range-v4=203.0.113.1/24 <http://203.0.113.24/24> --bridge-interface=br100 --multi-host=T​ Currently, I am able to ping any host in my local network from a Cirros VM with no floating IP assigned: -Controller: $ ping 192.168.1.10 PING 192.168.1.10 (192.168.1.10): 56 data bytes 64 bytes from 192.168.1.10: seq=0 ttl=64 time=0.205 ms -Gateway (D-Link DSL-2770L): $ ping 192.168.1.1 PING 192.168.1.1 (192.168.1.1): 56 data bytes 64 bytes from 192.168.1.1: seq=0 ttl=63 time=0.933 ms It also seems to resolve DNS correctly, but it gets no response: -Google: $ ping google.com PING google.com (173.194.41.7): 56 data bytes ^C --- google.com ping statistics --- 10 packets transmitted, 0 packets received, 100% packet loss -tcpdump from the controller on the interface em1 when pinging google.com: 22:05:39.005097 IP controller.38302 > 192.168.1.1.domain: 42711+ PTR? 7.41.194.173.in-addr.arpa. (43) 22:05:39.006571 IP 192.168.1.1.domain > controller.38302: 42711 1/0/0 PTR mad01s14-in-f7.1e100.net. (81) 22:05:39.006871 IP controller.55511 > 192.168.1.1.domain: 10714+ PTR? 2.113.0.203.in-addr.arpa. (42) 22:05:39.156593 IP 192.168.1.1.domain > controller.55511: 10714 NXDomain 0/1/0 (131) 22:05:39.693543 IP 203.0.113.2 > mad01s14-in-f7.1e100.net: ICMP echo request, id 1560, seq 100, length 64 22:05:40.693714 IP 203.0.113.2 > mad01s14-in-f7.1e100.net: ICMP echo request, id 1560, seq 101, length 64 22:05:41.693826 IP 203.0.113.2 > mad01s14-in-f7.1e100.net: ICMP echo request, id 1560, seq 102, length 64 22:05:42.694046 IP 203.0.113.2 > mad01s14-in-f7.1e100.net: ICMP echo request, id 1560, seq 103, length 64 Any help would be greatly appreciated. Thanks in advance, Marc -------------------------------------------------------------------- *Here are more details about my installation (controller):* *-ifconfig:* br100 Link encap:Ethernet HWaddr c0:3f:d5:65:f0:28 inet addr:203.0.113.1 Bcast:203.0.113.255 Mask:255.255.255.0 inet6 addr: fe80::a032:c2ff:fec7:1af5/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:184840961 errors:0 dropped:0 overruns:0 frame:0 TX packets:10086 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:13348355562 (13.3 GB) TX bytes:2167190 (2.1 MB) em1 Link encap:Ethernet HWaddr c0:3f:d5:65:f0:28 inet6 addr: fe80::c23f:d5ff:fe65:f028/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:184836802 errors:0 dropped:0 overruns:0 frame:0 TX packets:22617 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:16674408339 (16.6 GB) TX bytes:3501369 (3.5 MB) Interrupt:20 Memory:f7c00000-f7c20000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:3439965 errors:0 dropped:0 overruns:0 frame:0 TX packets:3439965 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1123075242 (1.1 GB) TX bytes:1123075242 (1.1 GB) virbr0 Link encap:Ethernet HWaddr da:96:05:3b:24:7f inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) vnet0 Link encap:Ethernet HWaddr fe:16:3e:8d:41:c1 inet6 addr: fe80::fc16:3eff:fe8d:41c1/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:18885 errors:0 dropped:0 overruns:0 frame:0 TX packets:183785348 errors:0 dropped:3296 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:2487670 (2.4 MB) TX bytes:15842302413 (15.8 GB) * nova.conf:* [...] network_api_class = nova.network.api.API security_group_api = nova firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver network_manager = nova.network.manager.FlatDHCPManager network_size = 254 allow_same_net_traffic = False multi_host = True send_arp_for_ha = True share_dhcp_address = True force_dhcp_release = True flat_network_bridge = br100 flat_interface = em1 public_interface = em1 [...] * /etc/network/interfaces:* # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto em1 iface em1 inet dhcp auto em1:0 iface em1:0 inet static name em1 Alias address 192.168.1.10 netmask 255.255.255.0 gateway 192.168.1.1 *IPTABLES:* iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination nova-compute-INPUT all -- anywhere anywhere nova-network-INPUT all -- anywhere anywhere ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT tcp -- anywhere anywhere tcp dpt:domain ACCEPT udp -- anywhere anywhere udp dpt:bootps ACCEPT tcp -- anywhere anywhere tcp dpt:bootps nova-api-INPUT all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination nova-filter-top all -- anywhere anywhere nova-compute-FORWARD all -- anywhere anywhere nova-network-FORWARD all -- anywhere anywhere ACCEPT all -- anywhere 192.168.122.0/24 ctstate RELATED,ESTABLISHED ACCEPT all -- 192.168.122.0/24 anywhere ACCEPT all -- anywhere anywhere REJECT all -- anywhere anywhere reject-with icmp-port-unreachable REJECT all -- anywhere anywhere reject-with icmp-port-unreachable nova-api-FORWARD all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination nova-filter-top all -- anywhere anywhere nova-compute-OUTPUT all -- anywhere anywhere nova-network-OUTPUT all -- anywhere anywhere ACCEPT udp -- anywhere anywhere udp dpt:bootpc nova-api-OUTPUT all -- anywhere anywhere Chain nova-api-FORWARD (1 references) target prot opt source destination Chain nova-api-INPUT (1 references) target prot opt source destination ACCEPT tcp -- anywhere controller tcp dpt:8775 Chain nova-api-OUTPUT (1 references) target prot opt source destination Chain nova-api-local (1 references) target prot opt source destination Chain nova-compute-FORWARD (1 references) target prot opt source destination ACCEPT udp -- 0.0.0.0 255.255.255.255 udp spt:bootpc dpt:bootps Chain nova-compute-INPUT (1 references) target prot opt source destination ACCEPT udp -- 0.0.0.0 255.255.255.255 udp spt:bootpc dpt:bootps Chain nova-compute-OUTPUT (1 references) target prot opt source destination Chain nova-compute-inst-4 (1 references) target prot opt source destination DROP all -- anywhere anywhere state INVALID ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED nova-compute-provider all -- anywhere anywhere ACCEPT udp -- 203.0.113.1 anywhere udp spt:bootps dpt:bootpc ACCEPT icmp -- anywhere anywhere ACCEPT tcp -- anywhere anywhere multiport dports tcpmux:65535 ACCEPT udp -- anywhere anywhere multiport dports 1:65535 nova-compute-sg-fallback all -- anywhere anywhere Chain nova-compute-local (1 references) target prot opt source destination nova-compute-inst-4 all -- anywhere 203.0.113.2 Chain nova-compute-provider (1 references) target prot opt source destination Chain nova-compute-sg-fallback (1 references) target prot opt source destination DROP all -- anywhere anywhere Chain nova-filter-top (2 references) target prot opt source destination nova-compute-local all -- anywhere anywhere nova-network-local all -- anywhere anywhere nova-api-local all -- anywhere anywhere Chain nova-network-FORWARD (1 references) target prot opt source destination DROP udp -- anywhere 255.255.255.255 PHYSDEV match --physdev-in em1 udp dpt:bootps DROP udp -- anywhere 255.255.255.255 PHYSDEV match --physdev-out em1 udp dpt:bootps DROP all -- anywhere 203.0.113.1 PHYSDEV match --physdev-in em1 DROP all -- 203.0.113.1 anywhere PHYSDEV match --physdev-out em1 ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere Chain nova-network-INPUT (1 references) target prot opt source destination ACCEPT udp -- anywhere anywhere udp dpt:bootps ACCEPT tcp -- anywhere anywhere tcp dpt:bootps ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT tcp -- anywhere anywhere tcp dpt:domain Chain nova-network-OUTPUT (1 references) target prot opt source destination Chain nova-network-local (1 references) target prot opt source destination * EBTABLES:* ebtables -L Bridge table: filter Bridge chain: INPUT, entries: 1, policy: ACCEPT -p ARP -i em1 --arp-ip-dst 203.0.113.1 -j DROP Bridge chain: FORWARD, entries: 0, policy: ACCEPT Bridge chain: OUTPUT, entries: 1, policy: ACCEPT -p ARP -o em1 --arp-ip-src 203.0.113.1 -j DROP
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : [email protected] Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
