Thanks a lot Jorge for your response, these are the outputs:
ip netns exec qrouter-570a7359-1658-4ff4-8f0c-947e487ffc76 ifconfig
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qg-1fd409f8-91: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet XXXXXX.8 netmask 255.255.255.0 broadcast XXXXXX
inet6 fe80::f816:3eff:fef7:a0db prefixlen 64 scopeid 0x20<link>
ether fa:16:3e:f7:a0:db txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 37 bytes 2082 (2.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qr-5ac8cae0-61: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet 10.10.0.1 netmask 255.255.255.0 broadcast 10.10.0.255
inet6 fe80::f816:3eff:fe3b:b19b prefixlen 64 scopeid 0x20<link>
ether fa:16:3e:3b:b1:9b txqueuelen 1000 (Ethernet)
RX packets 338 bytes 31394 (30.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 360 bytes 38637 (37.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
The main strange part is here: qg-1fd409f8-91:
flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet XXXXXX.8 netmask 255.255.255.0 broadcast XXXXXX
xxxx.8 strange IP it is not my network node IP.
And here are more outputs:
ip netns exec qrouter-570a7359-1658-4ff4-8f0c-947e487ffc76 iptables -L -n -v
Chain INPUT (policy ACCEPT 116 packets, 15374 bytes)
pkts bytes target prot opt in out source
destination
308 29294 neutron-l3-agent-INPUT all -- * *
0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT 6 packets, 504 bytes)
pkts bytes target prot opt in out source
destination
6 504 neutron-filter-top all -- * * 0.0.0.0/0
0.0.0.0/0
6 504 neutron-l3-agent-FORWARD all -- * *
0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 342 packets, 32649 bytes)
pkts bytes target prot opt in out source
destination
342 32649 neutron-filter-top all -- * * 0.0.0.0/0
0.0.0.0/0
342 32649 neutron-l3-agent-OUTPUT all -- * *
0.0.0.0/0 0.0.0.0/0
Chain neutron-filter-top (2 references)
pkts bytes target prot opt in out source
destination
348 33153 neutron-l3-agent-local all -- * *
0.0.0.0/0 0.0.0.0/0
Chain neutron-l3-agent-FORWARD (1 references)
pkts bytes target prot opt in out source
destination
6 504 neutron-l3-agent-scope all -- * *
0.0.0.0/0 0.0.0.0/0
Chain neutron-l3-agent-INPUT (1 references)
pkts bytes target prot opt in out source
destination
192 13920 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 mark match 0x1/0xffff
0 0 DROP tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:9697
Chain neutron-l3-agent-OUTPUT (1 references)
pkts bytes target prot opt in out source
destination
Chain neutron-l3-agent-local (1 references)
pkts bytes target prot opt in out source
destination
Chain neutron-l3-agent-scope (1 references)
pkts bytes target prot opt in out source
destination
0 0 DROP all -- * qr-5ac8cae0-61
0.0.0.0/0 0.0.0.0/0 mark match ! 0x4000000/0xffff0000
On 03/28/2018 11:03 PM, Jorge Luiz Correa wrote:
You can use
ip netns exec qroute-ID ifconfig
ip netns exec qroute-ID tcpdump -eni <some qr or qg interface>
to verify if packages are arriving. And, you can also use
ip netns exec qroute-ID iptables -L -n -v
to see where packages are being dropped (there will be counters on
DROP rules).
Regards.
- JLC
On Wed, Mar 28, 2018 at 3:38 PM, wahi <w...@sci.am
<mailto:w...@sci.am>> wrote:
Dear all,
I installed Openstack ocata using the packstack on Centos 7, so
there is a controller node, network node and four compute nodes.
I created the private and public network. The instance is running
and getting the internal IP then I am associating the external IP
without any problem.
From the network node I can use:
ip netns exec qroute-ID ping external-IP or SSH
But no ping or ssh using the ping or ssh command from the network
or controller node or even the compute node where the instance is
running.
No selinux or firewall on all nodes.
SSH enabled between controller and all remaining nodes.
Security rules for SSH and ping has been added.
Really appreciate any help or suggestion to identify the problem.
Many thanks in advance.
Regards,
Wahi
_______________________________________________
Mailing list:
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
<http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack>
Post to : openstack@lists.openstack.org
<mailto:openstack@lists.openstack.org>
Unsubscribe :
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
<http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack>
--
Wahi Narsisian
Vice-Head of Center for Scientific Computing,
Institute for Informatics and Automation Problems,
National Academy of Sciences of the Republic of Armenia
1, P. Sevak str., Yerevan 0014, Armenia
t: 374 91 557285
e: w...@sci.am
_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
