cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dag Sonstebo <Dag.Sonst...@shapeblue.com>
Subject Re: SSVM unable to ping outside, only management server
Date Mon, 24 Oct 2016 13:10:50 GMT
Hi Oreki,

I’m referring to your CloudStack zone configuration:

- Your Ubuntu host is on 172.16.135.130/23 – which points to this range being your private
management range – but you have this on cloudbr0 which you have marked as public.
- Your SSVM is showing up with public IP address 172.16.135.24/23 – in other words the public
range it using the same IP subnet as the management range. If you check this I would expect
this to also use cloudbr0 in youe current setup?

I would maybe suggest you look at:
- Cloudbr0 carrying private traffic + the host IP interface
- Cloudbr1 carrying public traffic
- You set aside different IP ranges for the management traffic and the public traffic.

Hope this makes sense.

Regards,
Dag Sonstebo

On 24/10/2016, 11:04, "Oreki Hōtarō" <syedabd90@gmail.com> wrote:

    May I know which interface you're referring to? Inside ssvm or the host
    interface? And may I have suggestions on the interface and bridging
    
    On 24 Oct 2016 5:46 PM, "Dag Sonstebo" <Dag.Sonstebo@shapeblue.com> wrote:
    
    > Hi Oreki,
    >
    > Looking at the below it looks like you are using the same 172.16.134.0/23
    > range for public and private traffic? You would normally run different
    > ranges for these two purposes.
    >
    > Regards,
    > Dag Sonstebo
    >
    > On 21/10/2016, 08:57, "Oreki Hōtarō" <syedabd90@gmail.com> wrote:
    >
    >     Thanks for your reply Dag, it seems I can't ping the gateway. Some
    >     background on the setup which I should've explained earlier:
    >
    >     Running Cloudstack 4.9 with KVM on Ubuntu 14.04, it's a single machine
    >     setup with the vms and management on the same host. Here's the network
    >     interface:
    >
    >     # The primary network interface
    >     auto eth0
    >     iface eth0 inet manual
    >
    >     # Public network
    >     auto cloudbr0
    >     iface cloudbr0 inet static
    >         address 172.16.135.130
    >         netmask 255.255.254.0
    >         gateway 172.16.135.254
    >         dns-nameservers 172.16.238.7 172.16.238.6
    >         dns-domain UTP.EDU.MY
    >         bridge_ports eth0
    >         bridge_fd 5
    >         bridge_stp off
    >         bridge_maxwait 1
    >
    >     # Private network
    >     auto cloudbr1
    >     iface cloudbr1 inet manual
    >         bridge_ports none
    >         bridge_fd 5
    >         bridge_stp off
    >         bridge_maxwait 1
    >
    >     Here's the ssvm interface:
    >     auto lo eth0 eth1 eth2
    >     iface lo inet loopback
    >
    >     iface  eth0 inet static
    >       address 169.254.0.105
    >       netmask 255.255.0.0
    >     iface  eth1 inet static
    >       address 172.16.135.24
    >       netmask 255.255.254.0
    >     iface  eth2 inet static
    >       address 172.16.135.154
    >       netmask 255.255.254.0
    >
    >     I've disabled firewall to ensure that it's not the problem and so it
    >     doesn't interfere in fixing this. I'll set that up later. I'm thinking
    > my
    >     problem might be my configuration. I've configured the External and
    >     Internal DNS as the dns nameservers from the interface. I'm not sure
    > if the
    >     ACL might be blocking the traffic, but I will check into that. But, I
    > do
    >     not think that might be the problem as currently I can ping the dns
    > and the
    >     gateway from the host, just not from the ssvm.
    >
    >     Looking forward to your reply
    >
    >
    >
    >     On Thu, Oct 20, 2016 at 5:33 PM Dag Sonstebo <
    > Dag.Sonstebo@shapeblue.com>
    >     wrote:
    >
    >     > Hi Oreki,
    >     >
    >     > A couple of things to check:
    >     >
    >     > - Can you ping the gateway  172.16.135.254  ?
    >     > - If you can ping this – have you got any network ACLSs / firewall
    > rules
    >     > blocking traffic?
    >     > - If you check on your hypervisor – is the SSVM eth2 interface
    > connected
    >     > to the right network / vSwitch and the right VLAN?
    >     >
    >     >
    >     > Regards,
    >     > Dag Sonstebo
    >     > Cloud Architect
    >     > ShapeBlue
    >     >
    >     > On 20/10/2016, 02:09, "Oreki Hōtarō" <syedabd90@gmail.com> wrote:
    >     >
    >     >     Hi, I've ssh into ssvm and tried to ping google dns 8.8.8.8 to
    > check
    >     > if it
    >     >     works. Error message says:
    >     >
    >     >     root@s-8-VM:~# ping 8.8.8.8
    >     >     PING 8.8.8.8 (8.8.8.8): 48 data bytes
    >     >     60 bytes from s-8-VM (172.16.135.158): Destination Host
    > Unreachable
    >     >     Vr HL TOS  Len   ID Flg  off TTL Pro  cks      Src      Dst Data
    >     >      4  5  00 4c00 01cb   0 0040  40  01 f12b 172.16.135.158  8.8.8.8
    >     >
    >     >     Here's what the health check output is:
    >     >     root@s-8-VM:~# /usr/local/cloud/systemvm/ssvm-check.sh
    >     >     ================================================
    >     >     First DNS server is  172.16.238.7
    >     >     PING 172.16.238.7 (172.16.238.7): 48 data bytes
    >     >     --- 172.16.238.7 ping statistics ---
    >     >     2 packets transmitted, 0 packets received, 100% packet loss
    >     >     WARNING: cannot ping DNS server
    >     >     route follows
    >     >     Kernel IP routing table
    >     >     Destination     Gateway         Genmask         Flags Metric
    > Ref    Use
    >     >     Iface
    >     >     0.0.0.0         172.16.135.254  0.0.0.0         UG    0      0
    >     > 0 eth2
    >     >     169.254.0.0     0.0.0.0         255.255.0.0     U     0      0
    >     > 0 eth0
    >     >     172.16.134.0    0.0.0.0         255.255.254.0   U     0      0
    >     > 0 eth1
    >     >     172.16.134.0    0.0.0.0         255.255.254.0   U     0      0
    >     > 0 eth2
    >     >     172.16.238.6    172.16.135.254  255.255.255.255 UGH   0      0
    >     > 0 eth1
    >     >     172.16.238.7    172.16.135.254  255.255.255.255 UGH   0      0
    >     > 0 eth1
    >     >     ================================================
    >     >     ERROR: DNS not resolving download.cloud.com
    >     >     resolv.conf follows
    >     >     nameserver 172.16.238.7
    >     >     nameserver 172.16.238.6
    >     >     nameserver 172.16.135.130
    >     >
    >     >     Not really sure what the problem is. It seems that the gateway
    > might
    >     > be the
    >     >     problem but I'm sure I set it accordingly, nothing out of the
    >     > ordinary. I
    >     >     can ping to the management server.
    >     >
    >     >
    >     >
    >     > Dag.Sonstebo@shapeblue.com
    >     > www.shapeblue.com
    >     > 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
    >     > @shapeblue
    >     >
    >     >
    >     >
    >     >
    >
    >
    >
    > Dag.Sonstebo@shapeblue.com
    > www.shapeblue.com
    > 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
    > @shapeblue
    >
    >
    >
    >
    


Dag.Sonstebo@shapeblue.com 
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue
  
 

Mime
View raw message