Re: [Openstack] should instances be able to ping each other through a router?

Mon, 25 Aug 2014 02:17:54 -0700 

I think you need to add a resource with type
type: OS::Neutron::RouterGateway.

On 08/24/2014 09:09 AM, Don Waterloo wrote:

I have the below heat template instantiated.

Each instance (h1/h2/h3) can ping out to the world just fine.
In addition, h1 can ping h2 & h3, and they it. e.g. everyone can ping
everyone on its own subnet.
But h2 and h3 cannot ping each other (this is a routing function
rather than local net).

I am using vxlan with neutron, ovs ml2 on icehouse ubuntu 14.04.

I have port_security disabled (and iptables -L shows this to be true
in the router namespace).

what is happening is the ping hits the router port, and stops.
e.g. 172.16.1.X sends ICMP to 172.16.2.1, and its never seen again.

Should I be expecting this to work? It seems that this should not be
an SNAT issue, its all inside my private networking space.

>From the host, if I 'ip netns exec qrouter-<...>' i can ping each
interface inside each vm, so i know the host can reach them.

So, uh, suggestions on how to debug this? My 'trusty' image below is
ubuntu 14.04, but it also happens w/ cirros fwiw.

--------------<snip>--------------
heat_template_version: 2013-05-23

description: >

resources:
   key:
     type: OS::Nova::KeyPair
     properties:
       name: { str_replace: { params: { $stack_name: { get_param:
'OS::stack_name' } }, template: '$stack_name-key' } }
       save_private_key: True

   rtr:
     type: OS::Neutron::Router
     properties:
       admin_state_up: True
       name: { str_replace: { params: { $stack_name: { get_param:
'OS::stack_name' } }, template: '$stack_name-rtr' } }
       external__info:
         network: "ext-net"

   ctrl_net:
     type: OS::Neutron::Net
     properties:
       name: { str_replace: { params: { $stack_name: { get_param:
'OS::stack_name' } }, template: '$stack_name-data-ctrl-net' } }

   ctrl_subnet:
     type: OS::Neutron::Subnet
     properties:
       name: { str_replace: { params: { $stack_name: { get_param:
'OS::stack_name' } }, template: '$stack_name-data-ctrl-subnet' } }
       enable_dhcp: True
       network_id: { get_resource: ctrl_net }
       cidr: 172.16.1/24
       allocation_pools:
         - start: 172.16.1.10
           end: 172.16.1.254

   router_i0:
     type: OS::Neutron::RouterInterface
     properties:
       router_id: { get_resource: rtr }
       subnet_id: { get_resource: ctrl_subnet }

   router_i1:
     type: OS::Neutron::RouterInterface
     properties:
       router_id: { get_resource: rtr }
       subnet_id: { get_resource: data_int_subnet }

   int_net:
     type: OS::Neutron::Net
     properties:
       name: { str_replace: { params: { $stack_name: { get_param:
'OS::stack_name' } }, template: '$stack_name-int-net' } }

   data_int_subnet:
     type: OS::Neutron::Subnet
     properties:
       name: { str_replace: { params: { $stack_name: { get_param:
'OS::stack_name' } }, template: '$stack_name-data-int-subnet' } }
       enable_dhcp: True
       network_id: { get_resource: int_net }
       cidr: 172.16.2/24
       allocation_pools:
         - start: 172.16.2.10
           end: 172.16.2.254


   h1:
     type: OS::Nova::Server
     properties:
       name: { str_replace: { params: { $stack_name: { get_param:
'OS::stack_name' } }, template: '$stack_name-h1' } }
       key_name: { get_resource: key }
       image: "trusty"
       flavor: "m1.tiny"
       config_drive: "true"
       networks:
         - network: { get_resource: ctrl_net }
         - network: { get_resource: int_net }
       user_data_format: RAW
       user_data: |
         #!/bin/bash
         ifup eth1
         dhclient eth1

   h2:
     type: OS::Nova::Server
     properties:
       name: { str_replace: { params: { $stack_name: { get_param:
'OS::stack_name' } }, template: '$stack_name-h2' } }
       key_name: { get_resource: key }
       image: "trusty"
       flavor: "m1.tiny"
       config_drive: "true"
       networks:
         - network: { get_resource: ctrl_net }

   h3:
     type: OS::Nova::Server
     properties:
       name: { str_replace: { params: { $stack_name: { get_param:
'OS::stack_name' } }, template: '$stack_name-h3' } }
       key_name: { get_resource: key }
       image: "trusty"
       flavor: "m1.tiny"
       config_drive: "true"
       networks:
         - network: { get_resource: int_net }

outputs:
     key:
         description: The private key to login to these images with
(try heat output-show <NAME> key | sed -e 's?"??g' -e 's?\\n?\n?g' >
~/.ssh/<NAME>_rsa)
         value: { get_attr: [ key, private_key] }

--------------<snip>--------------

_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to     : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack





_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to     : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Reply via email to