← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #48094

[Bug 1557591] [NEW] Connection issues between fixed private IP and floating ip

  Thread PreviousDate PreviousThread Next 
Public bug reported:

I have a single node deployment of Openstack Liberty.
The L3 Agent is on dvr_snat mode.
I have a global Flat network which is external and is used for floating ips, and for tenant networks I use VXLAN.
I have 2 VMs (VM1, VM2) connected in a VXLAN.

Case: VM1 has a floating IP assigned. VM2 has no Floating ip assigned.
- Ping VM2 -> VM1-Floating-Ip works, and says that response is coming from VM1-Private-Ip (expecting response from VM1-Floating-Ip)
- Ping VM2 -> VM1-Private-Ip works as expected
- [*] Curl VM2 -> VM1-Floating-Ip does not work. It freezes on a "connecting" state.
- Curl VM2 -> VM1-Private-Ip works as expected.

Case: VM1 has a floating IP as well as VM2 has a floating IP.
- All the scenarios from the previous case works as expected.

The problem is when VM2 has no floating IP and try to connect to VM1
-Floating-Ip. Here the ICMP requests works, getting response from VM2
-Private-Ip, but the TCP communication does not work. I can understand
that the router doesn't allow the Packet to reach the outside world
through the SNAT because the destination is on the same private network,
but I cannot understand why the TCP communication is not working between
VM2-Private-Ip and VM1-Floating-Ip.

** Affects: neutron
     Importance: Undecided
         Status: New

** Description changed:

  I have a single node deployment of Openstack Liberty.
  The L3 Agent is on dvr_snat mode.
  I have a global Flat network which is external and is used for floating ips, and for tenant networks I use VXLAN.
  I have 2 VMs (VM1, VM2) connected in a VXLAN.
- 
  
  Case: VM1 has a floating IP assigned. VM2 has no Floating ip assigned.
  - Ping VM2 -> VM1-Floating-Ip works, and says that response is coming from VM1-Private-Ip (expecting response from VM1-Floating-Ip)
  - Ping VM2 -> VM1-Private-Ip works as expected
  - [*] Curl VM2 -> VM1-Floating-Ip does not work. It freezes on a "connecting state".
  - Curl VM2 -> VM1-Private-Ip works as expected.
  
  Case: VM1 has a floating IP as wel as VM2 has a floating IP.
  - All the scenarios from the previous case works as expected.
  
- The problem is when VM1 has no floating IP and try to connect to VM2
+ The problem is when VM2 has no floating IP and try to connect to VM1
  -Floating-Ip. Here the ICMP requests works, getting response from VM2
  -Private-Ip, but the TCP communication does not work. I can understand
  that the router doesn't allow the Packet to reach the outside world
  through the SNAT because the destination is on the same private network,
  but I cannot understand why the TCP communication is not working between
- VM1-Private-Ip and VM2-Floating-Ip.
+ VM2-Private-Ip and VM1-Floating-Ip.

** Description changed:

  I have a single node deployment of Openstack Liberty.
  The L3 Agent is on dvr_snat mode.
  I have a global Flat network which is external and is used for floating ips, and for tenant networks I use VXLAN.
  I have 2 VMs (VM1, VM2) connected in a VXLAN.
  
  Case: VM1 has a floating IP assigned. VM2 has no Floating ip assigned.
  - Ping VM2 -> VM1-Floating-Ip works, and says that response is coming from VM1-Private-Ip (expecting response from VM1-Floating-Ip)
  - Ping VM2 -> VM1-Private-Ip works as expected
- - [*] Curl VM2 -> VM1-Floating-Ip does not work. It freezes on a "connecting state".
+ - [*] Curl VM2 -> VM1-Floating-Ip does not work. It freezes on a "connecting" state.
  - Curl VM2 -> VM1-Private-Ip works as expected.
  
  Case: VM1 has a floating IP as wel as VM2 has a floating IP.
  - All the scenarios from the previous case works as expected.
  
  The problem is when VM2 has no floating IP and try to connect to VM1
  -Floating-Ip. Here the ICMP requests works, getting response from VM2
  -Private-Ip, but the TCP communication does not work. I can understand
  that the router doesn't allow the Packet to reach the outside world
  through the SNAT because the destination is on the same private network,
  but I cannot understand why the TCP communication is not working between
  VM2-Private-Ip and VM1-Floating-Ip.

** Description changed:

  I have a single node deployment of Openstack Liberty.
  The L3 Agent is on dvr_snat mode.
  I have a global Flat network which is external and is used for floating ips, and for tenant networks I use VXLAN.
  I have 2 VMs (VM1, VM2) connected in a VXLAN.
  
  Case: VM1 has a floating IP assigned. VM2 has no Floating ip assigned.
  - Ping VM2 -> VM1-Floating-Ip works, and says that response is coming from VM1-Private-Ip (expecting response from VM1-Floating-Ip)
  - Ping VM2 -> VM1-Private-Ip works as expected
  - [*] Curl VM2 -> VM1-Floating-Ip does not work. It freezes on a "connecting" state.
  - Curl VM2 -> VM1-Private-Ip works as expected.
  
- Case: VM1 has a floating IP as wel as VM2 has a floating IP.
+ Case: VM1 has a floating IP as well as VM2 has a floating IP.
  - All the scenarios from the previous case works as expected.
  
  The problem is when VM2 has no floating IP and try to connect to VM1
  -Floating-Ip. Here the ICMP requests works, getting response from VM2
  -Private-Ip, but the TCP communication does not work. I can understand
  that the router doesn't allow the Packet to reach the outside world
  through the SNAT because the destination is on the same private network,
  but I cannot understand why the TCP communication is not working between
  VM2-Private-Ip and VM1-Floating-Ip.

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1557591

Title:
  Connection issues between fixed private IP and floating ip

Status in neutron:
  New

Bug description:
  I have a single node deployment of Openstack Liberty.
  The L3 Agent is on dvr_snat mode.
  I have a global Flat network which is external and is used for floating ips, and for tenant networks I use VXLAN.
  I have 2 VMs (VM1, VM2) connected in a VXLAN.

  Case: VM1 has a floating IP assigned. VM2 has no Floating ip assigned.
  - Ping VM2 -> VM1-Floating-Ip works, and says that response is coming from VM1-Private-Ip (expecting response from VM1-Floating-Ip)
  - Ping VM2 -> VM1-Private-Ip works as expected
  - [*] Curl VM2 -> VM1-Floating-Ip does not work. It freezes on a "connecting" state.
  - Curl VM2 -> VM1-Private-Ip works as expected.

  Case: VM1 has a floating IP as well as VM2 has a floating IP.
  - All the scenarios from the previous case works as expected.

  The problem is when VM2 has no floating IP and try to connect to VM1
  -Floating-Ip. Here the ICMP requests works, getting response from VM2
  -Private-Ip, but the TCP communication does not work. I can understand
  that the router doesn't allow the Packet to reach the outside world
  through the SNAT because the destination is on the same private
  network, but I cannot understand why the TCP communication is not
  working between VM2-Private-Ip and VM1-Floating-Ip.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1557591/+subscriptions
  Thread PreviousDate PreviousThread Next