yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #38791
[Bug 1498534] [NEW] The vms cant ping each other in different tenants but the same openstack environment
Public bug reported:
setup:
OS: ubuntu 14.04 based Juno
1 controller + 1 network node + 2 nova computer node + 1 docker node
vm 1---------Router1(tenant1) -----------router2(tenant2)----|-vm2
10.4/24 10.1/24 42.4/26 42.5/26 20.1/24| 20.4/24
|___vm3
20.5/24
Bring up one tunnel between two tenants in the same openstack enviroment based Juno.
The vm1(10.1/24)could ping the router2 private network gw(20.1/24), but cant ping the vm2(20.4/24)
This two vms located in differen computer node.
I try to capture the packets and found the the icmp request can go to
the 20.1/24, but when I catpure the packets in vm2, it get nothing. No
packets coming into vm2.
And also I create another instance vm3 in tenant2 with the same subnets
with vm2. And the vm2 could ping the vm3.
So the issue is the vm2 could receive the packets coming from the vm3
but cant receive the packets from vm1 after the vpn tunnel bring up.
At last I try to bring up a small os cirros, but the result is the same.
debug:
root@network2:/var/log/neutron# ip netns
qdhcp-30c3e9f5-afde-4723-b396-7aa6f754be52
qdhcp-afcf5acb-2e26-4353-9cbe-0ab81a2354be
qrouter-7ec6eb64-3ff8-4242-a2dd-a2076a1cdcf9
qrouter-0f9e22b4-30f4-4f7d-8cd1-595f116a0e2e
root@network2:/var/log/neutron# ip netns exec qrouter-7ec6eb64-3ff8-4242-a2dd-a2076a1cdcf9 ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
qg-b33c0f49-01 Link encap:Ethernet HWaddr fa:16:3e:0a:c1:4d
inet addr:10.130.42.5 Bcast:10.130.42.63 Mask:255.255.255.192
inet6 addr: fe80::f816:3eff:fe0a:c14d/64 Scope:Link
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:1798 errors:0 dropped:0 overruns:0 frame:0
TX packets:487 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:155100 (155.1 KB) TX bytes:53918 (53.9 KB)
qr-01274858-78 Link encap:Ethernet HWaddr fa:16:3e:72:7b:38
inet addr:20.20.1.1 Bcast:20.20.1.255 Mask:255.255.255.0
inet6 addr: fe80::f816:3eff:fe72:7b38/64 Scope:Link
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:120 errors:0 dropped:0 overruns:0 frame:0
TX packets:218 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:11004 (11.0 KB) TX bytes:20152 (20.1 KB)
root@network2:/var/log/neutron#
root@network2:/var/log/neutron# ip netns exec qrouter-7ec6eb64-3ff8-4242-a2dd-a2076a1cdcf9 tcpdump -i qr-01274858-78
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on qr-01274858-78, link-type EN10MB (Ethernet), capture size 65535 bytes
^C09:13:34.748825 IP 10.10.1.4 > 20.20.1.4: ICMP echo request, id 19723, seq 1665, length 64
09:13:35.748875 IP 10.10.1.4 > 20.20.1.4: ICMP echo request, id 19723, seq 1666, length 64
09:13:36.748796 IP 10.10.1.4 > 20.20.1.4: ICMP echo request, id 19723, seq 1667, length 64
09:13:37.748839 IP 10.10.1.4 > 20.20.1.4: ICMP echo request, id 19723, seq 1668, length 64
09:13:38.748762 IP 10.10.1.4 > 20.20.1.4: ICMP echo request, id 19723, seq 1669, length 64
09:13:39.748789 IP 10.10.1.4 > 20.20.1.4: ICMP echo request, id 19723, seq 1670, length 64 >>>>>> the traffic could go to the private network gw in router.
root@network2:/var/log/neutron# ip netns exec qdhcp-afcf5acb-2e26-4353-9cbe-0ab81a2354be ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
tap8000ed30-27 Link encap:Ethernet HWaddr fa:16:3e:6b:1d:36
inet addr:10.10.1.3 Bcast:10.10.1.255 Mask:255.255.255.0
inet6 addr: fe80::f816:3eff:fe6b:1d36/64 Scope:Link
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:192 errors:0 dropped:0 overruns:0 frame:0
TX packets:179 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:16132 (16.1 KB) TX bytes:15807 (15.8 KB)
6 packets captured
9 packets received by filter
0 packets dropped by kernel
root@network2:/var/log/neutron#
root@network2:/var/log/neutron# ip netns exec qdhcp-afcf5acb-2e26-4353-9cbe-0ab81a2354be tcpdump -i tap8000ed30-27
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tap8000ed30-27, link-type EN10MB (Ethernet), capture size 65535 bytes
^C
0 packets captured >>>>>>>>>>>>>> there is no traffic go the private network, so the traffice is drop by the interface(tap8000ed30-27)
0 packets received by filter
0 packets dropped by kernel
** Affects: neutron
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1498534
Title:
The vms cant ping each other in different tenants but the same
openstack environment
Status in neutron:
New
Bug description:
setup:
OS: ubuntu 14.04 based Juno
1 controller + 1 network node + 2 nova computer node + 1 docker node
vm 1---------Router1(tenant1) -----------router2(tenant2)----|-vm2
10.4/24 10.1/24 42.4/26 42.5/26 20.1/24| 20.4/24
|___vm3
20.5/24
Bring up one tunnel between two tenants in the same openstack enviroment based Juno.
The vm1(10.1/24)could ping the router2 private network gw(20.1/24), but cant ping the vm2(20.4/24)
This two vms located in differen computer node.
I try to capture the packets and found the the icmp request can go to
the 20.1/24, but when I catpure the packets in vm2, it get nothing. No
packets coming into vm2.
And also I create another instance vm3 in tenant2 with the same
subnets with vm2. And the vm2 could ping the vm3.
So the issue is the vm2 could receive the packets coming from the vm3
but cant receive the packets from vm1 after the vpn tunnel bring up.
At last I try to bring up a small os cirros, but the result is the
same.
debug:
root@network2:/var/log/neutron# ip netns
qdhcp-30c3e9f5-afde-4723-b396-7aa6f754be52
qdhcp-afcf5acb-2e26-4353-9cbe-0ab81a2354be
qrouter-7ec6eb64-3ff8-4242-a2dd-a2076a1cdcf9
qrouter-0f9e22b4-30f4-4f7d-8cd1-595f116a0e2e
root@network2:/var/log/neutron# ip netns exec qrouter-7ec6eb64-3ff8-4242-a2dd-a2076a1cdcf9 ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
qg-b33c0f49-01 Link encap:Ethernet HWaddr fa:16:3e:0a:c1:4d
inet addr:10.130.42.5 Bcast:10.130.42.63 Mask:255.255.255.192
inet6 addr: fe80::f816:3eff:fe0a:c14d/64 Scope:Link
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:1798 errors:0 dropped:0 overruns:0 frame:0
TX packets:487 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:155100 (155.1 KB) TX bytes:53918 (53.9 KB)
qr-01274858-78 Link encap:Ethernet HWaddr fa:16:3e:72:7b:38
inet addr:20.20.1.1 Bcast:20.20.1.255 Mask:255.255.255.0
inet6 addr: fe80::f816:3eff:fe72:7b38/64 Scope:Link
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:120 errors:0 dropped:0 overruns:0 frame:0
TX packets:218 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:11004 (11.0 KB) TX bytes:20152 (20.1 KB)
root@network2:/var/log/neutron#
root@network2:/var/log/neutron# ip netns exec qrouter-7ec6eb64-3ff8-4242-a2dd-a2076a1cdcf9 tcpdump -i qr-01274858-78
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on qr-01274858-78, link-type EN10MB (Ethernet), capture size 65535 bytes
^C09:13:34.748825 IP 10.10.1.4 > 20.20.1.4: ICMP echo request, id 19723, seq 1665, length 64
09:13:35.748875 IP 10.10.1.4 > 20.20.1.4: ICMP echo request, id 19723, seq 1666, length 64
09:13:36.748796 IP 10.10.1.4 > 20.20.1.4: ICMP echo request, id 19723, seq 1667, length 64
09:13:37.748839 IP 10.10.1.4 > 20.20.1.4: ICMP echo request, id 19723, seq 1668, length 64
09:13:38.748762 IP 10.10.1.4 > 20.20.1.4: ICMP echo request, id 19723, seq 1669, length 64
09:13:39.748789 IP 10.10.1.4 > 20.20.1.4: ICMP echo request, id 19723, seq 1670, length 64 >>>>>> the traffic could go to the private network gw in router.
root@network2:/var/log/neutron# ip netns exec qdhcp-afcf5acb-2e26-4353-9cbe-0ab81a2354be ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
tap8000ed30-27 Link encap:Ethernet HWaddr fa:16:3e:6b:1d:36
inet addr:10.10.1.3 Bcast:10.10.1.255 Mask:255.255.255.0
inet6 addr: fe80::f816:3eff:fe6b:1d36/64 Scope:Link
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:192 errors:0 dropped:0 overruns:0 frame:0
TX packets:179 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:16132 (16.1 KB) TX bytes:15807 (15.8 KB)
6 packets captured
9 packets received by filter
0 packets dropped by kernel
root@network2:/var/log/neutron#
root@network2:/var/log/neutron# ip netns exec qdhcp-afcf5acb-2e26-4353-9cbe-0ab81a2354be tcpdump -i tap8000ed30-27
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tap8000ed30-27, link-type EN10MB (Ethernet), capture size 65535 bytes
^C
0 packets captured >>>>>>>>>>>>>> there is no traffic go the private network, so the traffice is drop by the interface(tap8000ed30-27)
0 packets received by filter
0 packets dropped by kernel
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1498534/+subscriptions
Follow ups
