[one-users] virtual network cannot get out
Neil Schneider
neil at ifxonline.com
Mon May 12 11:42:17 PDT 2014
More data points.
I ran tcpdump on the host through the entire instantiation of a host and
boot up. Although somehow it appeared to get an address from the DHCP
server in the network, I saw no dhcp data. I could see arp conversations
for other hosts on the network, so I would expect it to see everything, if
it passed out of the host interface. The only outside connection through
the bridge should be through em1 on the host.
tcpdump -nnvvXXSs 1514 -w cloud1.pcap
I used wireshark to look through the file, but did not see any DHCP
conversation, in fact I saw no network traffic whatsoever from the virtual
host. I'm beginning to think either I have the virtual network
misconfigured or opennebula is doing something different than I expect.
onevnet list
ID USER GROUP NAME CLUSTER TYPE BRIDGE
LEASES
0 oneadmin oneadmin management ifx-produc R manageme
0
1 oneadmin oneadmin storage ifx-produc R storage
0
6 oneadmin oneadmin public ifx-produc R public
0
onevnet show 0
VIRTUAL NETWORK 0 INFORMATION
ID : 0
NAME : management
USER : oneadmin
GROUP : oneadmin
CLUSTER : ifx-production
TYPE : RANGED
BRIDGE : management
VLAN : Yes
VLAN ID : 10
USED LEASES : 0
PERMISSIONS
OWNER : uma
GROUP : uma
OTHER : u--
VIRTUAL NETWORK TEMPLATE
NETWORK_ADDRESS="10.1.4.0"
NETWORK_MASK="255.255.255.0"
RANGE
IP_START : 10.1.4.30
IP_END : 10.1.4.40
VIRTUAL MACHINES
onevnet show 1
VIRTUAL NETWORK 1 INFORMATION
ID : 1
NAME : storage
USER : oneadmin
GROUP : oneadmin
CLUSTER : ifx-production
TYPE : RANGED
BRIDGE : storage
VLAN : Yes
VLAN ID : 20
USED LEASES : 0
PERMISSIONS
OWNER : uma
GROUP : uma
OTHER : u--
VIRTUAL NETWORK TEMPLATE
NETWORK_ADDRESS="10.1.2.0"
NETWORK_MASK="255.255.255.0"
RANGE
IP_START : 10.1.2.30
IP_END : 10.1.2.40
VIRTUAL MACHINES
onevnet show 6
VIRTUAL NETWORK 6 INFORMATION
ID : 6
NAME : public
USER : oneadmin
GROUP : oneadmin
CLUSTER : ifx-production
TYPE : RANGED
BRIDGE : public
VLAN : No
USED LEASES : 0
PERMISSIONS
OWNER : uma
GROUP : um-
OTHER : u--
VIRTUAL NETWORK TEMPLATE
DNS="172.16.168.1"
GATEWAY="172.16.168.1"
NETWORK_ADDRESS="172.16.168.0"
NETWORK_MASK="255.255.255.0"
RANGE
IP_START : 172.16.168.30
IP_END : 172.16.168.49
VIRTUAL MACHINES
On Wed, May 7, 2014 2:26 am, Leszek Master wrote:
> Do you see any traffic from VM using tcpdump on em1?
>
>
> 2014-05-07 1:21 GMT+02:00 Neil Schneider <neil at ifxonline.com>:
>
>> I've been trying to work through this problem for two days and haven't
>> found the solution. I'm using opennebula to create virtual networks
>> using
>> openvswitch.
>>
>> [root at cloud1 ~]# ovs-vsctl show
>> c6def17d-2cc6-499e-a461-af4fe9aab78a
>> Bridge management
>> Port management
>> Interface management
>> type: internal
>> Port "vlan10"
>> tag: 10
>> Interface "vlan10"
>> type: internal
>> Bridge public
>> Port "em1"
>> Interface "em1"
>> Port "vnet0"
>> Interface "vnet0"
>> Port public
>> Interface public
>> type: internal
>> Bridge storage
>> Port storage
>> Interface storage
>> type: internal
>> Port "vlan20"
>> tag: 20
>> Interface "vlan20"
>> type: internal
>> ovs_version: "2.1.0"
>>
>> From the opennebula server I can see this.
>>
>> onevnet list
>> ID USER GROUP NAME CLUSTER TYPE BRIDGE
>> LEASES
>> 0 oneadmin oneadmin management ifx-produc R
>> manageme
>> 0
>> 1 oneadmin oneadmin storage ifx-produc R storage
>> 0
>> 6 oneadmin oneadmin public ifx-produc R public
>> 1
>>
>> I've followed the instruction for configuring the hosting server so that
>> oneadmin has rights to access /var/lib/one on the hosting server as well
>> as sudo access to the scripts needed to create networks.
>>
>>
>> I have all the changes recommended to allow oneadmin to execute commands
>> through ssh to cloud1 the hosting server.
>>
>> oneadmin ALL=(ALL) NOPASSWD: /usr/sbin/tgtadm, /sbin/lvcreate,
>> /sbin/lvremove, /bin/dd, /usr/bin/ovs-vsctl, /usr/bin/ovs-ofctl,
>> /usr/bin/ovs-dpctl, /sbin/iptables, /sbin/ebtables
>>
>> I can instantiate hosts from templates and everything works as expected.
>> When I bring up a virtual host, it gets an IP from the dhcp server
>> running
>> in the network. Not from the virtual network. Sorry, I can't cut and
>> paste
>> that part, since the only way I can access the virtual machine is
>> through
>> either VNC in sunstone or with virt-manager.
>>
>> I have another server running ovswitch that works fine. The main
>> difference is that I used virt-manager to create the hosts, instead of
>> opennebula. Those five virtual servers connect fine.
>>
>> [root at cloud2 ~]# ovs-vsctl show
>> aa56747f-d5a2-41b0-a998-48add3c62562
>> Bridge public
>> Port "vnet4"
>> Interface "vnet4"
>> Port "vnet0"
>> Interface "vnet0"
>> Port "vnet3"
>> Interface "vnet3"
>> Port public
>> Interface public
>> type: internal
>> Port "em1"
>> Interface "em1"
>> Port "vnet1"
>> Interface "vnet1"
>> Port "vnet2"
>> Interface "vnet2"
>> ovs_version: "2.1.0"
>>
>>
>> On cloud1 after the host gets it's IP address from the dhcp server
>> running
>> in our network, it can no longer connect to anything. I've checked
>> iptables rules, flushed them for testing, just to make sure. Everything
>> seems right, but the network isn't working.
>>
>> Sure would like to buy a clue. I've been searching the web for an answer
>> or an idea what to do to diagnose it. I suspect what's happening is that
>> opennebula/sunstone is not creating the interface properly. As I
>> understand the ip should be assigned to the bridge, not the virtual
>> interface.
>>
>> Sure could use some help. Even a pointer to a web site with the right
>> answer would be appreciated. I haven't been able to find it myself.
>>
>> Sorry for cross posting, but I couldn't decide which list to post to, so
>> I
>> did both.
>>
>> --
>> Neil Schneider pacneil_at_linuxgeek_dot_net
>>
>> This is your life. Do what you love, and do it often. If you don’t
>> like
>> something, change it. If you don’t like your job, quit. If you don’t
>> have
>> enough time, stop watching TV. If you are looking for the love of your
>> life, stop; they will be waiting for you when you start doing things you
>> love.â€
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opennebula.org
>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>
>
More information about the Users
mailing list