One other oddity - output from "route -n" on the secondary storage VM. It's creating routes for the public mgmt service that route back through the private VLAN gateway.
route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 XX.47.90.1 0.0.0.0 UG 0 0 0 eth2 10.1.40.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 10.1.40.0 0.0.0.0 255.255.255.0 U 0 0 0 eth3 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 XX.47.90.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2 XX.47.90.4 10.1.40.1 255.255.255.255 UGH 0 0 0 eth1 On Tue, Oct 7, 2014 at 2:07 PM, John Pletka <[email protected]> wrote: > I have a new CloudStack install and am facing the situation where guests > can't access the public network. It assigns the public IP and gateway > correctly, but when I ssh into the VM, it can only reach the private side. > Specifically, I'm testing the secondary storage VM. Sorry for the config > dump below, but hopefully something will stand out. > > For my setup I have: > 1) Cisco 4948 switch. 1/2 the ports are a private VLAN 10.1.40.0. 1/2 > the ports are public and connect upstream to a router. > 2) 3 host machines running XenServer 6.2 with dual NICs. ETH0 -> private > VLAN, ETH1=> public side of the switch > 3) The Management is on a 4th server, dual nic and communicates to public > and private fine > 4) Each of the host machines has a private address assigned to xenbr0 > (10.1.40.4, 10.1.40.5, 10.1.40.6). Gateway is 10.1.40.1, which is owned by > the switch VLAN > 5) The Public range is setup as xx.47.90.0/24 (.10-.254 available to > guests) > 6) The host servers can't reach the public network because I have not > assigned a public address to xenbr1 > > ############# > #Here is the network setup of the host servers: > ############# > xe network-list > uuid ( RO) : 486aabce-1215-6e5a-b2d7-1b4c433b8728 > name-label ( RW): Host internal management network > name-description ( RW): Network on which guests will be assigned a > private link-local IP address which can be used to talk XenAPI > bridge ( RO): xenapi > > uuid ( RO) : c56c81c5-a29e-c68f-bb3d-b6393ce5ba20 > name-label ( RW): cloud_link_local_network > name-description ( RW): link local network used by system vms > bridge ( RO): xapi0 > > > uuid ( RO) : ce61e701-84a2-0699-421e-22022ffb901f > name-label ( RW): cloud-private > name-description ( RW): > bridge ( RO): xenbr0 > > uuid ( RO) : dab93467-688e-871d-f4f8-3cb27e759a7c > name-label ( RW): cloud-public > name-description ( RW): > bridge ( RO): xenbr1 > > ############# > # In the CloudStack management, it give the following info for the > secondary storage VM > ############# > TypeSecondary Storage VMZoneATL01Public IP AddressXX.47.90.103Private IP > Address10.1.40.100Link Local IP Address169.254.1.159Hostxenserver03Gateway > XX.47.90.1 > > ##################### > # on the VM itself, here is the ifconfig. Strangely it has two IP > addresses > # assigned to the management network, in addition to the public one > ###################### > ifconfig > eth0 Link encap:Ethernet HWaddr 0e:00:a9:fe:01:9f > inet addr:169.254.1.159 Bcast:169.254.255.255 Mask:255.255.0.0 > inet6 addr: fe80::c00:a9ff:fefe:19f/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:955 errors:0 dropped:0 overruns:0 frame:0 > TX packets:701 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:68196 (66.5 KiB) TX bytes:95098 (92.8 KiB) > Interrupt:25 > > eth1 Link encap:Ethernet HWaddr 06:5d:94:00:00:45 > inet addr:10.1.40.100 Bcast:10.1.40.255 Mask:255.255.255.0 > inet6 addr: fe80::45d:94ff:fe00:45/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:420976 errors:0 dropped:0 overruns:0 frame:0 > TX packets:42132 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:24655099 (23.5 MiB) TX bytes:2975996 (2.8 MiB) > Interrupt:26 > > eth2 Link encap:Ethernet HWaddr 06:bb:64:00:01:22 > inet addr:XX.47.90.103 Bcast:XX.47.90.255 Mask:255.255.255.0 > inet6 addr: fe80::4bb:64ff:fe00:122/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:367360 errors:0 dropped:0 overruns:0 frame:0 > TX packets:13777 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:21909923 (20.8 MiB) TX bytes:578874 (565.3 KiB) > Interrupt:27 > > eth3 Link encap:Ethernet HWaddr 06:26:2c:00:00:92 > inet addr:10.1.40.177 Bcast:10.1.40.255 Mask:255.255.255.0 > inet6 addr: fe80::426:2cff:fe00:92/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:381109 errors:0 dropped:0 overruns:0 frame:0 > TX packets:5 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:22294465 (21.2 MiB) TX bytes:478 (478.0 B) > Interrupt:28 > > > >
