can someone help ?
2013/8/22 不坏阿峰 <onlydeb...@gmail.com>: > vm with openvswitch+KVM can not access extranal network, can ping gateway > > Cloudstack4.1.1 > A: one kvm host ubuntu12.04 with openvswitch, > B: xen server6.0, > C: one kvm host centos with openvswitch > > in cloudstack have two network. > Guestvlan301 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all > Guestvlan300 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all > > > ①:vrouter301 run on Xen, Public IP Address 192.168.240.54 Guest IP > Address 192.168.31.1 > vm in vlan301 ,can ping gateway 192.168.31.1 and can access > internet. vm can run on kvm or xen, both ok. > > ②:vronter300 run on Kvm with openvswitch, Public IP Address > 192.168.240.53 Guest IP Address 192.168.30.1 > vm in vlan300 ,can ping gateway 192.168.30.1, but can not access > internet. vrouter can access internet. > > how to make vm under kvm+openvswitch to access outside network and internet > > > [root@centos-kvm01 libvirt]# ovs-vsctl show > 7cb5f505-7ac1-4403-9f9d-101882ed7bad > Bridge kvmmgt > Port kvmmgt > Interface kvmmgt > type: internal > Port "eth0" > Interface "eth0" > Bridge "cloudbr0" > Port "cloudbr0" > Interface "cloudbr0" > type: internal > Port "eth1" > Interface "eth1" ## Eth1 uplink port is Esxi > vswitch in promiscuous mode, Xen server Eth1 uplink this too, can > work fine ; Kvm use native bridge work fine too. > Port "vnet3" > tag: 240 > Interface "vnet3" > Port "vnet0" > tag: 301 > Interface "vnet0" > Port "vnet1" > tag: 300 > Interface "vnet1" > Port "vnet4" > tag: 240 > Interface "vnet4" > Bridge "cloud0" > Port "cloud0" > Interface "cloud0" > type: internal > Port "vnet2" > Interface "vnet2" > Bridge storage > Port "eth2" > Interface "eth2" > Port storage > Interface storage > type: internal > ovs_version: "1.10.0" > > > i do the test, > one VM 192.168.30.90 run ping 192.168.123.1 > vrouter 192.168.30.1(outside IP 192.168.240.53 vlan 240) run ping > www.google.com > > [root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 30.90 > > in_port(9),eth(src=02:00:07:94:00:09,dst=02:00:3c:30:00:06),eth_type(0x0806),arp(sip=192.168.30.1,tip=192.168.30.90,op=2,sha=02:00:07:94:00:09,tha=02:00:3c:30:00:06), > packets:0, bytes:0, used:never, actions:push_vlan(vid=300,pcp=0),5 > in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=63,frag=no),icmp(type=8,code=0), > packets:5855, bytes:573790, used:0.810s, > actions:push_vlan(vid=240,pcp=0),5 > in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.30.90,tip=192.168.30.1,op=1,sha=02:00:3c:30:00:06,tha=00:00:00:00:00:00)), > packets:0, bytes:0, used:never, actions:pop_vlan,9 > in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0)), > packets:5855, bytes:597210, used:0.809s, actions:pop_vlan,9 > > ###### actions:push_vlan(vid=240,pcp=0),5 , this is maybe have > some problem !!!!!!! is it?? > > > > > [root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 240.53 > in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.240.53,dst=74.125.128.105,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0), > packets:6167, bytes:604366, used:0.486s, > actions:push_vlan(vid=240,pcp=0),5 > in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.240.1,tip=192.168.240.53,op=1,sha=00:50:56:97:5c:55,tha=00:00:00:00:00:00)), > packets:0, bytes:0, used:never, actions:pop_vlan,11 > in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0800),ipv4(src=74.125.128.105,dst=192.168.240.53,proto=1,tos=0,ttl=49,frag=no),icmp(type=0,code=0)), > packets:6059, bytes:618018, used:0.450s, actions:pop_vlan,11 > in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0806),arp(sip=192.168.240.53,tip=192.168.240.1,op=2,sha=06:28:b6:00:01:20,tha=00:50:56:97:5c:55), > packets:0, bytes:0, used:never, actions:push_vlan(vid=240,pcp=0),5 _______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
