Hi,
Tried to ssh form the network node to instance .. Observed packets ssh packets are transmitted to and from . but connection is not established . What may be the reason .? Below are few dumps in the path from external network of network node to instance . My instance overview is pasted at http://paste.openstack.org/show/113366/ root@user-ThinkCentre-M73:/home/user# ssh cirros@172.0.0.4 -vvv OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 172.0.0.4 [172.0.0.4] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/id_rsa type -1 debug1: identity file /root/.ssh/id_rsa-cert type -1 debug1: identity file /root/.ssh/id_dsa type -1 debug1: identity file /root/.ssh/id_dsa-cert type -1 debug1: identity file /root/.ssh/id_ecdsa type -1 debug1: identity file /root/.ssh/id_ecdsa-cert type -1 debug1: identity file /root/.ssh/id_ed25519 type -1 debug1: identity file /root/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 debug1: Remote protocol version 2.0, remote software version dropbear_2012.55 debug1: no match: dropbear_2012.55 debug2: fd 3 setting O_NONBLOCK debug3: load_hostkeys: loading entries for host "172.0.0.4" from file "/root/.ssh/known_hosts" debug3: load_hostkeys: loaded 0 keys debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: curve25519-sha...@libssh.org ,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-...@openssh.com, ecdsa-sha2-nistp384-cert-...@openssh.com, ecdsa-sha2-nistp521-cert-...@openssh.com,ssh-ed25519-cert-...@openssh.com, ssh-rsa-cert-...@openssh.com,ssh-dss-cert-...@openssh.com, ssh-rsa-cert-...@openssh.com,ssh-dss-cert-...@openssh.com ,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, aes128-...@openssh.com,aes256-...@openssh.com,chacha20-poly1...@openssh.com ,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour, rijndael-...@lysator.liu.se debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, aes128-...@openssh.com,aes256-...@openssh.com,chacha20-poly1...@openssh.com ,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour, rijndael-...@lysator.liu.se debug2: kex_parse_kexinit: hmac-md5-...@openssh.com, hmac-sha1-...@openssh.com,umac-64-...@openssh.com,umac-128-...@openssh.com, hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com, hmac-ripemd160-...@openssh.com,hmac-sha1-96-...@openssh.com, hmac-md5-96-...@openssh.com,hmac-md5,hmac-sha1,umac...@openssh.com, umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160, hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5-...@openssh.com, hmac-sha1-...@openssh.com,umac-64-...@openssh.com,umac-128-...@openssh.com, hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com, hmac-ripemd160-...@openssh.com,hmac-sha1-96-...@openssh.com, hmac-md5-96-...@openssh.com,hmac-md5,hmac-sha1,umac...@openssh.com, umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160, hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,z...@openssh.com,zlib debug2: kex_parse_kexinit: none,z...@openssh.com,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,3des-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-cbc,twofish128-cbc debug2: kex_parse_kexinit: aes128-ctr,3des-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-cbc,twofish128-cbc debug2: kex_parse_kexinit: hmac-sha1-96,hmac-sha1,hmac-md5 debug2: kex_parse_kexinit: hmac-sha1-96,hmac-sha1,hmac-md5 debug2: kex_parse_kexinit: none debug2: kex_parse_kexinit: none debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: setup hmac-md5 debug1: kex: server->client aes128-ctr hmac-md5 none debug2: mac_setup: setup hmac-md5 debug1: kex: client->server aes128-ctr hmac-md5 none debug2: bits set: 1019/2048 debug1: sending SSH2_MSG_KEXDH_INIT debug1: expecting SSH2_MSG_KEXDH_REPLY Read from socket failed: Connection timed out Ifconfig of router namespace in network node root@user-ThinkCentre-M73:/home/user# ip netns exec qrouter-f6e00f94-1c6d-4cf5-8cae-319e393240fe ifconfig lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:48 errors:0 dropped:0 overruns:0 frame:0 TX packets:48 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:3924 (3.9 KB) TX bytes:3924 (3.9 KB) qg-ec80d9fb-82 Link encap:Ethernet HWaddr fa:16:3e:b4:4e:6e inet addr:172.0.0.2 Bcast:172.0.0.255 Mask:255.255.255.0 inet6 addr: fe80::f816:3eff:feb4:4e6e/64 Scope:Link UP BROADCAST RUNNING MTU:1500 Metric:1 RX packets:1222 errors:0 dropped:0 overruns:0 frame:0 TX packets:1105 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:345583 (345.5 KB) TX bytes:112480 (112.4 KB) qr-72d38d5b-5c Link encap:Ethernet HWaddr fa:16:3e:6a:fd:ce inet addr:11.0.0.1 Bcast:11.0.0.255 Mask:255.255.255.0 inet6 addr: fe80::f816:3eff:fe6a:fdce/64 Scope:Link UP BROADCAST RUNNING MTU:1500 Metric:1 RX packets:19529 errors:0 dropped:0 overruns:0 frame:0 TX packets:1283 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:3046631 (3.0 MB) TX bytes:349969 (349.9 KB) Tcpdump at interface connected to external bridge [ br-ex ] on network node . root@user-ThinkCentre-M73:/home/user# ip netns exec qrouter-f6e00f94-1c6d-4cf5-8cae-319e393240fe tcpdump -i qg-ec80d9fb-82 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on qg-ec80d9fb-82, link-type EN10MB (Ethernet), capture size 65535 bytes ^C05:48:45.486622 IP 172.0.0.117.55818 > 172.0.0.4.ssh: Flags [S], seq 3976398776, win 29200, options [mss 1460,sackOK,TS val 4692954 ecr 0,nop,wscale 7], length 0 05:48:45.487671 IP 172.0.0.4.ssh > 172.0.0.117.55818: Flags [S.], seq 3831484282, ack 3976398777, win 14480, options [mss 1460,sackOK,TS val 44193412 ecr 4692954,nop,wscale 3], length 0 05:48:45.487720 IP 172.0.0.117.55818 > 172.0.0.4.ssh: Flags [.], ack 1, win 229, options [nop,nop,TS val 4692954 ecr 44193412], length 0 05:48:45.488031 IP 172.0.0.117.55818 > 172.0.0.4.ssh: Flags [P.], seq 1:42, ack 1, win 229, options [nop,nop,TS val 4692954 ecr 44193412], length 41 05:48:45.488678 IP 172.0.0.4.ssh > 172.0.0.117.55818: Flags [.], ack 42, win 1810, options [nop,nop,TS val 44193412 ecr 4692954], length 0 05:48:45.488933 IP 172.0.0.4.ssh > 172.0.0.117.55818: Flags [P.], seq 1:27, ack 42, win 1810, options [nop,nop,TS val 44193412 ecr 4692954], length 26 05:48:45.488992 IP 172.0.0.117.55818 > 172.0.0.4.ssh: Flags [.], ack 27, win 229, options [nop,nop,TS val 4692954 ecr 44193412], length 0 05:48:45.489245 IP 172.0.0.117.55818 > 172.0.0.4.ssh: Flags [.], seq 42:1490, ack 27, win 229, options [nop,nop,TS val 4692954 ecr 44193412], length 1448 05:48:45.489290 IP 172.0.0.117.55818 > 172.0.0.4.ssh: Flags [P.], seq 1490:2010, ack 27, win 229, options [nop,nop,TS val 4692954 ecr 44193412], length 520 05:48:45.489847 IP 172.0.0.4.ssh > 172.0.0.117.55818: Flags [P.], seq 27:443, ack 42, win 1810, options [nop,nop,TS val 44193412 ecr 4692954], length 416 05:48:45.490316 IP 172.0.0.4.ssh > 172.0.0.117.55818: Flags [.], ack 42, win 1810, options [nop,nop,TS val 44193412 ecr 4692954,nop,nop,sack 1 {1490:2010}], length 0 05:48:45.490386 IP 172.0.0.117.55818 > 172.0.0.4.ssh: Flags [.], seq 42:1490, ack 443, win 237, options [nop,nop,TS val 4692955 ecr 44193412], length 1448 05:48:45.691646 IP 172.0.0.4.ssh > 172.0.0.117.55818: Flags [P.], seq 27:443, ack 42, win 1810, options [nop,nop,TS val 44193463 ecr 4692954,nop,nop,sack 1 {1490:2010}], length 416 05:48:45.691690 IP 172.0.0.117.55818 > 172.0.0.4.ssh: Flags [.], ack 443, win 237, options [nop,nop,TS val 4693005 ecr 44193463,nop,nop,sack 1 {27:443}], length 0 05:48:45.694466 IP 172.0.0.117.55818 > 172.0.0.4.ssh: Flags [.], seq 42:1490, ack 443, win 237, options [nop,nop,TS val 4693006 ecr 44193463], length 1448 05:48:46.102461 IP 172.0.0.117.55818 > 172.0.0.4.ssh: Flags [.], seq 42:1490, ack 443, win 237, options [nop,nop,TS val 4693108 ecr 44193463], length 1448 05:48:46.918464 IP 172.0.0.117.55818 > 172.0.0.4.ssh: Flags [.], seq 42:1490, ack 443, win 237, options [nop,nop,TS val 4693312 ecr 44193463], length 1448 05:48:48.554444 IP 172.0.0.117.55818 > 172.0.0.4.ssh: Flags [.], seq 42:1490, ack 443, win 237, options [nop,nop,TS val 4693721 ecr 44193463], length 1448 05:48:50.502461 ARP, Request who-has 172.0.0.117 tell 172.0.0.2, length 28 05:48:50.502547 ARP, Request who-has 172.0.0.4 tell 172.0.0.117, length 28 05:48:50.502559 ARP, Reply 172.0.0.4 is-at fa:16:3e:b4:4e:6e (oui Unknown), length 28 05:48:50.502597 ARP, Reply 172.0.0.117 is-at 68:05:ca:0e:6b:b6 (oui Unknown), length 28 05:48:51.830441 IP 172.0.0.117.55818 > 172.0.0.4.ssh: Flags [.], seq 42:1490, ack 443, win 237, options [nop,nop,TS val 4694540 ecr 44193463], length 1448 05:48:58.374756 IP 172.0.0.117.55818 > 172.0.0.4.ssh: Flags [.], seq 42:1490, ack 443, win 237, options [nop,nop,TS val 4696176 ecr 44193463], length 1448 05:49:11.462560 IP 172.0.0.117.55818 > 172.0.0.4.ssh: Flags [.], seq 42:1490, ack 443, win 237, options [nop,nop,TS val 4699448 ecr 44193463], length 1448 05:49:37.606548 IP 172.0.0.117.55818 > 172.0.0.4.ssh: Flags [.], seq 42:1490, ack 443, win 237, options [nop,nop,TS val 4705984 ecr 44193463], length 1448 05:49:42.614737 ARP, Request who-has 172.0.0.4 tell 172.0.0.117, length 28 05:49:42.614769 ARP, Reply 172.0.0.4 is-at fa:16:3e:b4:4e:6e (oui Unknown), length 28 05:50:29.958757 IP 172.0.0.117.55818 > 172.0.0.4.ssh: Flags [.], seq 42:1490, ack 443, win 237, options [nop,nop,TS val 4719072 ecr 44193463], length 1448 05:50:34.966723 ARP, Request who-has 172.0.0.4 tell 172.0.0.117, length 28 05:50:34.966750 ARP, Reply 172.0.0.4 is-at fa:16:3e:b4:4e:6e (oui Unknown), length 28 Tcpdump at tap interface connected to instance at compute node . This tap interface is connected to br-int on compute node . root@user-ThinkCentre-M73:/home/user# tcpdump -i tapb0373360-21 port 22 tcpdump: WARNING: tapb0373360-21: no IPv4 address assigned tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on tapb0373360-21, link-type EN10MB (Ethernet), capture size 65535 bytes 05:49:00.295624 IP 172.0.0.117.55818 > 11.0.0.5.ssh: Flags [S], seq 3976398776, win 29200, options [mss 1460,sackOK,TS val 4692954 ecr 0,nop,wscale 7], length 0 05:49:00.295758 IP 11.0.0.5.ssh > 172.0.0.117.55818: Flags [S.], seq 3831484282, ack 3976398777, win 14480, options [mss 1460,sackOK,TS val 44193412 ecr 4692954,nop,wscale 3], length 0 05:49:00.296464 IP 172.0.0.117.55818 > 11.0.0.5.ssh: Flags [.], ack 1, win 229, options [nop,nop,TS val 4692954 ecr 44193412], length 0 05:49:00.296738 IP 172.0.0.117.55818 > 11.0.0.5.ssh: Flags [P.], seq 1:42, ack 1, win 229, options [nop,nop,TS val 4692954 ecr 44193412], length 41 05:49:00.296798 IP 11.0.0.5.ssh > 172.0.0.117.55818: Flags [.], ack 42, win 1810, options [nop,nop,TS val 44193412 ecr 4692954], length 0 05:49:00.297069 IP 11.0.0.5.ssh > 172.0.0.117.55818: Flags [P.], seq 1:27, ack 42, win 1810, options [nop,nop,TS val 44193412 ecr 4692954], length 26 05:49:00.297122 IP 11.0.0.5.ssh > 172.0.0.117.55818: Flags [P.], seq 27:443, ack 42, win 1810, options [nop,nop,TS val 44193412 ecr 4692954], length 416 05:49:00.297717 IP 172.0.0.117.55818 > 11.0.0.5.ssh: Flags [.], ack 27, win 229, options [nop,nop,TS val 4692954 ecr 44193412], length 0 05:49:00.298022 IP 172.0.0.117.55818 > 11.0.0.5.ssh: Flags [P.], seq 1490:2010, ack 27, win 229, options [nop,nop,TS val 4692954 ecr 44193412], length 520 05:49:00.298073 IP 11.0.0.5.ssh > 172.0.0.117.55818: Flags [.], ack 42, win 1810, options [nop,nop,TS val 44193412 ecr 4692954,nop,nop,sack 1 {1490:2010}], length 0 05:49:00.498896 IP 11.0.0.5.ssh > 172.0.0.117.55818: Flags [P.], seq 27:443, ack 42, win 1810, options [nop,nop,TS val 44193463 ecr 4692954,nop,nop,sack 1 {1490:2010}], length 416 05:49:00.500531 IP 172.0.0.117.55818 > 11.0.0.5.ssh: Flags [.], ack 443, win 237, options [nop,nop,TS val 4693005 ecr 44193463,nop,nop,sack 1 {27:443}], length 0 Thanks, Srinivas. On Fri, Sep 19, 2014 at 3:32 PM, Raghu Vadapalli <rvatspac...@gmail.com> wrote: > Just to confirm if iptables are the issue try stopping iptables and see if > it works and then you can debug further. > — > Sent from Mailbox <https://www.dropbox.com/mailbox> > > > On Fri, Sep 19, 2014 at 3:55 AM, Srinivasreddy R < > srinivasreddy4...@gmail.com> wrote: > >> hi, >> i had addeed a rule for (ingress, tcp, port 22 and cidr 0.0.0.0/0). >> still not able to ssh . >> >> my instance overview >> http://paste.openstack.org/show/113170/ >> >> >> i pasted my ip tables [ nat, mangle,filter] output .. >> >> please let me know i want to add or delete any thing in iptables . >> >> http://paste.openstack.org/show/113164/ >> >> >> thanks, >> srinivas. >> >> >> >> On Fri, Sep 19, 2014 at 12:39 PM, Akilesh K <akilesh1...@gmail.com> >> wrote: >> >>> The mail from Andreas was correct you need to add a rule for >>> (ingress, tcp, port 22 and cidr 0.0.0.0/0). >>> >>> In case the rule is already there. check the host firewall rules using >>> iptables -t nat -L >>> iptables -t mangle -L >>> iptables -t filter -L >>> >>> None of the tables should have any rule. >>> >>> On Fri, Sep 19, 2014 at 9:41 AM, Srinivasreddy R < >>> srinivasreddy4...@gmail.com> wrote: >>> >>>> hi, >>>> i have checked security group rules . >>>> my instance is pinging to router and even a device in external network >>>> . >>>> mostly my problem may in host's firewall . >>>> how can i identify which rule is dropping the ssh traffic .? >>>> how can i confirm that ssh traffic is blocked at firewall .? >>>> i there any way to see the firewall dropped packets ? >>>> >>>> thanks , >>>> srinivas. >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> On Thu, Sep 18, 2014 at 7:36 PM, Akilesh K <akilesh1...@gmail.com> >>>> wrote: >>>> >>>>> I believe you have checked the security group rules. Make sure the >>>>> instance is able to ping the router. If yes the problem lies in your >>>>> host's >>>>> firewall rules. Flush the hosts iptable rules(you may take a backup before >>>>> you do that). >>>>> >>>>> On Thu, Sep 18, 2014 at 7:32 PM, Srinivasreddy R < >>>>> srinivasreddy4...@gmail.com> wrote: >>>>> >>>>>> hi , >>>>>> thanks for your reply . >>>>>> >>>>>> 1. i have checked ssh server is running in instance .. >>>>>> ssh from one instance to another is possible using private >>>>>> network[demo-net] . >>>>>> 2. checked ssh is running in port 22 >>>>>> 3. telnet <ip> 22 is not working . >>>>>> >>>>>> >>>>>> 4. output when i run ssh using verbose pasted at >>>>>> >>>>>> http://paste.openstack.org/show/112860/ >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> ================================== >>>>>> ip tables output >>>>>> >>>>>> my internal network for vm is 11.0.0.x and external network is >>>>>> 172.0.0.x >>>>>> >>>>>> >>>>>> root@user-ThinkCentre-M73:/home/user# ip netns exec >>>>>> qrouter-f6e00f94-1c6d-4cf5-8cae-319e393240fe iptables -t nat -S >>>>>> -P PREROUTING ACCEPT >>>>>> -P INPUT ACCEPT >>>>>> -P OUTPUT ACCEPT >>>>>> -P POSTROUTING ACCEPT >>>>>> -N neutron-l3-agent-OUTPUT >>>>>> -N neutron-l3-agent-POSTROUTING >>>>>> -N neutron-l3-agent-PREROUTING >>>>>> -N neutron-l3-agent-float-snat >>>>>> -N neutron-l3-agent-snat >>>>>> -N neutron-postrouting-bottom >>>>>> -A PREROUTING -j neutron-l3-agent-PREROUTING >>>>>> -A OUTPUT -j neutron-l3-agent-OUTPUT >>>>>> -A POSTROUTING -j neutron-l3-agent-POSTROUTING >>>>>> -A POSTROUTING -j neutron-postrouting-bottom >>>>>> -A neutron-l3-agent-OUTPUT -d 172.0.0.7/32 -j DNAT --to-destination >>>>>> 11.0.0.9 >>>>>> -A neutron-l3-agent-OUTPUT -d 172.0.0.3/32 -j DNAT --to-destination >>>>>> 11.0.0.2 >>>>>> -A neutron-l3-agent-OUTPUT -d 172.0.0.4/32 -j DNAT --to-destination >>>>>> 11.0.0.5 >>>>>> -A neutron-l3-agent-POSTROUTING ! -i qg-ec80d9fb-82 ! -o >>>>>> qg-ec80d9fb-82 -m conntrack ! --ctstate DNAT -j ACCEPT >>>>>> -A neutron-l3-agent-PREROUTING -d 169.254.169.254/32 -p tcp -m tcp >>>>>> --dport 80 -j REDIRECT --to-ports 9697 >>>>>> -A neutron-l3-agent-PREROUTING -d 172.0.0.7/32 -j DNAT >>>>>> --to-destination 11.0.0.9 >>>>>> -A neutron-l3-agent-PREROUTING -d 172.0.0.3/32 -j DNAT >>>>>> --to-destination 11.0.0.2 >>>>>> -A neutron-l3-agent-PREROUTING -d 172.0.0.4/32 -j DNAT >>>>>> --to-destination 11.0.0.5 >>>>>> -A neutron-l3-agent-float-snat -s 11.0.0.9/32 -j SNAT --to-source >>>>>> 172.0.0.7 >>>>>> -A neutron-l3-agent-float-snat -s 11.0.0.2/32 -j SNAT --to-source >>>>>> 172.0.0.3 >>>>>> -A neutron-l3-agent-float-snat -s 11.0.0.5/32 -j SNAT --to-source >>>>>> 172.0.0.4 >>>>>> -A neutron-l3-agent-snat -j neutron-l3-agent-float-snat >>>>>> -A neutron-l3-agent-snat -s 11.0.0.0/24 -j SNAT --to-source 172.0.0.2 >>>>>> -A neutron-postrouting-bottom -j neutron-l3-agent-snat >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> ===================== >>>>>> i pasted my dump flows of br-tun at >>>>>> http://paste.openstack.org/show/112859/ >>>>>> >>>>>> >>>>>> >>>>>> as per the doc >>>>>> https://openstack.redhat.com/Networking_in_too_much_detail >>>>>> >>>>>> br-ex is connected to router , router is connected to br-int , br-int >>>>>> is connected to bt-tun . >>>>>> >>>>>> i have captured at br-int . my ssh request is reaching to br-int but >>>>>> not going through tunnel . >>>>>> >>>>>> please help me . >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> thanks, >>>>>> srinivas. >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> On Wed, Sep 17, 2014 at 9:30 PM, Sajith Kariyawasam <saj...@gmail.com >>>>>> > wrote: >>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> Could be due to, >>>>>>> ssh server is not up and running in your instance, >>>>>>> or running in a different port rather than port 22, >>>>>>> or, ssh port access is restricted in openstack key pair >>>>>>> configuration >>>>>>> >>>>>>> You could also try telnet to check the connectivity, >>>>>>> $ telnet <ip> 22 >>>>>>> >>>>>>> Thanks, >>>>>>> Sajith >>>>>>> >>>>>>> >>>>>>> On Wed, Sep 17, 2014 at 8:59 PM, Zoltán Lajos Kis < >>>>>>> zoltan.lajos....@ericsson.com> wrote: >>>>>>> >>>>>>>> Hi, >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> What’s the output of running ssh with the verbose (-v) flag? >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> BR, >>>>>>>> >>>>>>>> Zoltan >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> *From:* Srinivasreddy R [mailto:srinivasreddy4...@gmail.com] >>>>>>>> *Sent:* Wednesday, September 17, 2014 5:16 PM >>>>>>>> *To:* openstack@lists.openstack.org >>>>>>>> *Subject:* [Openstack] able to ping but not able to ssh to instance >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> hi, >>>>>>>> >>>>>>>> i am able to ping my instance form external network . >>>>>>>> >>>>>>>> but not able to ssh to the instance . >>>>>>>> >>>>>>>> i am using floating ip s for ping,ssh. >>>>>>>> >>>>>>>> please help me . >>>>>>>> >>>>>>>> thanks, >>>>>>>> srinivas. >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Mailing list: >>>>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >>>>>>>> Post to : openstack@lists.openstack.org >>>>>>>> Unsubscribe : >>>>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Best Regards >>>>>>> Sajith >>>>>>> >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Mailing list: >>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >>>>>> Post to : openstack@lists.openstack.org >>>>>> Unsubscribe : >>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >>>>>> >>>>>> >>>>> >>>> >>> >> >
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
