cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Vadim Kimlaychuk <Vadim.Kimlayc...@Elion.ee>
Subject RE: VMs unable to reach public network
Date Wed, 08 Oct 2014 06:25:33 GMT
If I understand network configuration correctly - you are not using VLANs in reality, because
you don't add tag to your traffic. The same for Cisco switch - it just listens on different
ports. Traffic for public/private is untagged. I am not 100% sure, because my set-up is based
on single NIC, but probably you need to assign IP to your bridge in order to work correctly.

The other option I can suggest - try to look into Cisco switch configuration and see if "ARP
proxy" is enabled for your public port. Physically you have 2 different HW interfaces and
none is configured to have IP - how packet will know which interface to take? 

Try to run "arp -n" in order to see if your server/client sees the other side. 

Vadim.

-----Original Message-----
From: john.pletka@gmail.com [mailto:john.pletka@gmail.com] On Behalf Of John Pletka
Sent: Tuesday, October 07, 2014 9:18 PM
To: users@cloudstack.apache.org
Subject: Re: VMs unable to reach public network

One other oddity - output from "route -n" on the secondary storage VM.
It's creating routes for the public mgmt service that route back through the private VLAN
gateway.

route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
0.0.0.0         XX.47.90.1     0.0.0.0         UG    0      0        0 eth2
10.1.40.0       0.0.0.0         255.255.255.0   U     0      0        0 eth1
10.1.40.0       0.0.0.0         255.255.255.0   U     0      0        0 eth3
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
XX.47.90.0     0.0.0.0         255.255.255.0   U     0      0        0 eth2
XX.47.90.4     10.1.40.1       255.255.255.255 UGH   0      0        0 eth1

On Tue, Oct 7, 2014 at 2:07 PM, John Pletka <jpletka@abraxis.com> wrote:

> I have a new CloudStack install and am facing the situation where 
> guests can't access the public network.  It assigns the public IP and 
> gateway correctly, but when I ssh into the VM, it can only reach the private side.
> Specifically, I'm testing the secondary storage VM.  Sorry for the 
> config dump below, but hopefully something will stand out.
>
> For my setup I have:
> 1) Cisco 4948 switch.   1/2 the ports are a private VLAN 10.1.40.0.  1/2
> the ports are public and connect upstream to a router.
> 2) 3 host machines running XenServer 6.2 with dual NICs.  ETH0 -> 
> private VLAN, ETH1=> public side of the switch
> 3) The Management is on a 4th server, dual nic and communicates to 
> public and private fine
> 4) Each of the host machines has a private address assigned to xenbr0 
> (10.1.40.4, 10.1.40.5, 10.1.40.6).  Gateway is 10.1.40.1, which is 
> owned by the switch VLAN
> 5) The Public range is setup as xx.47.90.0/24 (.10-.254 available to
> guests)
> 6) The host servers can't reach the public network because I have not 
> assigned a public address to xenbr1
>
> #############
> #Here is the network setup of the host servers:
> #############
> xe network-list
> uuid ( RO)                : 486aabce-1215-6e5a-b2d7-1b4c433b8728
>     name-label ( RW): Host internal management network
>     name-description ( RW): Network on which guests will be assigned a 
> private link-local IP address which can be used to talk XenAPI
>     bridge ( RO): xenapi
>
> uuid ( RO)                : c56c81c5-a29e-c68f-bb3d-b6393ce5ba20
>     name-label ( RW): cloud_link_local_network
>     name-description ( RW): link local network used by system vms
>               bridge ( RO): xapi0
>
>
> uuid ( RO)                : ce61e701-84a2-0699-421e-22022ffb901f
>     name-label ( RW): cloud-private
>     name-description ( RW):
>               bridge ( RO): xenbr0
>
> uuid ( RO)                : dab93467-688e-871d-f4f8-3cb27e759a7c
>           name-label ( RW): cloud-public
>     name-description ( RW):
>               bridge ( RO): xenbr1
>
> #############
> # In the CloudStack management, it give the following info for the 
> secondary storage VM ############# TypeSecondary Storage 
> VMZoneATL01Public IP AddressXX.47.90.103Private IP 
> Address10.1.40.100Link Local IP 
> Address169.254.1.159Hostxenserver03Gateway
> XX.47.90.1
>
> #####################
> # on the VM itself, here is the ifconfig.  Strangely it has two IP 
> addresses # assigned to the management network, in addition to the 
> public one ###################### ifconfig
> eth0      Link encap:Ethernet  HWaddr 0e:00:a9:fe:01:9f
>           inet addr:169.254.1.159  Bcast:169.254.255.255  Mask:255.255.0.0
>           inet6 addr: fe80::c00:a9ff:fefe:19f/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:955 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:701 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:68196 (66.5 KiB)  TX bytes:95098 (92.8 KiB)
>           Interrupt:25
>
> eth1      Link encap:Ethernet  HWaddr 06:5d:94:00:00:45
>           inet addr:10.1.40.100  Bcast:10.1.40.255  Mask:255.255.255.0
>           inet6 addr: fe80::45d:94ff:fe00:45/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:420976 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:42132 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:24655099 (23.5 MiB)  TX bytes:2975996 (2.8 MiB)
>           Interrupt:26
>
> eth2      Link encap:Ethernet  HWaddr 06:bb:64:00:01:22
>           inet addr:XX.47.90.103  Bcast:XX.47.90.255  Mask:255.255.255.0
>           inet6 addr: fe80::4bb:64ff:fe00:122/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:367360 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:13777 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:21909923 (20.8 MiB)  TX bytes:578874 (565.3 KiB)
>           Interrupt:27
>
> eth3      Link encap:Ethernet  HWaddr 06:26:2c:00:00:92
>           inet addr:10.1.40.177  Bcast:10.1.40.255  Mask:255.255.255.0
>           inet6 addr: fe80::426:2cff:fe00:92/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:381109 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:22294465 (21.2 MiB)  TX bytes:478 (478.0 B)
>           Interrupt:28
>
>
>
>
Mime
View raw message