openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #16415
Re: [OpenStack][Nova]Problems and questions regarding network and/or routing
On Sep 4, 2012, at 8:35 AM, Leander Bessa Beernaert <leanderbb@xxxxxxxxx> wrote:
> Hello all,
>
> I've had a few reports from users testing out the sample installation of OpenStack i setup. The reports were all related to problems with inter-vm network speeds and connection timeouts as well as the inability to connect to the outside word from within the VM (e.g.: ping www.google.com). I'm not sure if i setup something wrong, so i have a few questions.
>
> The current installation of OpenStack is running with 1 controller node, and 8 compute nodes. Each node is running Ubuntu 12.04 and Essex with the default packages. I'm using the VLAN network manager. There is one peculiarity to this setup. Since each physical hosts only has 1 network interface, i came up with the following configuration:
> - For inter-node communications i set up a VLAN with the ID 107
> - Each tentant has it's private network on a separate VLAN. Currently there are two tenant, one on VLAN 109 (network: 10.0.9.0/24) and another on VLAN 110 (network: 10.0.9.0/24).
>
> I'm not a network expert, so please bear with me if i make any outrages statements.
>
> 1) When communicating on the private network, the packets are not routed through the controller right? That only happens when the VM needs to contact an external source (e.g.: google), correct? This report originated from users from VLAN 109. They are using network intensive applications which send a lot of data between each of the instances. They reported various time-out and connection drops as well as slow transfer speeds. I'm no network expert, but could this be related to the routing, VLANs or is it a hardware issue?
There are a lot of things that could cause this. You would need to do some extensive debugging to find the source of this.
>
> 2) I've noticed that for external access (e.g.: google), all the packets seem to be routed through the nova-network on the controller node. If i setup a multi-host setup (install nova-network and nova-api-metadata on each compute node), the external packets no lounger need to be routed through the controller node right?
Correct. You need to set multi_host = true on the networks when you create them as well (or update the flag directly in the database)
>
> 3) The setup has been running for about 1 month and a half. During that time, VMs on VLAN 109 could never reach the internet. However, VLAN 110 worked just fine. Today, out of nowhere, VMs on VLAN 109 can suddenly reach the internet. I didn't touch or change anything since the initial setup, it simply happend. Before this bizarre occurrence i've sat down with our network specialist and told me that, based on the routing rule in iptables, this problem (VMs on VLAN 109 not being able to connect to the internet) should not be happening. Has this ever occurred to any of you?
This sounds very strange. When I have had issues with certain vlans it has always been forgetting to trunk the vlan on the switch, although vm -> vm communication from one host to another should fail in this case as well.
Follow ups
References