You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cloudstack.apache.org by papu bhattcharaya <pa...@ptrsoft.com> on 2014/12/02 17:50:41 UTC
Re: Can't ping/ssh any guest from a laptop attached in same vlan -
guests can talk wth each other though
Hi, ( sending same mail with attachments image- seems early mail image was not attached),
I am using cloudstack(4.4.1) with KVM host. I have a L3 switch - partitioned to 4 vlans
public(CIDR:-192.168.1.0/24)
guest vlan (CIDR:-10.0.0.0/24)
management vlan (CIDR:-10.0.1.0/24)
storage vlan (CIDR:-10.0.2.0/24)
I have a kvm host with four physical NICS that a connected in switch and each NIC is connected in each different vlan.
I have created bridge over each physical nics:-
Cloudrbr0:-ip address:-10.0.0.24 connected on the port of the switch belongs to guest vlan)
Cloudbr1:-ip address:-10.0.1.24 (connected on the port of the switch belongs to management vlan)
Cloudbr2:-ip address:-10.0.2.24 (connected on the port of the switch belongs to storage vlan)
Cloudbr3:-ip address:-192.168.1.24 (connected on the port of the switch belongs to public vlan)
I have a physical machine with four NICS and CloudStack management is installed on it and four NICS are connected in four vlans with ip.
=>I have created a zone with advanced networking and everything been success so far.
when I created two instances(guests) on kvm host, I can ping this instances with each other.( guest1/ guest2)
i.e
Instance1:-ip address:-10.0.0.90
Instance2:-ip address:-10.0.0.91
Virtual router:-ip address:-10.0.0.4
Now when I tried to ping /ssh the guest from a laptop attached in same vlan (guest vlan) , I can’t ping guests.
>From the laptop , I can ping 10.0.0.24 ( my cloudbr0 ip – in KVM host machine) , but cant ping/ssh any guest.
There is no firewall issues - i checked.
I have attached a network diagram also for better understanding of issues.
Could you please help me so that I can ping /ssh to any guest from any machine in guest vlan.
Thanks in advance
Best Regards
Papu Bhattacharya
CEO- PTR Technologies
http://www.ptrsoft.com
91-9963111687
----- Original Message -----
From: "papu bhattcharaya" <pa...@ptrsoft.com>
To: papubhat@gmail.com
Sent: Tuesday, December 2, 2014 10:15:30 PM
Subject: Fwd: Can't ping/ssh any guest from a laptop attached in same vlan - guests can talk wth each other though
Best Regards
Papu Bhattacharya
CEO- PTR Technologies
http://www.ptrsoft.com
91-9963111687
----- Forwarded Message -----
From: "papu bhattcharaya" <pa...@ptrsoft.com>
To: dev@cloudstack.apache.org
Sent: Tuesday, December 2, 2014 10:05:11 PM
Subject: Can't ping/ssh any guest from a laptop attached in same vlan - guests can talk wth each other though
Hi ,
I am using cloudstack(4.4.1) with KVM host. I have a L3 switch - partitioned to 4 vlans
public(CIDR:-192.168.1.0/24)
guest vlan (CIDR:-10.0.0.0/24)
management vlan (CIDR:-10.0.1.0/24)
storage vlan (CIDR:-10.0.2.0/24)
I have a kvm host with four physical NICS that a connected in switch and each NIC is connected in each different vlan.
I have created bridge over each physical nics:-
Cloudrbr0:-ip address:-10.0.0.24 connected on the port of the switch belongs to guest vlan)
Cloudbr1:-ip address:-10.0.1.24 (connected on the port of the switch belongs to management vlan)
Cloudbr2:-ip address:-10.0.2.24 (connected on the port of the switch belongs to storage vlan)
Cloudbr3:-ip address:-192.168.1.24 (connected on the port of the switch belongs to public vlan)
I have a physical machine with four NICS and CloudStack management is installed on it and four NICS are connected in four vlans with ip.
=>I have created a zone with advanced networking and everything been success so far.
when I created two instances(guests) on kvm host, I can ping this instances with each other.( guest1/ guest2)
i.e
Instance1:-ip address:-10.0.0.90
Instance2:-ip address:-10.0.0.91
Virtual router:-ip address:-10.0.0.4
Now when I tried to ping /ssh the guest from a laptop attached in same vlan (guest vlan) , I can’t ping guests.
>From the laptop , I can ping 10.0.0.24 ( my cloudbr0 ip – in KVM host machine) , but cant ping/ssh any guest.
There is no firewall issues - i checked.
I have attached a network diagram also for better understanding of issues.
Could you please help me so that I can ping /ssh to any guest from any machine in guest vlan.
Thanks in advance
Best Regards
Papu Bhattacharya
CEO- PTR Technologies
http://www.ptrsoft.com
91-9963111687
Re: Can't ping/ssh any guest from a laptop attached in same vlan -
guests can talk wth each other though
Posted by papu bhattcharaya <pa...@ptrsoft.com>.
Hi ,
Thanks for your kind response. Please pardon my ignorance -- but i still struggle with very basic use case -- any machine(may be laptop) in guest vlan ( i mean l3 switch vlan), how to talk or connect with guests.
Laptop <--------L3 Gusest VLAN ---------> Host - guest
ALso another use case --
L3 Gusest VLAN ---------> Host1 - guest11 /guest12 / guest13
L3 Gusest VLAN ---------> Host2 - guest21
How guest11 & guest21 talks together.
I see so far -- guest11/ guest12 /guest13 talks ..
I am sure that i am missing some basic design issue.
I use advanced zone -- with default options - network service in virtual router only.
For guests machine to talk between hosts , do i need to have OVS?
Best Regards
Papu Bhattacharya
CEO- PTR Technologies
http://www.ptrsoft.com
91-9963111687
----- Original Message -----
From: "Andrija Panic" <an...@gmail.com>
To: users@cloudstack.apache.org
Sent: Wednesday, December 3, 2014 9:43:43 PM
Subject: Re: Can't ping/ssh any guest from a laptop attached in same vlan - guests can talk wth each other though
Papu, that is default VLAN isolation method behaviour.
ACS takes cloudbr0 - checks what physical NIC is connected to it (i.e.
eth0) and then it creates new bridges i.e. breth0-35 - with eth0.35 vlan
interface joined to bridge
so traffic from VM to internal network goes like this: vnetXXX -->
breth0-35-->eth0.35 --(vlan tagging)-->eth0--> physical network.
There is no way to directly attach vnet to your bridge as far as I know -
at least when using VLANs.
On 3 December 2014 at 16:52, papu bhattcharaya <pa...@ptrsoft.com> wrote:
> Hi Tilak,
> Thanks for your kind response. I am using shared networking, not isolated
> and i see no option of defining egress rule there.
> Also every time i create a guest , it appears the cloud stack is not
> creating vnet interface on cloubr0 bridge - rather its creating another
> bridge interface on eth0 and
> then creating vnet. May be because of vlan defined. But i wonder how to
> get network interface on cloudbr0.
> Thanks Again.
> Best Regards
> Papu Bhattacharya
> CEO- PTR Technologies
> http://www.ptrsoft.com
> 91-9963111687
>
> ----- Original Message -----
> From: "Tilak Raj Singh" <ti...@gmail.com>
> To: users@cloudstack.apache.org
> Sent: Wednesday, December 3, 2014 6:05:06 AM
> Subject: Re: Can't ping/ssh any guest from a laptop attached in same vlan
> - guests can talk wth each other though
>
> try adding ingress rules in your security group from cloudstack
> UI...incoming traffic is disabled by default on virtual machines...
> rules to be added..
> TCP start port 0 end port 65535 cidr 0.0.0.0/0
> UDP start port 0 end port 65535 cidr 0.0.0.0/0
> for ping allow ICMP too
> ICMP icmp type -1 icmp code -1 cidr 0.0.0.0/0
>
> Regards
>
>
> On Tue, Dec 2, 2014 at 10:20 PM, papu bhattcharaya <pa...@ptrsoft.com>
> wrote:
>
> > Hi, ( sending same mail with attachments image- seems early mail image
> was
> > not attached),
> > I am using cloudstack(4.4.1) with KVM host. I have a L3 switch -
> > partitioned to 4 vlans
> > public(CIDR:-192.168.1.0/24)
> > guest vlan (CIDR:-10.0.0.0/24)
> > management vlan (CIDR:-10.0.1.0/24)
> > storage vlan (CIDR:-10.0.2.0/24)
> >
> > I have a kvm host with four physical NICS that a connected in switch and
> > each NIC is connected in each different vlan.
> > I have created bridge over each physical nics:-
> > Cloudrbr0:-ip address:-10.0.0.24 connected on the port of the switch
> > belongs to guest vlan)
> > Cloudbr1:-ip address:-10.0.1.24 (connected on the port of the switch
> > belongs to management vlan)
> > Cloudbr2:-ip address:-10.0.2.24 (connected on the port of the switch
> > belongs to storage vlan)
> > Cloudbr3:-ip address:-192.168.1.24 (connected on the port of the switch
> > belongs to public vlan)
> >
> > I have a physical machine with four NICS and CloudStack management is
> > installed on it and four NICS are connected in four vlans with ip.
> > =>I have created a zone with advanced networking and everything been
> > success so far.
> >
> > when I created two instances(guests) on kvm host, I can ping this
> > instances with each other.( guest1/ guest2)
> > i.e
> > Instance1:-ip address:-10.0.0.90
> > Instance2:-ip address:-10.0.0.91
> > Virtual router:-ip address:-10.0.0.4
> > Now when I tried to ping /ssh the guest from a laptop attached in same
> > vlan (guest vlan) , I can’t ping guests.
> > From the laptop , I can ping 10.0.0.24 ( my cloudbr0 ip – in KVM host
> > machine) , but cant ping/ssh any guest.
> > There is no firewall issues - i checked.
> >
> > I have attached a network diagram also for better understanding of
> issues.
> >
> > Could you please help me so that I can ping /ssh to any guest from any
> > machine in guest vlan.
> > Thanks in advance
> >
> >
> > Best Regards
> > Papu Bhattacharya
> > CEO- PTR Technologies
> > http://www.ptrsoft.com
> > 91-9963111687
> >
> > ----- Original Message -----
> > From: "papu bhattcharaya" <pa...@ptrsoft.com>
> > To: papubhat@gmail.com
> > Sent: Tuesday, December 2, 2014 10:15:30 PM
> > Subject: Fwd: Can't ping/ssh any guest from a laptop attached in same
> > vlan - guests can talk wth each other though
> >
> >
> >
> > Best Regards
> > Papu Bhattacharya
> > CEO- PTR Technologies
> > http://www.ptrsoft.com
> > 91-9963111687
> >
> > ----- Forwarded Message -----
> > From: "papu bhattcharaya" <pa...@ptrsoft.com>
> > To: dev@cloudstack.apache.org
> > Sent: Tuesday, December 2, 2014 10:05:11 PM
> > Subject: Can't ping/ssh any guest from a laptop attached in same vlan -
> > guests can talk wth each other though
> >
> > Hi ,
> > I am using cloudstack(4.4.1) with KVM host. I have a L3 switch -
> > partitioned to 4 vlans
> > public(CIDR:-192.168.1.0/24)
> > guest vlan (CIDR:-10.0.0.0/24)
> > management vlan (CIDR:-10.0.1.0/24)
> > storage vlan (CIDR:-10.0.2.0/24)
> >
> > I have a kvm host with four physical NICS that a connected in switch and
> > each NIC is connected in each different vlan.
> > I have created bridge over each physical nics:-
> > Cloudrbr0:-ip address:-10.0.0.24 connected on the port of the switch
> > belongs to guest vlan)
> > Cloudbr1:-ip address:-10.0.1.24 (connected on the port of the switch
> > belongs to management vlan)
> > Cloudbr2:-ip address:-10.0.2.24 (connected on the port of the switch
> > belongs to storage vlan)
> > Cloudbr3:-ip address:-192.168.1.24 (connected on the port of the switch
> > belongs to public vlan)
> >
> > I have a physical machine with four NICS and CloudStack management is
> > installed on it and four NICS are connected in four vlans with ip.
> > =>I have created a zone with advanced networking and everything been
> > success so far.
> >
> > when I created two instances(guests) on kvm host, I can ping this
> > instances with each other.( guest1/ guest2)
> > i.e
> > Instance1:-ip address:-10.0.0.90
> > Instance2:-ip address:-10.0.0.91
> > Virtual router:-ip address:-10.0.0.4
> > Now when I tried to ping /ssh the guest from a laptop attached in same
> > vlan (guest vlan) , I can’t ping guests.
> > From the laptop , I can ping 10.0.0.24 ( my cloudbr0 ip – in KVM host
> > machine) , but cant ping/ssh any guest.
> > There is no firewall issues - i checked.
> >
> > I have attached a network diagram also for better understanding of
> issues.
> >
> > Could you please help me so that I can ping /ssh to any guest from any
> > machine in guest vlan.
> > Thanks in advance
> >
> > Best Regards
> > Papu Bhattacharya
> > CEO- PTR Technologies
> > http://www.ptrsoft.com
> > 91-9963111687
> >
> >
>
--
Andrija Panić
Re: Can't ping/ssh any guest from a laptop attached in same vlan -
guests can talk wth each other though
Posted by Andrija Panic <an...@gmail.com>.
Papu, that is default VLAN isolation method behaviour.
ACS takes cloudbr0 - checks what physical NIC is connected to it (i.e.
eth0) and then it creates new bridges i.e. breth0-35 - with eth0.35 vlan
interface joined to bridge
so traffic from VM to internal network goes like this: vnetXXX -->
breth0-35-->eth0.35 --(vlan tagging)-->eth0--> physical network.
There is no way to directly attach vnet to your bridge as far as I know -
at least when using VLANs.
On 3 December 2014 at 16:52, papu bhattcharaya <pa...@ptrsoft.com> wrote:
> Hi Tilak,
> Thanks for your kind response. I am using shared networking, not isolated
> and i see no option of defining egress rule there.
> Also every time i create a guest , it appears the cloud stack is not
> creating vnet interface on cloubr0 bridge - rather its creating another
> bridge interface on eth0 and
> then creating vnet. May be because of vlan defined. But i wonder how to
> get network interface on cloudbr0.
> Thanks Again.
> Best Regards
> Papu Bhattacharya
> CEO- PTR Technologies
> http://www.ptrsoft.com
> 91-9963111687
>
> ----- Original Message -----
> From: "Tilak Raj Singh" <ti...@gmail.com>
> To: users@cloudstack.apache.org
> Sent: Wednesday, December 3, 2014 6:05:06 AM
> Subject: Re: Can't ping/ssh any guest from a laptop attached in same vlan
> - guests can talk wth each other though
>
> try adding ingress rules in your security group from cloudstack
> UI...incoming traffic is disabled by default on virtual machines...
> rules to be added..
> TCP start port 0 end port 65535 cidr 0.0.0.0/0
> UDP start port 0 end port 65535 cidr 0.0.0.0/0
> for ping allow ICMP too
> ICMP icmp type -1 icmp code -1 cidr 0.0.0.0/0
>
> Regards
>
>
> On Tue, Dec 2, 2014 at 10:20 PM, papu bhattcharaya <pa...@ptrsoft.com>
> wrote:
>
> > Hi, ( sending same mail with attachments image- seems early mail image
> was
> > not attached),
> > I am using cloudstack(4.4.1) with KVM host. I have a L3 switch -
> > partitioned to 4 vlans
> > public(CIDR:-192.168.1.0/24)
> > guest vlan (CIDR:-10.0.0.0/24)
> > management vlan (CIDR:-10.0.1.0/24)
> > storage vlan (CIDR:-10.0.2.0/24)
> >
> > I have a kvm host with four physical NICS that a connected in switch and
> > each NIC is connected in each different vlan.
> > I have created bridge over each physical nics:-
> > Cloudrbr0:-ip address:-10.0.0.24 connected on the port of the switch
> > belongs to guest vlan)
> > Cloudbr1:-ip address:-10.0.1.24 (connected on the port of the switch
> > belongs to management vlan)
> > Cloudbr2:-ip address:-10.0.2.24 (connected on the port of the switch
> > belongs to storage vlan)
> > Cloudbr3:-ip address:-192.168.1.24 (connected on the port of the switch
> > belongs to public vlan)
> >
> > I have a physical machine with four NICS and CloudStack management is
> > installed on it and four NICS are connected in four vlans with ip.
> > =>I have created a zone with advanced networking and everything been
> > success so far.
> >
> > when I created two instances(guests) on kvm host, I can ping this
> > instances with each other.( guest1/ guest2)
> > i.e
> > Instance1:-ip address:-10.0.0.90
> > Instance2:-ip address:-10.0.0.91
> > Virtual router:-ip address:-10.0.0.4
> > Now when I tried to ping /ssh the guest from a laptop attached in same
> > vlan (guest vlan) , I can’t ping guests.
> > From the laptop , I can ping 10.0.0.24 ( my cloudbr0 ip – in KVM host
> > machine) , but cant ping/ssh any guest.
> > There is no firewall issues - i checked.
> >
> > I have attached a network diagram also for better understanding of
> issues.
> >
> > Could you please help me so that I can ping /ssh to any guest from any
> > machine in guest vlan.
> > Thanks in advance
> >
> >
> > Best Regards
> > Papu Bhattacharya
> > CEO- PTR Technologies
> > http://www.ptrsoft.com
> > 91-9963111687
> >
> > ----- Original Message -----
> > From: "papu bhattcharaya" <pa...@ptrsoft.com>
> > To: papubhat@gmail.com
> > Sent: Tuesday, December 2, 2014 10:15:30 PM
> > Subject: Fwd: Can't ping/ssh any guest from a laptop attached in same
> > vlan - guests can talk wth each other though
> >
> >
> >
> > Best Regards
> > Papu Bhattacharya
> > CEO- PTR Technologies
> > http://www.ptrsoft.com
> > 91-9963111687
> >
> > ----- Forwarded Message -----
> > From: "papu bhattcharaya" <pa...@ptrsoft.com>
> > To: dev@cloudstack.apache.org
> > Sent: Tuesday, December 2, 2014 10:05:11 PM
> > Subject: Can't ping/ssh any guest from a laptop attached in same vlan -
> > guests can talk wth each other though
> >
> > Hi ,
> > I am using cloudstack(4.4.1) with KVM host. I have a L3 switch -
> > partitioned to 4 vlans
> > public(CIDR:-192.168.1.0/24)
> > guest vlan (CIDR:-10.0.0.0/24)
> > management vlan (CIDR:-10.0.1.0/24)
> > storage vlan (CIDR:-10.0.2.0/24)
> >
> > I have a kvm host with four physical NICS that a connected in switch and
> > each NIC is connected in each different vlan.
> > I have created bridge over each physical nics:-
> > Cloudrbr0:-ip address:-10.0.0.24 connected on the port of the switch
> > belongs to guest vlan)
> > Cloudbr1:-ip address:-10.0.1.24 (connected on the port of the switch
> > belongs to management vlan)
> > Cloudbr2:-ip address:-10.0.2.24 (connected on the port of the switch
> > belongs to storage vlan)
> > Cloudbr3:-ip address:-192.168.1.24 (connected on the port of the switch
> > belongs to public vlan)
> >
> > I have a physical machine with four NICS and CloudStack management is
> > installed on it and four NICS are connected in four vlans with ip.
> > =>I have created a zone with advanced networking and everything been
> > success so far.
> >
> > when I created two instances(guests) on kvm host, I can ping this
> > instances with each other.( guest1/ guest2)
> > i.e
> > Instance1:-ip address:-10.0.0.90
> > Instance2:-ip address:-10.0.0.91
> > Virtual router:-ip address:-10.0.0.4
> > Now when I tried to ping /ssh the guest from a laptop attached in same
> > vlan (guest vlan) , I can’t ping guests.
> > From the laptop , I can ping 10.0.0.24 ( my cloudbr0 ip – in KVM host
> > machine) , but cant ping/ssh any guest.
> > There is no firewall issues - i checked.
> >
> > I have attached a network diagram also for better understanding of
> issues.
> >
> > Could you please help me so that I can ping /ssh to any guest from any
> > machine in guest vlan.
> > Thanks in advance
> >
> > Best Regards
> > Papu Bhattacharya
> > CEO- PTR Technologies
> > http://www.ptrsoft.com
> > 91-9963111687
> >
> >
>
--
Andrija Panić
Re: Can't ping/ssh any guest from a laptop attached in same vlan -
guests can talk wth each other though
Posted by papu bhattcharaya <pa...@ptrsoft.com>.
Hi Tilak,
Thanks for your kind response. I am using shared networking, not isolated and i see no option of defining egress rule there.
Also every time i create a guest , it appears the cloud stack is not creating vnet interface on cloubr0 bridge - rather its creating another bridge interface on eth0 and
then creating vnet. May be because of vlan defined. But i wonder how to get network interface on cloudbr0.
Thanks Again.
Best Regards
Papu Bhattacharya
CEO- PTR Technologies
http://www.ptrsoft.com
91-9963111687
----- Original Message -----
From: "Tilak Raj Singh" <ti...@gmail.com>
To: users@cloudstack.apache.org
Sent: Wednesday, December 3, 2014 6:05:06 AM
Subject: Re: Can't ping/ssh any guest from a laptop attached in same vlan - guests can talk wth each other though
try adding ingress rules in your security group from cloudstack
UI...incoming traffic is disabled by default on virtual machines...
rules to be added..
TCP start port 0 end port 65535 cidr 0.0.0.0/0
UDP start port 0 end port 65535 cidr 0.0.0.0/0
for ping allow ICMP too
ICMP icmp type -1 icmp code -1 cidr 0.0.0.0/0
Regards
On Tue, Dec 2, 2014 at 10:20 PM, papu bhattcharaya <pa...@ptrsoft.com> wrote:
> Hi, ( sending same mail with attachments image- seems early mail image was
> not attached),
> I am using cloudstack(4.4.1) with KVM host. I have a L3 switch -
> partitioned to 4 vlans
> public(CIDR:-192.168.1.0/24)
> guest vlan (CIDR:-10.0.0.0/24)
> management vlan (CIDR:-10.0.1.0/24)
> storage vlan (CIDR:-10.0.2.0/24)
>
> I have a kvm host with four physical NICS that a connected in switch and
> each NIC is connected in each different vlan.
> I have created bridge over each physical nics:-
> Cloudrbr0:-ip address:-10.0.0.24 connected on the port of the switch
> belongs to guest vlan)
> Cloudbr1:-ip address:-10.0.1.24 (connected on the port of the switch
> belongs to management vlan)
> Cloudbr2:-ip address:-10.0.2.24 (connected on the port of the switch
> belongs to storage vlan)
> Cloudbr3:-ip address:-192.168.1.24 (connected on the port of the switch
> belongs to public vlan)
>
> I have a physical machine with four NICS and CloudStack management is
> installed on it and four NICS are connected in four vlans with ip.
> =>I have created a zone with advanced networking and everything been
> success so far.
>
> when I created two instances(guests) on kvm host, I can ping this
> instances with each other.( guest1/ guest2)
> i.e
> Instance1:-ip address:-10.0.0.90
> Instance2:-ip address:-10.0.0.91
> Virtual router:-ip address:-10.0.0.4
> Now when I tried to ping /ssh the guest from a laptop attached in same
> vlan (guest vlan) , I can’t ping guests.
> From the laptop , I can ping 10.0.0.24 ( my cloudbr0 ip – in KVM host
> machine) , but cant ping/ssh any guest.
> There is no firewall issues - i checked.
>
> I have attached a network diagram also for better understanding of issues.
>
> Could you please help me so that I can ping /ssh to any guest from any
> machine in guest vlan.
> Thanks in advance
>
>
> Best Regards
> Papu Bhattacharya
> CEO- PTR Technologies
> http://www.ptrsoft.com
> 91-9963111687
>
> ----- Original Message -----
> From: "papu bhattcharaya" <pa...@ptrsoft.com>
> To: papubhat@gmail.com
> Sent: Tuesday, December 2, 2014 10:15:30 PM
> Subject: Fwd: Can't ping/ssh any guest from a laptop attached in same
> vlan - guests can talk wth each other though
>
>
>
> Best Regards
> Papu Bhattacharya
> CEO- PTR Technologies
> http://www.ptrsoft.com
> 91-9963111687
>
> ----- Forwarded Message -----
> From: "papu bhattcharaya" <pa...@ptrsoft.com>
> To: dev@cloudstack.apache.org
> Sent: Tuesday, December 2, 2014 10:05:11 PM
> Subject: Can't ping/ssh any guest from a laptop attached in same vlan -
> guests can talk wth each other though
>
> Hi ,
> I am using cloudstack(4.4.1) with KVM host. I have a L3 switch -
> partitioned to 4 vlans
> public(CIDR:-192.168.1.0/24)
> guest vlan (CIDR:-10.0.0.0/24)
> management vlan (CIDR:-10.0.1.0/24)
> storage vlan (CIDR:-10.0.2.0/24)
>
> I have a kvm host with four physical NICS that a connected in switch and
> each NIC is connected in each different vlan.
> I have created bridge over each physical nics:-
> Cloudrbr0:-ip address:-10.0.0.24 connected on the port of the switch
> belongs to guest vlan)
> Cloudbr1:-ip address:-10.0.1.24 (connected on the port of the switch
> belongs to management vlan)
> Cloudbr2:-ip address:-10.0.2.24 (connected on the port of the switch
> belongs to storage vlan)
> Cloudbr3:-ip address:-192.168.1.24 (connected on the port of the switch
> belongs to public vlan)
>
> I have a physical machine with four NICS and CloudStack management is
> installed on it and four NICS are connected in four vlans with ip.
> =>I have created a zone with advanced networking and everything been
> success so far.
>
> when I created two instances(guests) on kvm host, I can ping this
> instances with each other.( guest1/ guest2)
> i.e
> Instance1:-ip address:-10.0.0.90
> Instance2:-ip address:-10.0.0.91
> Virtual router:-ip address:-10.0.0.4
> Now when I tried to ping /ssh the guest from a laptop attached in same
> vlan (guest vlan) , I can’t ping guests.
> From the laptop , I can ping 10.0.0.24 ( my cloudbr0 ip – in KVM host
> machine) , but cant ping/ssh any guest.
> There is no firewall issues - i checked.
>
> I have attached a network diagram also for better understanding of issues.
>
> Could you please help me so that I can ping /ssh to any guest from any
> machine in guest vlan.
> Thanks in advance
>
> Best Regards
> Papu Bhattacharya
> CEO- PTR Technologies
> http://www.ptrsoft.com
> 91-9963111687
>
>
Re: Can't ping/ssh any guest from a laptop attached in same vlan -
guests can talk wth each other though
Posted by Tilak Raj Singh <ti...@gmail.com>.
try adding ingress rules in your security group from cloudstack
UI...incoming traffic is disabled by default on virtual machines...
rules to be added..
TCP start port 0 end port 65535 cidr 0.0.0.0/0
UDP start port 0 end port 65535 cidr 0.0.0.0/0
for ping allow ICMP too
ICMP icmp type -1 icmp code -1 cidr 0.0.0.0/0
Regards
On Tue, Dec 2, 2014 at 10:20 PM, papu bhattcharaya <pa...@ptrsoft.com> wrote:
> Hi, ( sending same mail with attachments image- seems early mail image was
> not attached),
> I am using cloudstack(4.4.1) with KVM host. I have a L3 switch -
> partitioned to 4 vlans
> public(CIDR:-192.168.1.0/24)
> guest vlan (CIDR:-10.0.0.0/24)
> management vlan (CIDR:-10.0.1.0/24)
> storage vlan (CIDR:-10.0.2.0/24)
>
> I have a kvm host with four physical NICS that a connected in switch and
> each NIC is connected in each different vlan.
> I have created bridge over each physical nics:-
> Cloudrbr0:-ip address:-10.0.0.24 connected on the port of the switch
> belongs to guest vlan)
> Cloudbr1:-ip address:-10.0.1.24 (connected on the port of the switch
> belongs to management vlan)
> Cloudbr2:-ip address:-10.0.2.24 (connected on the port of the switch
> belongs to storage vlan)
> Cloudbr3:-ip address:-192.168.1.24 (connected on the port of the switch
> belongs to public vlan)
>
> I have a physical machine with four NICS and CloudStack management is
> installed on it and four NICS are connected in four vlans with ip.
> =>I have created a zone with advanced networking and everything been
> success so far.
>
> when I created two instances(guests) on kvm host, I can ping this
> instances with each other.( guest1/ guest2)
> i.e
> Instance1:-ip address:-10.0.0.90
> Instance2:-ip address:-10.0.0.91
> Virtual router:-ip address:-10.0.0.4
> Now when I tried to ping /ssh the guest from a laptop attached in same
> vlan (guest vlan) , I can’t ping guests.
> From the laptop , I can ping 10.0.0.24 ( my cloudbr0 ip – in KVM host
> machine) , but cant ping/ssh any guest.
> There is no firewall issues - i checked.
>
> I have attached a network diagram also for better understanding of issues.
>
> Could you please help me so that I can ping /ssh to any guest from any
> machine in guest vlan.
> Thanks in advance
>
>
> Best Regards
> Papu Bhattacharya
> CEO- PTR Technologies
> http://www.ptrsoft.com
> 91-9963111687
>
> ----- Original Message -----
> From: "papu bhattcharaya" <pa...@ptrsoft.com>
> To: papubhat@gmail.com
> Sent: Tuesday, December 2, 2014 10:15:30 PM
> Subject: Fwd: Can't ping/ssh any guest from a laptop attached in same
> vlan - guests can talk wth each other though
>
>
>
> Best Regards
> Papu Bhattacharya
> CEO- PTR Technologies
> http://www.ptrsoft.com
> 91-9963111687
>
> ----- Forwarded Message -----
> From: "papu bhattcharaya" <pa...@ptrsoft.com>
> To: dev@cloudstack.apache.org
> Sent: Tuesday, December 2, 2014 10:05:11 PM
> Subject: Can't ping/ssh any guest from a laptop attached in same vlan -
> guests can talk wth each other though
>
> Hi ,
> I am using cloudstack(4.4.1) with KVM host. I have a L3 switch -
> partitioned to 4 vlans
> public(CIDR:-192.168.1.0/24)
> guest vlan (CIDR:-10.0.0.0/24)
> management vlan (CIDR:-10.0.1.0/24)
> storage vlan (CIDR:-10.0.2.0/24)
>
> I have a kvm host with four physical NICS that a connected in switch and
> each NIC is connected in each different vlan.
> I have created bridge over each physical nics:-
> Cloudrbr0:-ip address:-10.0.0.24 connected on the port of the switch
> belongs to guest vlan)
> Cloudbr1:-ip address:-10.0.1.24 (connected on the port of the switch
> belongs to management vlan)
> Cloudbr2:-ip address:-10.0.2.24 (connected on the port of the switch
> belongs to storage vlan)
> Cloudbr3:-ip address:-192.168.1.24 (connected on the port of the switch
> belongs to public vlan)
>
> I have a physical machine with four NICS and CloudStack management is
> installed on it and four NICS are connected in four vlans with ip.
> =>I have created a zone with advanced networking and everything been
> success so far.
>
> when I created two instances(guests) on kvm host, I can ping this
> instances with each other.( guest1/ guest2)
> i.e
> Instance1:-ip address:-10.0.0.90
> Instance2:-ip address:-10.0.0.91
> Virtual router:-ip address:-10.0.0.4
> Now when I tried to ping /ssh the guest from a laptop attached in same
> vlan (guest vlan) , I can’t ping guests.
> From the laptop , I can ping 10.0.0.24 ( my cloudbr0 ip – in KVM host
> machine) , but cant ping/ssh any guest.
> There is no firewall issues - i checked.
>
> I have attached a network diagram also for better understanding of issues.
>
> Could you please help me so that I can ping /ssh to any guest from any
> machine in guest vlan.
> Thanks in advance
>
> Best Regards
> Papu Bhattacharya
> CEO- PTR Technologies
> http://www.ptrsoft.com
> 91-9963111687
>
>