Hello, Thanks, The problem was related to MTU. Actually, I have another installation which is configured to set 1450(1500 - 50 VxLAN header length) for guest VM interfaces. That setup runs in 'regular' network environments with 1500 MTU on host interfaces and use linuxbridge.
There is a reson why I didn't looked at that at first thing for the current case: The hosts private network interfaces has set to MTU 9000 Open vSwitch is used to connect private(self service) network. OVS bridges have 1500 MTU ( kolla configured it in this way ) I've identified that 1480 MTU for guest VM fix ssh issue in my current case, but not sure I understand why ... 20 bytes is the shortest IP header size... So there are 2 another questions: 1. What's and why adding 20 bytes ? 2. I've not found a configuration settings in kolla-ansible which allows to configure bridges interfaces MTU - any ideas how to do that properly ? Thanks, Regards, Serge. 06.04.2018, 20:57, "Brian Haley" <haleyb....@gmail.com>: > On 04/06/2018 01:28 PM, s serge wrote: >> Hello, >> >> I'm evaluating an installation and everything from networking side was >> looking good >> until I tried to reach a VM host via private network from another VM via >> ssh. >> >> In short: >> 1. Spawn a VM >> 2. Associate a floating IP >> 3. Logon to VM via ssh on public network >> 4. Spawn another VM >> 5. Try to reach 1st VM via ssh private network IP - FAIL. >> 6. ICMP to 1st VM IP via private network works well. >> >> Looks pretty weird for me as according to logs everything looks fine, >> both VM got assigned a private IP and fetches metadata info. >> >> Some notes about setup: >> Separate interfaces for management, private(VXLAN) and external network. >> Dozen of similar servers. >> >> I'll continue to debug the issue, but appreciate any relevant feedback. > > I would check two things: > > 1. Security groups are allowing port 22 > 2. MTU is set correctly, should probably be 1450 if you're using VXLAN, > which should have been set via the DHCP reply > > -Brian _______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
