Arg, of course the arp replies come from the instance. See? I'm easily confused.
Here's more, using tcpdump -e. So if I ping the floater (10.21.166.2 -> 192.168.252.3) ) from the outside (10.21.164.10), I see this on the tenant router's external port: 16:16:30.771776 00:22:19:65:ae:42 > fa:16:3e:4d:e6:93, ethertype IPv4 (0x0800), length 98: 10.21.164.10 > 10.21.166.2: ICMP echo request, id 18720, seq 1, length 64 16:16:31.772293 00:22:19:65:ae:42 > fa:16:3e:4d:e6:93, ethertype IPv4 (0x0800), length 98: 10.21.164.10 > 10.21.166.2: ICMP echo request, id 18720, seq 2, length 64 16:16:32.773259 00:22:19:65:ae:42 > fa:16:3e:4d:e6:93, ethertype IPv4 (0x0800), length 98: 10.21.164.10 > 10.21.166.2: ICMP echo request, id 18720, seq 3, length 64 16:16:33.769279 fa:16:3e:4d:e6:93 > 00:22:19:65:ae:42, ethertype IPv4 (0x0800), length 126: 10.21.166.2 > 10.21.164.10: ICMP host 10.21.166.2 unreachable, length 92 16:16:33.769307 fa:16:3e:4d:e6:93 > 00:22:19:65:ae:42, ethertype IPv4 (0x0800), length 126: 10.21.166.2 > 10.21.164.10: ICMP host 10.21.166.2 unreachable, length 92 16:16:33.769317 fa:16:3e:4d:e6:93 > 00:22:19:65:ae:42, ethertype IPv4 (0x0800), length 126: 10.21.166.2 > 10.21.164.10: ICMP host 10.21.166.2 unreachable, length 92 I see this on the tenant router's internal port (unrequited arps): 16:16:30.771820 fa:16:3e:f8:a4:54 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.252.3 tell 192.168.252.1, length 28 16:16:30.772124 fa:16:3e:f8:a4:54 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.252.3 tell 192.168.252.1, length 28 16:16:31.769261 fa:16:3e:f8:a4:54 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.252.3 tell 192.168.252.1, length 28 16:16:31.769297 fa:16:3e:f8:a4:54 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.252.3 tell 192.168.252.1, length 28 16:16:32.769235 fa:16:3e:f8:a4:54 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.252.3 tell 192.168.252.1, length 28 16:16:32.769269 fa:16:3e:f8:a4:54 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.252.3 tell 192.168.252.1, length 28 I see this on the dmsasq's port (same): 16:20:31.524529 fa:16:3e:f8:a4:54 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.252.3 tell 192.168.252.1, length 28 16:20:31.524710 fa:16:3e:f8:a4:54 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.252.3 tell 192.168.252.1, length 28 16:20:32.521264 fa:16:3e:f8:a4:54 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.252.3 tell 192.168.252.1, length 28 16:20:32.521289 fa:16:3e:f8:a4:54 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.252.3 tell 192.168.252.1, length 28 16:20:33.521268 fa:16:3e:f8:a4:54 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.252.3 tell 192.168.252.1, length 28 16:20:33.521308 fa:16:3e:f8:a4:54 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.252.3 tell 192.168.252.1, length 28 And here's the instance's ovs interface: 16:35:41.227497 fa:16:3e:f8:a4:54 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.252.3 tell 192.168.252.1, length 28 16:35:41.228075 fa:16:3e:8a:02:78 > fa:16:3e:f8:a4:54, ethertype ARP (0x0806), length 42: Reply 192.168.252.3 is-at fa:16:3e:8a:02:78, length 28 16:35:42.225296 fa:16:3e:f8:a4:54 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.252.3 tell 192.168.252.1, length 28 16:35:42.225620 fa:16:3e:8a:02:78 > fa:16:3e:f8:a4:54, ethertype ARP (0x0806), length 42: Reply 192.168.252.3 is-at fa:16:3e:8a:02:78, length 28 16:35:43.225268 fa:16:3e:f8:a4:54 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.252.3 tell 192.168.252.1, length 28 16:35:43.225558 fa:16:3e:8a:02:78 > fa:16:3e:f8:a4:54, ethertype ARP (0x0806), length 42: Reply 192.168.252.3 is-at fa:16:3e:8a:02:78, length 28 16:35:44.225707 fa:16:3e:f8:a4:54 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.252.3 tell 192.168.252.1, length 28 16:35:44.226013 fa:16:3e:8a:02:78 > fa:16:3e:f8:a4:54, ethertype ARP (0x0806), length 42: Reply 192.168.252.3 is-at fa:16:3e:8a:02:78, length 28 That MAC, is the correct MAC for 192.168.252.1. So the instance gets the arp requests and replies to them, but they don't get back to the tenant router. Something is squelching the arp reply between the compute node and the network node. GRE issue? Ugh... On Fri, May 10, 2013 at 4:28 PM, Darragh O'Reilly <dara2002-openst...@yahoo.com> wrote: > In my setup I see the arp replies being answered by the instance - not > dnsmasq. -- \*..+.- --Greg Chavez +//..;}; _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
