Monday, 26 August 2013

Libvirt bridging seems broken, but how to debug it and fix it?

Libvirt bridging seems broken, but how to debug it and fix it?

I used theses scripts (OpenStackGeek) to install a Single-node OpenStack
Grizzly on an Ubuntu 13.04.
Everything seemed to work quite fine until I tried to reach one VM.
Unfortunately, no VM was reachable from the host.
I suspect the libvirt setting to be wrong but I am a total beginner in it,
so I need some help (I have been running out of ideas after three days).
Here is my /etc/network/interfaces file:
# The loopback network interface
auto lo
iface lo inet loopback
# Managment NIC
auto eth0
iface eth0 inet static
address 10.0.231.3
network 10.0.231.0
netmask 255.255.255.0
broadcast 10.0.231.255
# Internet NIC
auto eth1
iface eth1 inet static
address 10.0.232.3
network 10.0.232.0
netmask 255.255.255.0
broadcast 10.0.232.255
# The primary network interface
auto eth2
iface eth2 inet dhcp
ifconfig give the following output:
brq4875ccda-da Link encap:Ethernet HWaddr 4a:cc:d9:45:88:48
inet6 addr: fe80::4400:d0ff:fed9:ed21/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:112 (112.0 B) TX bytes:468 (468.0 B)
eth0 Link encap:Ethernet HWaddr 08:00:27:58:a6:bc
inet addr:10.0.231.3 Bcast:10.0.231.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe58:a6bc/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:156 errors:0 dropped:0 overruns:0 frame:0
TX packets:116 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:16108 (16.1 KB) TX bytes:14292 (14.2 KB)
eth1 Link encap:Ethernet HWaddr 08:00:27:20:0e:c3
inet addr:10.0.232.3 Bcast:10.0.232.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe20:ec3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:468 (468.0 B)
eth2 Link encap:Ethernet HWaddr 08:00:27:ca:33:01
inet addr:10.0.4.15 Bcast:10.0.4.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:feca:3301/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:250 errors:0 dropped:0 overruns:0 frame:0
TX packets:275 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:31969 (31.9 KB) TX bytes:25058 (25.0 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:7511 errors:0 dropped:0 overruns:0 frame:0
TX packets:7511 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1170175 (1.1 MB) TX bytes:1170175 (1.1 MB)
virbr0 Link encap:Ethernet HWaddr be:ca:df:06:3e:29
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
The route command output:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 10.0.4.2 0.0.0.0 UG 0 0 0 eth2
10.0.4.0 * 255.255.255.0 U 0 0 0 eth2
10.0.231.0 * 255.255.255.0 U 0 0 0 eth0
10.0.232.0 * 255.255.255.0 U 0 0 0 eth1
192.168.122.0 * 255.255.255.0 U 0 0 0
virbr0
And, finally, iptables -L:
Chain INPUT (policy ACCEPT)
target prot opt source destination
quantum-linuxbri-INPUT all -- anywhere anywhere
nova-api-INPUT all -- anywhere anywhere
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:bootps
Chain FORWARD (policy ACCEPT)
target prot opt source destination
quantum-filter-top all -- anywhere anywhere
quantum-linuxbri-FORWARD all -- anywhere anywhere
nova-filter-top all -- anywhere anywhere
nova-api-FORWARD all -- anywhere anywhere
ACCEPT all -- anywhere 192.168.122.0/24 state
RELATED,ESTABLISHED
ACCEPT all -- 192.168.122.0/24 anywhere
ACCEPT all -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with
icmp-port-unreachable
REJECT all -- anywhere anywhere reject-with
icmp-port-unreachable
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
quantum-filter-top all -- anywhere anywhere
quantum-linuxbri-OUTPUT all -- anywhere anywhere
nova-filter-top all -- anywhere anywhere
nova-api-OUTPUT all -- anywhere anywhere
Chain nova-api-FORWARD (1 references)
target prot opt source destination
Chain nova-api-INPUT (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere 10.0.4.15 tcp dpt:8775
Chain nova-api-OUTPUT (1 references)
target prot opt source destination
Chain nova-api-local (1 references)
target prot opt source destination
Chain nova-filter-top (2 references)
target prot opt source destination
nova-api-local all -- anywhere anywhere
Chain quantum-filter-top (2 references)
target prot opt source destination
quantum-linuxbri-local all -- anywhere anywhere
Chain quantum-linuxbri-FORWARD (1 references)
target prot opt source destination
Chain quantum-linuxbri-INPUT (1 references)
target prot opt source destination
Chain quantum-linuxbri-OUTPUT (1 references)
target prot opt source destination
Chain quantum-linuxbri-local (1 references)
target prot opt source destination
Chain quantum-linuxbri-sg-fallback (0 references)
target prot opt source destination
DROP all -- anywhere anywhere
If anybody can see something wrong in this setting, I would be really
pleased to know what (and how to fix it!).
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)