You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cloudstack.apache.org by 不坏阿峰 <on...@gmail.com> on 2013/08/24 04:24:52 UTC
how to use Private Gateway in VPC on CS4.1.1
Environment :
cs-mgt:
eth1: 192.168.230.2
xen01:
eth1: 192.168.230.11
eth2: public+guest (guest network:192.168.30.0/24 public: 192.168.240.0)
eth3: 192.168.250.11
xen01:
eth1: 192.168.230.12
eth2: public+guest (guest network:192.168.30.0/24 public: 192.168.240.0 )
eth3: 192.168.250.12
VPC network 172.16.0.0/16
tier01 172.16.0.1/24.
tier02 172.16.1.1/24
tier network ACLs ingress, egress TCP/UDP all
allowed configed
i create on Private gateway like this:
Physical Network: i chose eth2
IP Address: 192.168.20.9
Gateway: 192.168.20.10
(i am not sure what gateway should be, i put the another side router IP )
Netmask: 255.255.255.0
VLAN: 20
#> what i want to do , private way should have this function, am i right?
VPC vms <=> Prv GTW <=> Another Router <=> sub net
(172.16.0.0/24 192.168.20.9 192.168.20.10 192.168.80.0
172.16.1.0/24)
i add static route in Prv GTW , 192.168.80.0..
Could someone give some favor to make me workout? Many thanks!
######## information on VPC vrouter
root@r-166-VM:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.240.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth4
172.16.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth3
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.240.1 0.0.0.0 UG 0 0 0 eth1
root@r-166-VM:~# ip route show table static_route
192.168.80.0/24 via 192.168.20.10 dev eth4
######## VPCvrouter can ping 192.168.20.10 #########
root@r-166-VM:~# ping 192.168.20.10
PING 192.168.20.10 (192.168.20.10): 56 data bytes
64 bytes from 192.168.20.10: icmp_seq=0 ttl=64 time=5.835 ms
64 bytes from 192.168.20.10: icmp_seq=1 ttl=64 time=1.135 ms
^C--- 192.168.20.10 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 1.135/3.485/5.835/2.350 ms
######## VPCvrouter can not ping 192.168.80.1 ############
root@r-166-VM:~# ping 192.168.80.1
PING 192.168.80.1 (192.168.80.1): 56 data bytes
^C--- 192.168.80.1 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss
######## VPC vm can ping 192.168.20.9 ############
[root@d911668f-d56b-48bc-ae23-c5d2f6a214a9 ~]# ping 192.168.20.9
PING 192.168.20.9 (192.168.20.9) 56(84) bytes of data.
64 bytes from 192.168.20.9: icmp_seq=1 ttl=64 time=0.788 ms
64 bytes from 192.168.20.9: icmp_seq=2 ttl=64 time=0.526 ms
64 bytes from 192.168.20.9: icmp_seq=3 ttl=64 time=1.22 ms
--- 192.168.20.9 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1998ms
rtt min/avg/max/mdev = 0.526/0.845/1.221/0.286 ms
######## VPC vm can not ping 192.168.20.10 ############
[root@d911668f-d56b-48bc-ae23-c5d2f6a214a9 ~]# ping 192.168.20.10
PING 192.168.20.10 (192.168.20.10) 56(84) bytes of data.
--- 192.168.20.10 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3004ms
Re: how to use Private Gateway in VPC on CS4.1.1
Posted by Geoff Higginbottom <ge...@shapeblue.com>.
Happy to help
Regards
Geoff Higginbottom
CTO / Cloud Architect
D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:+442036030540>| M: +447968161581<tel:+447968161581>
geoff.higginbottom@shapeblue.com<ma...@shapeblue.com> |www.shapeblue.com | Twitter:@shapeblue<https://twitter.com/#!/shapeblue>
ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
On 24 Aug 2013, at 10:44, "不坏阿峰" <on...@gmail.com>> wrote:
Thank you very much.
i think i make mistake, i put a route on router just the 0.0.0.0/0
via eht1 , forget give the next nope IP. should be 0.0.0.0/0 via
192.168.20.9 eth1
now can ping each other. thanks a lot
now
2013/8/24 Geoff Higginbottom <ge...@shapeblue.com>>:
You need to put a route on the router so traffic destined for 172.16.0.0/24 &172.16.1.0/24 is sent vi 192.168.20.9 so the return traffic knows where to go.
Regards
Geoff Higginbottom
D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
geoff.higginbottom@shapeblue.com<ma...@shapeblue.com>
-----Original Message-----
From: 不坏阿峰 [mailto:onlydebian@gmail.com]
Sent: 23 August 2013 22:25
To: users-cn; users@cloudstack.apache.org<ma...@cloudstack.apache.org>
Subject: how to use Private Gateway in VPC on CS4.1.1
Environment :
cs-mgt:
eth1: 192.168.230.2
xen01:
eth1: 192.168.230.11
eth2: public+guest (guest network:192.168.30.0/24 public: 192.168.240.0)
eth3: 192.168.250.11
xen01:
eth1: 192.168.230.12
eth2: public+guest (guest network:192.168.30.0/24 public: 192.168.240.0 )
eth3: 192.168.250.12
VPC network 172.16.0.0/16
tier01 172.16.0.1/24.
tier02 172.16.1.1/24
tier network ACLs ingress, egress TCP/UDP all
allowed configed
i create on Private gateway like this:
Physical Network: i chose eth2
IP Address: 192.168.20.9
Gateway: 192.168.20.10
(i am not sure what gateway should be, i put the another side router IP )
Netmask: 255.255.255.0
VLAN: 20
#> what i want to do , private way should have this function, am i right?
VPC vms <=> Prv GTW <=> Another Router <=> sub net
(172.16.0.0/24 192.168.20.9 192.168.20.10 192.168.80.0
172.16.1.0/24)
i add static route in Prv GTW , 192.168.80.0..
Could someone give some favor to make me workout? Many thanks!
######## information on VPC vrouter
root@r-166-VM:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.240.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth4
172.16.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth3
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.240.1 0.0.0.0 UG 0 0 0 eth1
root@r-166-VM:~# ip route show table static_route
192.168.80.0/24 via 192.168.20.10 dev eth4
######## VPCvrouter can ping 192.168.20.10 ######### root@r-166-VM:~# ping 192.168.20.10 PING 192.168.20.10 (192.168.20.10): 56 data bytes
64 bytes from 192.168.20.10: icmp_seq=0 ttl=64 time=5.835 ms
64 bytes from 192.168.20.10: icmp_seq=1 ttl=64 time=1.135 ms
^C--- 192.168.20.10 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max/stddev = 1.135/3.485/5.835/2.350 ms
######## VPCvrouter can not ping 192.168.80.1 ############
root@r-166-VM:~# ping 192.168.80.1
PING 192.168.80.1 (192.168.80.1): 56 data bytes
^C--- 192.168.80.1 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss
######## VPC vm can ping 192.168.20.9 ############
[root@d911668f-d56b-48bc-ae23-c5d2f6a214a9 ~]# ping 192.168.20.9 PING 192.168.20.9 (192.168.20.9) 56(84) bytes of data.
64 bytes from 192.168.20.9: icmp_seq=1 ttl=64 time=0.788 ms
64 bytes from 192.168.20.9: icmp_seq=2 ttl=64 time=0.526 ms
64 bytes from 192.168.20.9: icmp_seq=3 ttl=64 time=1.22 ms
--- 192.168.20.9 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1998ms rtt min/avg/max/mdev = 0.526/0.845/1.221/0.286 ms
######## VPC vm can not ping 192.168.20.10 ############
[root@d911668f-d56b-48bc-ae23-c5d2f6a214a9 ~]# ping 192.168.20.10 PING 192.168.20.10 (192.168.20.10) 56(84) bytes of data.
--- 192.168.20.10 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3004ms
This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Re: how to use Private Gateway in VPC on CS4.1.1
Posted by 不坏阿峰 <on...@gmail.com>.
Thank you very much.
i think i make mistake, i put a route on router just the 0.0.0.0/0
via eht1 , forget give the next nope IP. should be 0.0.0.0/0 via
192.168.20.9 eth1
now can ping each other. thanks a lot
now
2013/8/24 Geoff Higginbottom <ge...@shapeblue.com>:
> You need to put a route on the router so traffic destined for 172.16.0.0/24 &172.16.1.0/24 is sent vi 192.168.20.9 so the return traffic knows where to go.
>
> Regards
>
> Geoff Higginbottom
>
> D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
>
> geoff.higginbottom@shapeblue.com
>
> -----Original Message-----
> From: 不坏阿峰 [mailto:onlydebian@gmail.com]
> Sent: 23 August 2013 22:25
> To: users-cn; users@cloudstack.apache.org
> Subject: how to use Private Gateway in VPC on CS4.1.1
>
> Environment :
> cs-mgt:
> eth1: 192.168.230.2
>
> xen01:
> eth1: 192.168.230.11
> eth2: public+guest (guest network:192.168.30.0/24 public: 192.168.240.0)
> eth3: 192.168.250.11
>
> xen01:
> eth1: 192.168.230.12
> eth2: public+guest (guest network:192.168.30.0/24 public: 192.168.240.0 )
> eth3: 192.168.250.12
>
> VPC network 172.16.0.0/16
> tier01 172.16.0.1/24.
> tier02 172.16.1.1/24
>
> tier network ACLs ingress, egress TCP/UDP all
> allowed configed
>
> i create on Private gateway like this:
>
> Physical Network: i chose eth2
> IP Address: 192.168.20.9
> Gateway: 192.168.20.10
> (i am not sure what gateway should be, i put the another side router IP )
> Netmask: 255.255.255.0
> VLAN: 20
>
> #> what i want to do , private way should have this function, am i right?
>
> VPC vms <=> Prv GTW <=> Another Router <=> sub net
> (172.16.0.0/24 192.168.20.9 192.168.20.10 192.168.80.0
> 172.16.1.0/24)
>
> i add static route in Prv GTW , 192.168.80.0..
>
> Could someone give some favor to make me workout? Many thanks!
>
> ######## information on VPC vrouter
> root@r-166-VM:~# route -n
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use Iface
> 192.168.240.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
> 192.168.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth4
> 172.16.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
> 172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth3
> 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
> 0.0.0.0 192.168.240.1 0.0.0.0 UG 0 0 0 eth1
>
> root@r-166-VM:~# ip route show table static_route
> 192.168.80.0/24 via 192.168.20.10 dev eth4
>
> ######## VPCvrouter can ping 192.168.20.10 ######### root@r-166-VM:~# ping 192.168.20.10 PING 192.168.20.10 (192.168.20.10): 56 data bytes
> 64 bytes from 192.168.20.10: icmp_seq=0 ttl=64 time=5.835 ms
> 64 bytes from 192.168.20.10: icmp_seq=1 ttl=64 time=1.135 ms
> ^C--- 192.168.20.10 ping statistics ---
> 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max/stddev = 1.135/3.485/5.835/2.350 ms
>
> ######## VPCvrouter can not ping 192.168.80.1 ############
> root@r-166-VM:~# ping 192.168.80.1
> PING 192.168.80.1 (192.168.80.1): 56 data bytes
> ^C--- 192.168.80.1 ping statistics ---
> 5 packets transmitted, 0 packets received, 100% packet loss
>
> ######## VPC vm can ping 192.168.20.9 ############
> [root@d911668f-d56b-48bc-ae23-c5d2f6a214a9 ~]# ping 192.168.20.9 PING 192.168.20.9 (192.168.20.9) 56(84) bytes of data.
> 64 bytes from 192.168.20.9: icmp_seq=1 ttl=64 time=0.788 ms
> 64 bytes from 192.168.20.9: icmp_seq=2 ttl=64 time=0.526 ms
> 64 bytes from 192.168.20.9: icmp_seq=3 ttl=64 time=1.22 ms
> --- 192.168.20.9 ping statistics ---
> 3 packets transmitted, 3 received, 0% packet loss, time 1998ms rtt min/avg/max/mdev = 0.526/0.845/1.221/0.286 ms
>
> ######## VPC vm can not ping 192.168.20.10 ############
> [root@d911668f-d56b-48bc-ae23-c5d2f6a214a9 ~]# ping 192.168.20.10 PING 192.168.20.10 (192.168.20.10) 56(84) bytes of data.
> --- 192.168.20.10 ping statistics ---
> 4 packets transmitted, 0 received, 100% packet loss, time 3004ms
> This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
RE: how to use Private Gateway in VPC on CS4.1.1
Posted by Geoff Higginbottom <ge...@shapeblue.com>.
You need to put a route on the router so traffic destined for 172.16.0.0/24 &172.16.1.0/24 is sent vi 192.168.20.9 so the return traffic knows where to go.
Regards
Geoff Higginbottom
D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
geoff.higginbottom@shapeblue.com
-----Original Message-----
From: 不坏阿峰 [mailto:onlydebian@gmail.com]
Sent: 23 August 2013 22:25
To: users-cn; users@cloudstack.apache.org
Subject: how to use Private Gateway in VPC on CS4.1.1
Environment :
cs-mgt:
eth1: 192.168.230.2
xen01:
eth1: 192.168.230.11
eth2: public+guest (guest network:192.168.30.0/24 public: 192.168.240.0)
eth3: 192.168.250.11
xen01:
eth1: 192.168.230.12
eth2: public+guest (guest network:192.168.30.0/24 public: 192.168.240.0 )
eth3: 192.168.250.12
VPC network 172.16.0.0/16
tier01 172.16.0.1/24.
tier02 172.16.1.1/24
tier network ACLs ingress, egress TCP/UDP all
allowed configed
i create on Private gateway like this:
Physical Network: i chose eth2
IP Address: 192.168.20.9
Gateway: 192.168.20.10
(i am not sure what gateway should be, i put the another side router IP )
Netmask: 255.255.255.0
VLAN: 20
#> what i want to do , private way should have this function, am i right?
VPC vms <=> Prv GTW <=> Another Router <=> sub net
(172.16.0.0/24 192.168.20.9 192.168.20.10 192.168.80.0
172.16.1.0/24)
i add static route in Prv GTW , 192.168.80.0..
Could someone give some favor to make me workout? Many thanks!
######## information on VPC vrouter
root@r-166-VM:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.240.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth4
172.16.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth3
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.240.1 0.0.0.0 UG 0 0 0 eth1
root@r-166-VM:~# ip route show table static_route
192.168.80.0/24 via 192.168.20.10 dev eth4
######## VPCvrouter can ping 192.168.20.10 ######### root@r-166-VM:~# ping 192.168.20.10 PING 192.168.20.10 (192.168.20.10): 56 data bytes
64 bytes from 192.168.20.10: icmp_seq=0 ttl=64 time=5.835 ms
64 bytes from 192.168.20.10: icmp_seq=1 ttl=64 time=1.135 ms
^C--- 192.168.20.10 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max/stddev = 1.135/3.485/5.835/2.350 ms
######## VPCvrouter can not ping 192.168.80.1 ############
root@r-166-VM:~# ping 192.168.80.1
PING 192.168.80.1 (192.168.80.1): 56 data bytes
^C--- 192.168.80.1 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss
######## VPC vm can ping 192.168.20.9 ############
[root@d911668f-d56b-48bc-ae23-c5d2f6a214a9 ~]# ping 192.168.20.9 PING 192.168.20.9 (192.168.20.9) 56(84) bytes of data.
64 bytes from 192.168.20.9: icmp_seq=1 ttl=64 time=0.788 ms
64 bytes from 192.168.20.9: icmp_seq=2 ttl=64 time=0.526 ms
64 bytes from 192.168.20.9: icmp_seq=3 ttl=64 time=1.22 ms
--- 192.168.20.9 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1998ms rtt min/avg/max/mdev = 0.526/0.845/1.221/0.286 ms
######## VPC vm can not ping 192.168.20.10 ############
[root@d911668f-d56b-48bc-ae23-c5d2f6a214a9 ~]# ping 192.168.20.10 PING 192.168.20.10 (192.168.20.10) 56(84) bytes of data.
--- 192.168.20.10 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3004ms
This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.