You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cloudstack.apache.org by 不坏阿峰 <on...@gmail.com> on 2013/08/23 04:53:20 UTC
vm with Cloudstack+openvswitch+KVM can not access extranal network,
can ping gateway
vm with openvswitch+KVM can not access extranal network, can ping gateway
Cloudstack4.1.1
A: one kvm host ubuntu12.04 with openvswitch,
B: xen server6.0,
C: one kvm host centos with openvswitch
in cloudstack have two network.
Guestvlan301 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all
Guestvlan300 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all
①:vrouter301 run on Xen, Public IP Address 192.168.240.54 Guest IP
Address 192.168.31.1
vm in vlan301 ,can ping gateway 192.168.31.1 and can access
internet. vm can run on kvm or xen, both ok.
②:vronter300 run on Kvm with openvswitch, Public IP Address
192.168.240.53 Guest IP Address 192.168.30.1
vm in vlan300 ,can ping gateway 192.168.30.1, but can not access
internet. vrouter can access internet.
how to make vm under kvm+openvswitch to access outside network and internet
[root@centos-kvm01 libvirt]# ovs-vsctl show
7cb5f505-7ac1-4403-9f9d-101882ed7bad
Bridge kvmmgt
Port kvmmgt
Interface kvmmgt
type: internal
Port "eth0"
Interface "eth0"
Bridge "cloudbr0"
Port "cloudbr0"
Interface "cloudbr0"
type: internal
Port "eth1"
Interface "eth1" ## Eth1 uplink port is Esxi
vswitch in promiscuous mode, Xen server Eth1 uplink this too, can
work fine ; Kvm use native bridge work fine too.
Port "vnet3"
tag: 240
Interface "vnet3"
Port "vnet0"
tag: 301
Interface "vnet0"
Port "vnet1"
tag: 300
Interface "vnet1"
Port "vnet4"
tag: 240
Interface "vnet4"
Bridge "cloud0"
Port "cloud0"
Interface "cloud0"
type: internal
Port "vnet2"
Interface "vnet2"
Bridge storage
Port "eth2"
Interface "eth2"
Port storage
Interface storage
type: internal
ovs_version: "1.10.0"
i do the test,
one VM 192.168.30.90 run ping 192.168.123.1
vrouter 192.168.30.1(outside IP 192.168.240.53 vlan 240) run ping
www.google.com
[root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 30.90
in_port(9),eth(src=02:00:07:94:00:09,dst=02:00:3c:30:00:06),eth_type(0x0806),arp(sip=192.168.30.1,tip=192.168.30.90,op=2,sha=02:00:07:94:00:09,tha=02:00:3c:30:00:06),
packets:0, bytes:0, used:never, actions:push_vlan(vid=300,pcp=0),5
in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=63,frag=no),icmp(type=8,code=0),
packets:5855, bytes:573790, used:0.810s,
actions:push_vlan(vid=240,pcp=0),5
in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.30.90,tip=192.168.30.1,op=1,sha=02:00:3c:30:00:06,tha=00:00:00:00:00:00)),
packets:0, bytes:0, used:never, actions:pop_vlan,9
in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0)),
packets:5855, bytes:597210, used:0.809s, actions:pop_vlan,9
###### actions:push_vlan(vid=240,pcp=0),5 , this is maybe have
some problem !!!!!!! is it??
[root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 240.53
in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.240.53,dst=74.125.128.105,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0),
packets:6167, bytes:604366, used:0.486s,
actions:push_vlan(vid=240,pcp=0),5
in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.240.1,tip=192.168.240.53,op=1,sha=00:50:56:97:5c:55,tha=00:00:00:00:00:00)),
packets:0, bytes:0, used:never, actions:pop_vlan,11
in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0800),ipv4(src=74.125.128.105,dst=192.168.240.53,proto=1,tos=0,ttl=49,frag=no),icmp(type=0,code=0)),
packets:6059, bytes:618018, used:0.450s, actions:pop_vlan,11
in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0806),arp(sip=192.168.240.53,tip=192.168.240.1,op=2,sha=06:28:b6:00:01:20,tha=00:50:56:97:5c:55),
packets:0, bytes:0, used:never, actions:push_vlan(vid=240,pcp=0),5
Re: vm with Cloudstack+openvswitch+KVM can not access extranal
network, can ping gateway
Posted by Daan Hoogland <da...@gmail.com>.
Hello,
Sorry for the late reply. I hope you have found the reason by now. If
not please ask your question on the dev list. As I suspect it is a bug
you have more chance getting a sensible answer there.
regards,
On Fri, Aug 30, 2013 at 6:06 PM, 不坏阿峰 <on...@gmail.com> wrote:
> vrouter run on Xen host, is ok. or run kvm host without ovs ,working too
>
> 2013/8/27 Daan Hoogland <da...@gmail.com>:
>> That would seem to be a bug. Can you migrate the router to a xen host
>> to see it working again?
>>
>> On Tue, Aug 27, 2013 at 4:57 PM, 不坏阿峰 <on...@gmail.com> wrote:
>>> this is different.
>>>
>>> i have configed the Engress rules, so that vm(run on KVM+OVS host)
>>> can access external&internet when vrouter run on Xen.
>>> but when vrouter run on KVM+OVS host , vm(run on KVM+OVS host) can
>>> not access external network.
>>>
>>>
>>> 2013/8/27 Daan Hoogland <da...@gmail.com>:
>>>> Feng,
>>>>
>>>> Did you solve this mail along with the other one you send? It seems
>>>> like the same question.
>>>>
>>>> regards,
>>>> Daan
>>>>
>>>> On Tue, Aug 27, 2013 at 4:26 PM, 不坏阿峰 <on...@gmail.com> wrote:
>>>>> wish some expert come to help me.~~`
>>>>>
>>>>> 2013/8/24 不坏阿峰 <on...@gmail.com>:
>>>>>> can someone help?
>>>>>>
>>>>>> 2013/8/23 不坏阿峰 <on...@gmail.com>:
>>>>>>> i did it. Guestvlan300 Isolated 192.168.31.0/24 ,Egress rule,
>>>>>>> 0.0.0.0/0 all.
>>>>>>> and when i initail vrouter on Xen host, guest host can access
>>>>>>> internet. but vroute on kvm+openvswitch Host can not.
>>>>>>>
>>>>>>> 2013/8/23 Ahmad Emneina <ae...@gmail.com>:
>>>>>>>> I believe you have to create an egress networking rule to allow for vm's to
>>>>>>>> reach the internet.
>>>>>>>>
>>>>>>>>
>>>>>>>> On Thu, Aug 22, 2013 at 7:53 PM, 不坏阿峰 <on...@gmail.com> wrote:
>>>>>>>>
>>>>>>>>> vm with openvswitch+KVM can not access extranal network, can ping gateway
>>>>>>>>>
>>>>>>>>> Cloudstack4.1.1
>>>>>>>>> A: one kvm host ubuntu12.04 with openvswitch,
>>>>>>>>> B: xen server6.0,
>>>>>>>>> C: one kvm host centos with openvswitch
>>>>>>>>>
>>>>>>>>> in cloudstack have two network.
>>>>>>>>> Guestvlan301 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all
>>>>>>>>> Guestvlan300 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ①:vrouter301 run on Xen, Public IP Address 192.168.240.54 Guest IP
>>>>>>>>> Address 192.168.31.1
>>>>>>>>> vm in vlan301 ,can ping gateway 192.168.31.1 and can access
>>>>>>>>> internet. vm can run on kvm or xen, both ok.
>>>>>>>>>
>>>>>>>>> ②:vronter300 run on Kvm with openvswitch, Public IP Address
>>>>>>>>> 192.168.240.53 Guest IP Address 192.168.30.1
>>>>>>>>> vm in vlan300 ,can ping gateway 192.168.30.1, but can not access
>>>>>>>>> internet. vrouter can access internet.
>>>>>>>>>
>>>>>>>>> how to make vm under kvm+openvswitch to access outside network and internet
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> [root@centos-kvm01 libvirt]# ovs-vsctl show
>>>>>>>>> 7cb5f505-7ac1-4403-9f9d-101882ed7bad
>>>>>>>>> Bridge kvmmgt
>>>>>>>>> Port kvmmgt
>>>>>>>>> Interface kvmmgt
>>>>>>>>> type: internal
>>>>>>>>> Port "eth0"
>>>>>>>>> Interface "eth0"
>>>>>>>>> Bridge "cloudbr0"
>>>>>>>>> Port "cloudbr0"
>>>>>>>>> Interface "cloudbr0"
>>>>>>>>> type: internal
>>>>>>>>> Port "eth1"
>>>>>>>>> Interface "eth1" ## Eth1 uplink port is Esxi
>>>>>>>>> vswitch in promiscuous mode, Xen server Eth1 uplink this too, can
>>>>>>>>> work fine ; Kvm use native bridge work fine too.
>>>>>>>>> Port "vnet3"
>>>>>>>>> tag: 240
>>>>>>>>> Interface "vnet3"
>>>>>>>>> Port "vnet0"
>>>>>>>>> tag: 301
>>>>>>>>> Interface "vnet0"
>>>>>>>>> Port "vnet1"
>>>>>>>>> tag: 300
>>>>>>>>> Interface "vnet1"
>>>>>>>>> Port "vnet4"
>>>>>>>>> tag: 240
>>>>>>>>> Interface "vnet4"
>>>>>>>>> Bridge "cloud0"
>>>>>>>>> Port "cloud0"
>>>>>>>>> Interface "cloud0"
>>>>>>>>> type: internal
>>>>>>>>> Port "vnet2"
>>>>>>>>> Interface "vnet2"
>>>>>>>>> Bridge storage
>>>>>>>>> Port "eth2"
>>>>>>>>> Interface "eth2"
>>>>>>>>> Port storage
>>>>>>>>> Interface storage
>>>>>>>>> type: internal
>>>>>>>>> ovs_version: "1.10.0"
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> i do the test,
>>>>>>>>> one VM 192.168.30.90 run ping 192.168.123.1
>>>>>>>>> vrouter 192.168.30.1(outside IP 192.168.240.53 vlan 240) run ping
>>>>>>>>> www.google.com
>>>>>>>>>
>>>>>>>>> [root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 30.90
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> in_port(9),eth(src=02:00:07:94:00:09,dst=02:00:3c:30:00:06),eth_type(0x0806),arp(sip=192.168.30.1,tip=192.168.30.90,op=2,sha=02:00:07:94:00:09,tha=02:00:3c:30:00:06),
>>>>>>>>> packets:0, bytes:0, used:never, actions:push_vlan(vid=300,pcp=0),5
>>>>>>>>>
>>>>>>>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=63,frag=no),icmp(type=8,code=0),
>>>>>>>>> packets:5855, bytes:573790, used:0.810s,
>>>>>>>>> actions:push_vlan(vid=240,pcp=0),5
>>>>>>>>>
>>>>>>>>> in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.30.90,tip=192.168.30.1,op=1,sha=02:00:3c:30:00:06,tha=00:00:00:00:00:00)),
>>>>>>>>> packets:0, bytes:0, used:never, actions:pop_vlan,9
>>>>>>>>>
>>>>>>>>> in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0)),
>>>>>>>>> packets:5855, bytes:597210, used:0.809s, actions:pop_vlan,9
>>>>>>>>>
>>>>>>>>> ###### actions:push_vlan(vid=240,pcp=0),5 , this is maybe have
>>>>>>>>> some problem !!!!!!! is it??
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> [root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 240.53
>>>>>>>>>
>>>>>>>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.240.53,dst=74.125.128.105,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0),
>>>>>>>>> packets:6167, bytes:604366, used:0.486s,
>>>>>>>>> actions:push_vlan(vid=240,pcp=0),5
>>>>>>>>>
>>>>>>>>> in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.240.1,tip=192.168.240.53,op=1,sha=00:50:56:97:5c:55,tha=00:00:00:00:00:00)),
>>>>>>>>> packets:0, bytes:0, used:never, actions:pop_vlan,11
>>>>>>>>>
>>>>>>>>> in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0800),ipv4(src=74.125.128.105,dst=192.168.240.53,proto=1,tos=0,ttl=49,frag=no),icmp(type=0,code=0)),
>>>>>>>>> packets:6059, bytes:618018, used:0.450s, actions:pop_vlan,11
>>>>>>>>>
>>>>>>>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0806),arp(sip=192.168.240.53,tip=192.168.240.1,op=2,sha=06:28:b6:00:01:20,tha=00:50:56:97:5c:55),
>>>>>>>>> packets:0, bytes:0, used:never, actions:push_vlan(vid=240,pcp=0),5
>>>>>>>>>
Re: vm with Cloudstack+openvswitch+KVM can not access extranal
network, can ping gateway
Posted by 不坏阿峰 <on...@gmail.com>.
vrouter run on Xen host, is ok. or run kvm host without ovs ,working too
2013/8/27 Daan Hoogland <da...@gmail.com>:
> That would seem to be a bug. Can you migrate the router to a xen host
> to see it working again?
>
> On Tue, Aug 27, 2013 at 4:57 PM, 不坏阿峰 <on...@gmail.com> wrote:
>> this is different.
>>
>> i have configed the Engress rules, so that vm(run on KVM+OVS host)
>> can access external&internet when vrouter run on Xen.
>> but when vrouter run on KVM+OVS host , vm(run on KVM+OVS host) can
>> not access external network.
>>
>>
>> 2013/8/27 Daan Hoogland <da...@gmail.com>:
>>> Feng,
>>>
>>> Did you solve this mail along with the other one you send? It seems
>>> like the same question.
>>>
>>> regards,
>>> Daan
>>>
>>> On Tue, Aug 27, 2013 at 4:26 PM, 不坏阿峰 <on...@gmail.com> wrote:
>>>> wish some expert come to help me.~~`
>>>>
>>>> 2013/8/24 不坏阿峰 <on...@gmail.com>:
>>>>> can someone help?
>>>>>
>>>>> 2013/8/23 不坏阿峰 <on...@gmail.com>:
>>>>>> i did it. Guestvlan300 Isolated 192.168.31.0/24 ,Egress rule,
>>>>>> 0.0.0.0/0 all.
>>>>>> and when i initail vrouter on Xen host, guest host can access
>>>>>> internet. but vroute on kvm+openvswitch Host can not.
>>>>>>
>>>>>> 2013/8/23 Ahmad Emneina <ae...@gmail.com>:
>>>>>>> I believe you have to create an egress networking rule to allow for vm's to
>>>>>>> reach the internet.
>>>>>>>
>>>>>>>
>>>>>>> On Thu, Aug 22, 2013 at 7:53 PM, 不坏阿峰 <on...@gmail.com> wrote:
>>>>>>>
>>>>>>>> vm with openvswitch+KVM can not access extranal network, can ping gateway
>>>>>>>>
>>>>>>>> Cloudstack4.1.1
>>>>>>>> A: one kvm host ubuntu12.04 with openvswitch,
>>>>>>>> B: xen server6.0,
>>>>>>>> C: one kvm host centos with openvswitch
>>>>>>>>
>>>>>>>> in cloudstack have two network.
>>>>>>>> Guestvlan301 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all
>>>>>>>> Guestvlan300 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all
>>>>>>>>
>>>>>>>>
>>>>>>>> ①:vrouter301 run on Xen, Public IP Address 192.168.240.54 Guest IP
>>>>>>>> Address 192.168.31.1
>>>>>>>> vm in vlan301 ,can ping gateway 192.168.31.1 and can access
>>>>>>>> internet. vm can run on kvm or xen, both ok.
>>>>>>>>
>>>>>>>> ②:vronter300 run on Kvm with openvswitch, Public IP Address
>>>>>>>> 192.168.240.53 Guest IP Address 192.168.30.1
>>>>>>>> vm in vlan300 ,can ping gateway 192.168.30.1, but can not access
>>>>>>>> internet. vrouter can access internet.
>>>>>>>>
>>>>>>>> how to make vm under kvm+openvswitch to access outside network and internet
>>>>>>>>
>>>>>>>>
>>>>>>>> [root@centos-kvm01 libvirt]# ovs-vsctl show
>>>>>>>> 7cb5f505-7ac1-4403-9f9d-101882ed7bad
>>>>>>>> Bridge kvmmgt
>>>>>>>> Port kvmmgt
>>>>>>>> Interface kvmmgt
>>>>>>>> type: internal
>>>>>>>> Port "eth0"
>>>>>>>> Interface "eth0"
>>>>>>>> Bridge "cloudbr0"
>>>>>>>> Port "cloudbr0"
>>>>>>>> Interface "cloudbr0"
>>>>>>>> type: internal
>>>>>>>> Port "eth1"
>>>>>>>> Interface "eth1" ## Eth1 uplink port is Esxi
>>>>>>>> vswitch in promiscuous mode, Xen server Eth1 uplink this too, can
>>>>>>>> work fine ; Kvm use native bridge work fine too.
>>>>>>>> Port "vnet3"
>>>>>>>> tag: 240
>>>>>>>> Interface "vnet3"
>>>>>>>> Port "vnet0"
>>>>>>>> tag: 301
>>>>>>>> Interface "vnet0"
>>>>>>>> Port "vnet1"
>>>>>>>> tag: 300
>>>>>>>> Interface "vnet1"
>>>>>>>> Port "vnet4"
>>>>>>>> tag: 240
>>>>>>>> Interface "vnet4"
>>>>>>>> Bridge "cloud0"
>>>>>>>> Port "cloud0"
>>>>>>>> Interface "cloud0"
>>>>>>>> type: internal
>>>>>>>> Port "vnet2"
>>>>>>>> Interface "vnet2"
>>>>>>>> Bridge storage
>>>>>>>> Port "eth2"
>>>>>>>> Interface "eth2"
>>>>>>>> Port storage
>>>>>>>> Interface storage
>>>>>>>> type: internal
>>>>>>>> ovs_version: "1.10.0"
>>>>>>>>
>>>>>>>>
>>>>>>>> i do the test,
>>>>>>>> one VM 192.168.30.90 run ping 192.168.123.1
>>>>>>>> vrouter 192.168.30.1(outside IP 192.168.240.53 vlan 240) run ping
>>>>>>>> www.google.com
>>>>>>>>
>>>>>>>> [root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 30.90
>>>>>>>>
>>>>>>>>
>>>>>>>> in_port(9),eth(src=02:00:07:94:00:09,dst=02:00:3c:30:00:06),eth_type(0x0806),arp(sip=192.168.30.1,tip=192.168.30.90,op=2,sha=02:00:07:94:00:09,tha=02:00:3c:30:00:06),
>>>>>>>> packets:0, bytes:0, used:never, actions:push_vlan(vid=300,pcp=0),5
>>>>>>>>
>>>>>>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=63,frag=no),icmp(type=8,code=0),
>>>>>>>> packets:5855, bytes:573790, used:0.810s,
>>>>>>>> actions:push_vlan(vid=240,pcp=0),5
>>>>>>>>
>>>>>>>> in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.30.90,tip=192.168.30.1,op=1,sha=02:00:3c:30:00:06,tha=00:00:00:00:00:00)),
>>>>>>>> packets:0, bytes:0, used:never, actions:pop_vlan,9
>>>>>>>>
>>>>>>>> in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0)),
>>>>>>>> packets:5855, bytes:597210, used:0.809s, actions:pop_vlan,9
>>>>>>>>
>>>>>>>> ###### actions:push_vlan(vid=240,pcp=0),5 , this is maybe have
>>>>>>>> some problem !!!!!!! is it??
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> [root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 240.53
>>>>>>>>
>>>>>>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.240.53,dst=74.125.128.105,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0),
>>>>>>>> packets:6167, bytes:604366, used:0.486s,
>>>>>>>> actions:push_vlan(vid=240,pcp=0),5
>>>>>>>>
>>>>>>>> in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.240.1,tip=192.168.240.53,op=1,sha=00:50:56:97:5c:55,tha=00:00:00:00:00:00)),
>>>>>>>> packets:0, bytes:0, used:never, actions:pop_vlan,11
>>>>>>>>
>>>>>>>> in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0800),ipv4(src=74.125.128.105,dst=192.168.240.53,proto=1,tos=0,ttl=49,frag=no),icmp(type=0,code=0)),
>>>>>>>> packets:6059, bytes:618018, used:0.450s, actions:pop_vlan,11
>>>>>>>>
>>>>>>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0806),arp(sip=192.168.240.53,tip=192.168.240.1,op=2,sha=06:28:b6:00:01:20,tha=00:50:56:97:5c:55),
>>>>>>>> packets:0, bytes:0, used:never, actions:push_vlan(vid=240,pcp=0),5
>>>>>>>>
Re: vm with Cloudstack+openvswitch+KVM can not access extranal
network, can ping gateway
Posted by Daan Hoogland <da...@gmail.com>.
That would seem to be a bug. Can you migrate the router to a xen host
to see it working again?
On Tue, Aug 27, 2013 at 4:57 PM, 不坏阿峰 <on...@gmail.com> wrote:
> this is different.
>
> i have configed the Engress rules, so that vm(run on KVM+OVS host)
> can access external&internet when vrouter run on Xen.
> but when vrouter run on KVM+OVS host , vm(run on KVM+OVS host) can
> not access external network.
>
>
> 2013/8/27 Daan Hoogland <da...@gmail.com>:
>> Feng,
>>
>> Did you solve this mail along with the other one you send? It seems
>> like the same question.
>>
>> regards,
>> Daan
>>
>> On Tue, Aug 27, 2013 at 4:26 PM, 不坏阿峰 <on...@gmail.com> wrote:
>>> wish some expert come to help me.~~`
>>>
>>> 2013/8/24 不坏阿峰 <on...@gmail.com>:
>>>> can someone help?
>>>>
>>>> 2013/8/23 不坏阿峰 <on...@gmail.com>:
>>>>> i did it. Guestvlan300 Isolated 192.168.31.0/24 ,Egress rule,
>>>>> 0.0.0.0/0 all.
>>>>> and when i initail vrouter on Xen host, guest host can access
>>>>> internet. but vroute on kvm+openvswitch Host can not.
>>>>>
>>>>> 2013/8/23 Ahmad Emneina <ae...@gmail.com>:
>>>>>> I believe you have to create an egress networking rule to allow for vm's to
>>>>>> reach the internet.
>>>>>>
>>>>>>
>>>>>> On Thu, Aug 22, 2013 at 7:53 PM, 不坏阿峰 <on...@gmail.com> wrote:
>>>>>>
>>>>>>> vm with openvswitch+KVM can not access extranal network, can ping gateway
>>>>>>>
>>>>>>> Cloudstack4.1.1
>>>>>>> A: one kvm host ubuntu12.04 with openvswitch,
>>>>>>> B: xen server6.0,
>>>>>>> C: one kvm host centos with openvswitch
>>>>>>>
>>>>>>> in cloudstack have two network.
>>>>>>> Guestvlan301 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all
>>>>>>> Guestvlan300 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all
>>>>>>>
>>>>>>>
>>>>>>> ①:vrouter301 run on Xen, Public IP Address 192.168.240.54 Guest IP
>>>>>>> Address 192.168.31.1
>>>>>>> vm in vlan301 ,can ping gateway 192.168.31.1 and can access
>>>>>>> internet. vm can run on kvm or xen, both ok.
>>>>>>>
>>>>>>> ②:vronter300 run on Kvm with openvswitch, Public IP Address
>>>>>>> 192.168.240.53 Guest IP Address 192.168.30.1
>>>>>>> vm in vlan300 ,can ping gateway 192.168.30.1, but can not access
>>>>>>> internet. vrouter can access internet.
>>>>>>>
>>>>>>> how to make vm under kvm+openvswitch to access outside network and internet
>>>>>>>
>>>>>>>
>>>>>>> [root@centos-kvm01 libvirt]# ovs-vsctl show
>>>>>>> 7cb5f505-7ac1-4403-9f9d-101882ed7bad
>>>>>>> Bridge kvmmgt
>>>>>>> Port kvmmgt
>>>>>>> Interface kvmmgt
>>>>>>> type: internal
>>>>>>> Port "eth0"
>>>>>>> Interface "eth0"
>>>>>>> Bridge "cloudbr0"
>>>>>>> Port "cloudbr0"
>>>>>>> Interface "cloudbr0"
>>>>>>> type: internal
>>>>>>> Port "eth1"
>>>>>>> Interface "eth1" ## Eth1 uplink port is Esxi
>>>>>>> vswitch in promiscuous mode, Xen server Eth1 uplink this too, can
>>>>>>> work fine ; Kvm use native bridge work fine too.
>>>>>>> Port "vnet3"
>>>>>>> tag: 240
>>>>>>> Interface "vnet3"
>>>>>>> Port "vnet0"
>>>>>>> tag: 301
>>>>>>> Interface "vnet0"
>>>>>>> Port "vnet1"
>>>>>>> tag: 300
>>>>>>> Interface "vnet1"
>>>>>>> Port "vnet4"
>>>>>>> tag: 240
>>>>>>> Interface "vnet4"
>>>>>>> Bridge "cloud0"
>>>>>>> Port "cloud0"
>>>>>>> Interface "cloud0"
>>>>>>> type: internal
>>>>>>> Port "vnet2"
>>>>>>> Interface "vnet2"
>>>>>>> Bridge storage
>>>>>>> Port "eth2"
>>>>>>> Interface "eth2"
>>>>>>> Port storage
>>>>>>> Interface storage
>>>>>>> type: internal
>>>>>>> ovs_version: "1.10.0"
>>>>>>>
>>>>>>>
>>>>>>> i do the test,
>>>>>>> one VM 192.168.30.90 run ping 192.168.123.1
>>>>>>> vrouter 192.168.30.1(outside IP 192.168.240.53 vlan 240) run ping
>>>>>>> www.google.com
>>>>>>>
>>>>>>> [root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 30.90
>>>>>>>
>>>>>>>
>>>>>>> in_port(9),eth(src=02:00:07:94:00:09,dst=02:00:3c:30:00:06),eth_type(0x0806),arp(sip=192.168.30.1,tip=192.168.30.90,op=2,sha=02:00:07:94:00:09,tha=02:00:3c:30:00:06),
>>>>>>> packets:0, bytes:0, used:never, actions:push_vlan(vid=300,pcp=0),5
>>>>>>>
>>>>>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=63,frag=no),icmp(type=8,code=0),
>>>>>>> packets:5855, bytes:573790, used:0.810s,
>>>>>>> actions:push_vlan(vid=240,pcp=0),5
>>>>>>>
>>>>>>> in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.30.90,tip=192.168.30.1,op=1,sha=02:00:3c:30:00:06,tha=00:00:00:00:00:00)),
>>>>>>> packets:0, bytes:0, used:never, actions:pop_vlan,9
>>>>>>>
>>>>>>> in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0)),
>>>>>>> packets:5855, bytes:597210, used:0.809s, actions:pop_vlan,9
>>>>>>>
>>>>>>> ###### actions:push_vlan(vid=240,pcp=0),5 , this is maybe have
>>>>>>> some problem !!!!!!! is it??
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> [root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 240.53
>>>>>>>
>>>>>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.240.53,dst=74.125.128.105,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0),
>>>>>>> packets:6167, bytes:604366, used:0.486s,
>>>>>>> actions:push_vlan(vid=240,pcp=0),5
>>>>>>>
>>>>>>> in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.240.1,tip=192.168.240.53,op=1,sha=00:50:56:97:5c:55,tha=00:00:00:00:00:00)),
>>>>>>> packets:0, bytes:0, used:never, actions:pop_vlan,11
>>>>>>>
>>>>>>> in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0800),ipv4(src=74.125.128.105,dst=192.168.240.53,proto=1,tos=0,ttl=49,frag=no),icmp(type=0,code=0)),
>>>>>>> packets:6059, bytes:618018, used:0.450s, actions:pop_vlan,11
>>>>>>>
>>>>>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0806),arp(sip=192.168.240.53,tip=192.168.240.1,op=2,sha=06:28:b6:00:01:20,tha=00:50:56:97:5c:55),
>>>>>>> packets:0, bytes:0, used:never, actions:push_vlan(vid=240,pcp=0),5
>>>>>>>
Re: vm with Cloudstack+openvswitch+KVM can not access extranal
network, can ping gateway
Posted by 不坏阿峰 <on...@gmail.com>.
this is different.
i have configed the Engress rules, so that vm(run on KVM+OVS host)
can access external&internet when vrouter run on Xen.
but when vrouter run on KVM+OVS host , vm(run on KVM+OVS host) can
not access external network.
2013/8/27 Daan Hoogland <da...@gmail.com>:
> Feng,
>
> Did you solve this mail along with the other one you send? It seems
> like the same question.
>
> regards,
> Daan
>
> On Tue, Aug 27, 2013 at 4:26 PM, 不坏阿峰 <on...@gmail.com> wrote:
>> wish some expert come to help me.~~`
>>
>> 2013/8/24 不坏阿峰 <on...@gmail.com>:
>>> can someone help?
>>>
>>> 2013/8/23 不坏阿峰 <on...@gmail.com>:
>>>> i did it. Guestvlan300 Isolated 192.168.31.0/24 ,Egress rule,
>>>> 0.0.0.0/0 all.
>>>> and when i initail vrouter on Xen host, guest host can access
>>>> internet. but vroute on kvm+openvswitch Host can not.
>>>>
>>>> 2013/8/23 Ahmad Emneina <ae...@gmail.com>:
>>>>> I believe you have to create an egress networking rule to allow for vm's to
>>>>> reach the internet.
>>>>>
>>>>>
>>>>> On Thu, Aug 22, 2013 at 7:53 PM, 不坏阿峰 <on...@gmail.com> wrote:
>>>>>
>>>>>> vm with openvswitch+KVM can not access extranal network, can ping gateway
>>>>>>
>>>>>> Cloudstack4.1.1
>>>>>> A: one kvm host ubuntu12.04 with openvswitch,
>>>>>> B: xen server6.0,
>>>>>> C: one kvm host centos with openvswitch
>>>>>>
>>>>>> in cloudstack have two network.
>>>>>> Guestvlan301 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all
>>>>>> Guestvlan300 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all
>>>>>>
>>>>>>
>>>>>> ①:vrouter301 run on Xen, Public IP Address 192.168.240.54 Guest IP
>>>>>> Address 192.168.31.1
>>>>>> vm in vlan301 ,can ping gateway 192.168.31.1 and can access
>>>>>> internet. vm can run on kvm or xen, both ok.
>>>>>>
>>>>>> ②:vronter300 run on Kvm with openvswitch, Public IP Address
>>>>>> 192.168.240.53 Guest IP Address 192.168.30.1
>>>>>> vm in vlan300 ,can ping gateway 192.168.30.1, but can not access
>>>>>> internet. vrouter can access internet.
>>>>>>
>>>>>> how to make vm under kvm+openvswitch to access outside network and internet
>>>>>>
>>>>>>
>>>>>> [root@centos-kvm01 libvirt]# ovs-vsctl show
>>>>>> 7cb5f505-7ac1-4403-9f9d-101882ed7bad
>>>>>> Bridge kvmmgt
>>>>>> Port kvmmgt
>>>>>> Interface kvmmgt
>>>>>> type: internal
>>>>>> Port "eth0"
>>>>>> Interface "eth0"
>>>>>> Bridge "cloudbr0"
>>>>>> Port "cloudbr0"
>>>>>> Interface "cloudbr0"
>>>>>> type: internal
>>>>>> Port "eth1"
>>>>>> Interface "eth1" ## Eth1 uplink port is Esxi
>>>>>> vswitch in promiscuous mode, Xen server Eth1 uplink this too, can
>>>>>> work fine ; Kvm use native bridge work fine too.
>>>>>> Port "vnet3"
>>>>>> tag: 240
>>>>>> Interface "vnet3"
>>>>>> Port "vnet0"
>>>>>> tag: 301
>>>>>> Interface "vnet0"
>>>>>> Port "vnet1"
>>>>>> tag: 300
>>>>>> Interface "vnet1"
>>>>>> Port "vnet4"
>>>>>> tag: 240
>>>>>> Interface "vnet4"
>>>>>> Bridge "cloud0"
>>>>>> Port "cloud0"
>>>>>> Interface "cloud0"
>>>>>> type: internal
>>>>>> Port "vnet2"
>>>>>> Interface "vnet2"
>>>>>> Bridge storage
>>>>>> Port "eth2"
>>>>>> Interface "eth2"
>>>>>> Port storage
>>>>>> Interface storage
>>>>>> type: internal
>>>>>> ovs_version: "1.10.0"
>>>>>>
>>>>>>
>>>>>> i do the test,
>>>>>> one VM 192.168.30.90 run ping 192.168.123.1
>>>>>> vrouter 192.168.30.1(outside IP 192.168.240.53 vlan 240) run ping
>>>>>> www.google.com
>>>>>>
>>>>>> [root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 30.90
>>>>>>
>>>>>>
>>>>>> in_port(9),eth(src=02:00:07:94:00:09,dst=02:00:3c:30:00:06),eth_type(0x0806),arp(sip=192.168.30.1,tip=192.168.30.90,op=2,sha=02:00:07:94:00:09,tha=02:00:3c:30:00:06),
>>>>>> packets:0, bytes:0, used:never, actions:push_vlan(vid=300,pcp=0),5
>>>>>>
>>>>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=63,frag=no),icmp(type=8,code=0),
>>>>>> packets:5855, bytes:573790, used:0.810s,
>>>>>> actions:push_vlan(vid=240,pcp=0),5
>>>>>>
>>>>>> in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.30.90,tip=192.168.30.1,op=1,sha=02:00:3c:30:00:06,tha=00:00:00:00:00:00)),
>>>>>> packets:0, bytes:0, used:never, actions:pop_vlan,9
>>>>>>
>>>>>> in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0)),
>>>>>> packets:5855, bytes:597210, used:0.809s, actions:pop_vlan,9
>>>>>>
>>>>>> ###### actions:push_vlan(vid=240,pcp=0),5 , this is maybe have
>>>>>> some problem !!!!!!! is it??
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> [root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 240.53
>>>>>>
>>>>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.240.53,dst=74.125.128.105,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0),
>>>>>> packets:6167, bytes:604366, used:0.486s,
>>>>>> actions:push_vlan(vid=240,pcp=0),5
>>>>>>
>>>>>> in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.240.1,tip=192.168.240.53,op=1,sha=00:50:56:97:5c:55,tha=00:00:00:00:00:00)),
>>>>>> packets:0, bytes:0, used:never, actions:pop_vlan,11
>>>>>>
>>>>>> in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0800),ipv4(src=74.125.128.105,dst=192.168.240.53,proto=1,tos=0,ttl=49,frag=no),icmp(type=0,code=0)),
>>>>>> packets:6059, bytes:618018, used:0.450s, actions:pop_vlan,11
>>>>>>
>>>>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0806),arp(sip=192.168.240.53,tip=192.168.240.1,op=2,sha=06:28:b6:00:01:20,tha=00:50:56:97:5c:55),
>>>>>> packets:0, bytes:0, used:never, actions:push_vlan(vid=240,pcp=0),5
>>>>>>
Re: vm with Cloudstack+openvswitch+KVM can not access extranal
network, can ping gateway
Posted by Daan Hoogland <da...@gmail.com>.
Feng,
Did you solve this mail along with the other one you send? It seems
like the same question.
regards,
Daan
On Tue, Aug 27, 2013 at 4:26 PM, 不坏阿峰 <on...@gmail.com> wrote:
> wish some expert come to help me.~~`
>
> 2013/8/24 不坏阿峰 <on...@gmail.com>:
>> can someone help?
>>
>> 2013/8/23 不坏阿峰 <on...@gmail.com>:
>>> i did it. Guestvlan300 Isolated 192.168.31.0/24 ,Egress rule,
>>> 0.0.0.0/0 all.
>>> and when i initail vrouter on Xen host, guest host can access
>>> internet. but vroute on kvm+openvswitch Host can not.
>>>
>>> 2013/8/23 Ahmad Emneina <ae...@gmail.com>:
>>>> I believe you have to create an egress networking rule to allow for vm's to
>>>> reach the internet.
>>>>
>>>>
>>>> On Thu, Aug 22, 2013 at 7:53 PM, 不坏阿峰 <on...@gmail.com> wrote:
>>>>
>>>>> vm with openvswitch+KVM can not access extranal network, can ping gateway
>>>>>
>>>>> Cloudstack4.1.1
>>>>> A: one kvm host ubuntu12.04 with openvswitch,
>>>>> B: xen server6.0,
>>>>> C: one kvm host centos with openvswitch
>>>>>
>>>>> in cloudstack have two network.
>>>>> Guestvlan301 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all
>>>>> Guestvlan300 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all
>>>>>
>>>>>
>>>>> ①:vrouter301 run on Xen, Public IP Address 192.168.240.54 Guest IP
>>>>> Address 192.168.31.1
>>>>> vm in vlan301 ,can ping gateway 192.168.31.1 and can access
>>>>> internet. vm can run on kvm or xen, both ok.
>>>>>
>>>>> ②:vronter300 run on Kvm with openvswitch, Public IP Address
>>>>> 192.168.240.53 Guest IP Address 192.168.30.1
>>>>> vm in vlan300 ,can ping gateway 192.168.30.1, but can not access
>>>>> internet. vrouter can access internet.
>>>>>
>>>>> how to make vm under kvm+openvswitch to access outside network and internet
>>>>>
>>>>>
>>>>> [root@centos-kvm01 libvirt]# ovs-vsctl show
>>>>> 7cb5f505-7ac1-4403-9f9d-101882ed7bad
>>>>> Bridge kvmmgt
>>>>> Port kvmmgt
>>>>> Interface kvmmgt
>>>>> type: internal
>>>>> Port "eth0"
>>>>> Interface "eth0"
>>>>> Bridge "cloudbr0"
>>>>> Port "cloudbr0"
>>>>> Interface "cloudbr0"
>>>>> type: internal
>>>>> Port "eth1"
>>>>> Interface "eth1" ## Eth1 uplink port is Esxi
>>>>> vswitch in promiscuous mode, Xen server Eth1 uplink this too, can
>>>>> work fine ; Kvm use native bridge work fine too.
>>>>> Port "vnet3"
>>>>> tag: 240
>>>>> Interface "vnet3"
>>>>> Port "vnet0"
>>>>> tag: 301
>>>>> Interface "vnet0"
>>>>> Port "vnet1"
>>>>> tag: 300
>>>>> Interface "vnet1"
>>>>> Port "vnet4"
>>>>> tag: 240
>>>>> Interface "vnet4"
>>>>> Bridge "cloud0"
>>>>> Port "cloud0"
>>>>> Interface "cloud0"
>>>>> type: internal
>>>>> Port "vnet2"
>>>>> Interface "vnet2"
>>>>> Bridge storage
>>>>> Port "eth2"
>>>>> Interface "eth2"
>>>>> Port storage
>>>>> Interface storage
>>>>> type: internal
>>>>> ovs_version: "1.10.0"
>>>>>
>>>>>
>>>>> i do the test,
>>>>> one VM 192.168.30.90 run ping 192.168.123.1
>>>>> vrouter 192.168.30.1(outside IP 192.168.240.53 vlan 240) run ping
>>>>> www.google.com
>>>>>
>>>>> [root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 30.90
>>>>>
>>>>>
>>>>> in_port(9),eth(src=02:00:07:94:00:09,dst=02:00:3c:30:00:06),eth_type(0x0806),arp(sip=192.168.30.1,tip=192.168.30.90,op=2,sha=02:00:07:94:00:09,tha=02:00:3c:30:00:06),
>>>>> packets:0, bytes:0, used:never, actions:push_vlan(vid=300,pcp=0),5
>>>>>
>>>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=63,frag=no),icmp(type=8,code=0),
>>>>> packets:5855, bytes:573790, used:0.810s,
>>>>> actions:push_vlan(vid=240,pcp=0),5
>>>>>
>>>>> in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.30.90,tip=192.168.30.1,op=1,sha=02:00:3c:30:00:06,tha=00:00:00:00:00:00)),
>>>>> packets:0, bytes:0, used:never, actions:pop_vlan,9
>>>>>
>>>>> in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0)),
>>>>> packets:5855, bytes:597210, used:0.809s, actions:pop_vlan,9
>>>>>
>>>>> ###### actions:push_vlan(vid=240,pcp=0),5 , this is maybe have
>>>>> some problem !!!!!!! is it??
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> [root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 240.53
>>>>>
>>>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.240.53,dst=74.125.128.105,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0),
>>>>> packets:6167, bytes:604366, used:0.486s,
>>>>> actions:push_vlan(vid=240,pcp=0),5
>>>>>
>>>>> in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.240.1,tip=192.168.240.53,op=1,sha=00:50:56:97:5c:55,tha=00:00:00:00:00:00)),
>>>>> packets:0, bytes:0, used:never, actions:pop_vlan,11
>>>>>
>>>>> in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0800),ipv4(src=74.125.128.105,dst=192.168.240.53,proto=1,tos=0,ttl=49,frag=no),icmp(type=0,code=0)),
>>>>> packets:6059, bytes:618018, used:0.450s, actions:pop_vlan,11
>>>>>
>>>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0806),arp(sip=192.168.240.53,tip=192.168.240.1,op=2,sha=06:28:b6:00:01:20,tha=00:50:56:97:5c:55),
>>>>> packets:0, bytes:0, used:never, actions:push_vlan(vid=240,pcp=0),5
>>>>>
Re: vm with Cloudstack+openvswitch+KVM can not access extranal
network, can ping gateway
Posted by 不坏阿峰 <on...@gmail.com>.
wish some expert come to help me.~~`
2013/8/24 不坏阿峰 <on...@gmail.com>:
> can someone help?
>
> 2013/8/23 不坏阿峰 <on...@gmail.com>:
>> i did it. Guestvlan300 Isolated 192.168.31.0/24 ,Egress rule,
>> 0.0.0.0/0 all.
>> and when i initail vrouter on Xen host, guest host can access
>> internet. but vroute on kvm+openvswitch Host can not.
>>
>> 2013/8/23 Ahmad Emneina <ae...@gmail.com>:
>>> I believe you have to create an egress networking rule to allow for vm's to
>>> reach the internet.
>>>
>>>
>>> On Thu, Aug 22, 2013 at 7:53 PM, 不坏阿峰 <on...@gmail.com> wrote:
>>>
>>>> vm with openvswitch+KVM can not access extranal network, can ping gateway
>>>>
>>>> Cloudstack4.1.1
>>>> A: one kvm host ubuntu12.04 with openvswitch,
>>>> B: xen server6.0,
>>>> C: one kvm host centos with openvswitch
>>>>
>>>> in cloudstack have two network.
>>>> Guestvlan301 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all
>>>> Guestvlan300 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all
>>>>
>>>>
>>>> ①:vrouter301 run on Xen, Public IP Address 192.168.240.54 Guest IP
>>>> Address 192.168.31.1
>>>> vm in vlan301 ,can ping gateway 192.168.31.1 and can access
>>>> internet. vm can run on kvm or xen, both ok.
>>>>
>>>> ②:vronter300 run on Kvm with openvswitch, Public IP Address
>>>> 192.168.240.53 Guest IP Address 192.168.30.1
>>>> vm in vlan300 ,can ping gateway 192.168.30.1, but can not access
>>>> internet. vrouter can access internet.
>>>>
>>>> how to make vm under kvm+openvswitch to access outside network and internet
>>>>
>>>>
>>>> [root@centos-kvm01 libvirt]# ovs-vsctl show
>>>> 7cb5f505-7ac1-4403-9f9d-101882ed7bad
>>>> Bridge kvmmgt
>>>> Port kvmmgt
>>>> Interface kvmmgt
>>>> type: internal
>>>> Port "eth0"
>>>> Interface "eth0"
>>>> Bridge "cloudbr0"
>>>> Port "cloudbr0"
>>>> Interface "cloudbr0"
>>>> type: internal
>>>> Port "eth1"
>>>> Interface "eth1" ## Eth1 uplink port is Esxi
>>>> vswitch in promiscuous mode, Xen server Eth1 uplink this too, can
>>>> work fine ; Kvm use native bridge work fine too.
>>>> Port "vnet3"
>>>> tag: 240
>>>> Interface "vnet3"
>>>> Port "vnet0"
>>>> tag: 301
>>>> Interface "vnet0"
>>>> Port "vnet1"
>>>> tag: 300
>>>> Interface "vnet1"
>>>> Port "vnet4"
>>>> tag: 240
>>>> Interface "vnet4"
>>>> Bridge "cloud0"
>>>> Port "cloud0"
>>>> Interface "cloud0"
>>>> type: internal
>>>> Port "vnet2"
>>>> Interface "vnet2"
>>>> Bridge storage
>>>> Port "eth2"
>>>> Interface "eth2"
>>>> Port storage
>>>> Interface storage
>>>> type: internal
>>>> ovs_version: "1.10.0"
>>>>
>>>>
>>>> i do the test,
>>>> one VM 192.168.30.90 run ping 192.168.123.1
>>>> vrouter 192.168.30.1(outside IP 192.168.240.53 vlan 240) run ping
>>>> www.google.com
>>>>
>>>> [root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 30.90
>>>>
>>>>
>>>> in_port(9),eth(src=02:00:07:94:00:09,dst=02:00:3c:30:00:06),eth_type(0x0806),arp(sip=192.168.30.1,tip=192.168.30.90,op=2,sha=02:00:07:94:00:09,tha=02:00:3c:30:00:06),
>>>> packets:0, bytes:0, used:never, actions:push_vlan(vid=300,pcp=0),5
>>>>
>>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=63,frag=no),icmp(type=8,code=0),
>>>> packets:5855, bytes:573790, used:0.810s,
>>>> actions:push_vlan(vid=240,pcp=0),5
>>>>
>>>> in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.30.90,tip=192.168.30.1,op=1,sha=02:00:3c:30:00:06,tha=00:00:00:00:00:00)),
>>>> packets:0, bytes:0, used:never, actions:pop_vlan,9
>>>>
>>>> in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0)),
>>>> packets:5855, bytes:597210, used:0.809s, actions:pop_vlan,9
>>>>
>>>> ###### actions:push_vlan(vid=240,pcp=0),5 , this is maybe have
>>>> some problem !!!!!!! is it??
>>>>
>>>>
>>>>
>>>>
>>>> [root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 240.53
>>>>
>>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.240.53,dst=74.125.128.105,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0),
>>>> packets:6167, bytes:604366, used:0.486s,
>>>> actions:push_vlan(vid=240,pcp=0),5
>>>>
>>>> in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.240.1,tip=192.168.240.53,op=1,sha=00:50:56:97:5c:55,tha=00:00:00:00:00:00)),
>>>> packets:0, bytes:0, used:never, actions:pop_vlan,11
>>>>
>>>> in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0800),ipv4(src=74.125.128.105,dst=192.168.240.53,proto=1,tos=0,ttl=49,frag=no),icmp(type=0,code=0)),
>>>> packets:6059, bytes:618018, used:0.450s, actions:pop_vlan,11
>>>>
>>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0806),arp(sip=192.168.240.53,tip=192.168.240.1,op=2,sha=06:28:b6:00:01:20,tha=00:50:56:97:5c:55),
>>>> packets:0, bytes:0, used:never, actions:push_vlan(vid=240,pcp=0),5
>>>>
Re: vm with Cloudstack+openvswitch+KVM can not access extranal
network, can ping gateway
Posted by 不坏阿峰 <on...@gmail.com>.
can someone help?
2013/8/23 不坏阿峰 <on...@gmail.com>:
> i did it. Guestvlan300 Isolated 192.168.31.0/24 ,Egress rule,
> 0.0.0.0/0 all.
> and when i initail vrouter on Xen host, guest host can access
> internet. but vroute on kvm+openvswitch Host can not.
>
> 2013/8/23 Ahmad Emneina <ae...@gmail.com>:
>> I believe you have to create an egress networking rule to allow for vm's to
>> reach the internet.
>>
>>
>> On Thu, Aug 22, 2013 at 7:53 PM, 不坏阿峰 <on...@gmail.com> wrote:
>>
>>> vm with openvswitch+KVM can not access extranal network, can ping gateway
>>>
>>> Cloudstack4.1.1
>>> A: one kvm host ubuntu12.04 with openvswitch,
>>> B: xen server6.0,
>>> C: one kvm host centos with openvswitch
>>>
>>> in cloudstack have two network.
>>> Guestvlan301 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all
>>> Guestvlan300 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all
>>>
>>>
>>> ①:vrouter301 run on Xen, Public IP Address 192.168.240.54 Guest IP
>>> Address 192.168.31.1
>>> vm in vlan301 ,can ping gateway 192.168.31.1 and can access
>>> internet. vm can run on kvm or xen, both ok.
>>>
>>> ②:vronter300 run on Kvm with openvswitch, Public IP Address
>>> 192.168.240.53 Guest IP Address 192.168.30.1
>>> vm in vlan300 ,can ping gateway 192.168.30.1, but can not access
>>> internet. vrouter can access internet.
>>>
>>> how to make vm under kvm+openvswitch to access outside network and internet
>>>
>>>
>>> [root@centos-kvm01 libvirt]# ovs-vsctl show
>>> 7cb5f505-7ac1-4403-9f9d-101882ed7bad
>>> Bridge kvmmgt
>>> Port kvmmgt
>>> Interface kvmmgt
>>> type: internal
>>> Port "eth0"
>>> Interface "eth0"
>>> Bridge "cloudbr0"
>>> Port "cloudbr0"
>>> Interface "cloudbr0"
>>> type: internal
>>> Port "eth1"
>>> Interface "eth1" ## Eth1 uplink port is Esxi
>>> vswitch in promiscuous mode, Xen server Eth1 uplink this too, can
>>> work fine ; Kvm use native bridge work fine too.
>>> Port "vnet3"
>>> tag: 240
>>> Interface "vnet3"
>>> Port "vnet0"
>>> tag: 301
>>> Interface "vnet0"
>>> Port "vnet1"
>>> tag: 300
>>> Interface "vnet1"
>>> Port "vnet4"
>>> tag: 240
>>> Interface "vnet4"
>>> Bridge "cloud0"
>>> Port "cloud0"
>>> Interface "cloud0"
>>> type: internal
>>> Port "vnet2"
>>> Interface "vnet2"
>>> Bridge storage
>>> Port "eth2"
>>> Interface "eth2"
>>> Port storage
>>> Interface storage
>>> type: internal
>>> ovs_version: "1.10.0"
>>>
>>>
>>> i do the test,
>>> one VM 192.168.30.90 run ping 192.168.123.1
>>> vrouter 192.168.30.1(outside IP 192.168.240.53 vlan 240) run ping
>>> www.google.com
>>>
>>> [root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 30.90
>>>
>>>
>>> in_port(9),eth(src=02:00:07:94:00:09,dst=02:00:3c:30:00:06),eth_type(0x0806),arp(sip=192.168.30.1,tip=192.168.30.90,op=2,sha=02:00:07:94:00:09,tha=02:00:3c:30:00:06),
>>> packets:0, bytes:0, used:never, actions:push_vlan(vid=300,pcp=0),5
>>>
>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=63,frag=no),icmp(type=8,code=0),
>>> packets:5855, bytes:573790, used:0.810s,
>>> actions:push_vlan(vid=240,pcp=0),5
>>>
>>> in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.30.90,tip=192.168.30.1,op=1,sha=02:00:3c:30:00:06,tha=00:00:00:00:00:00)),
>>> packets:0, bytes:0, used:never, actions:pop_vlan,9
>>>
>>> in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0)),
>>> packets:5855, bytes:597210, used:0.809s, actions:pop_vlan,9
>>>
>>> ###### actions:push_vlan(vid=240,pcp=0),5 , this is maybe have
>>> some problem !!!!!!! is it??
>>>
>>>
>>>
>>>
>>> [root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 240.53
>>>
>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.240.53,dst=74.125.128.105,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0),
>>> packets:6167, bytes:604366, used:0.486s,
>>> actions:push_vlan(vid=240,pcp=0),5
>>>
>>> in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.240.1,tip=192.168.240.53,op=1,sha=00:50:56:97:5c:55,tha=00:00:00:00:00:00)),
>>> packets:0, bytes:0, used:never, actions:pop_vlan,11
>>>
>>> in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0800),ipv4(src=74.125.128.105,dst=192.168.240.53,proto=1,tos=0,ttl=49,frag=no),icmp(type=0,code=0)),
>>> packets:6059, bytes:618018, used:0.450s, actions:pop_vlan,11
>>>
>>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0806),arp(sip=192.168.240.53,tip=192.168.240.1,op=2,sha=06:28:b6:00:01:20,tha=00:50:56:97:5c:55),
>>> packets:0, bytes:0, used:never, actions:push_vlan(vid=240,pcp=0),5
>>>
Re: vm with Cloudstack+openvswitch+KVM can not access extranal
network, can ping gateway
Posted by 不坏阿峰 <on...@gmail.com>.
i did it. Guestvlan300 Isolated 192.168.31.0/24 ,Egress rule,
0.0.0.0/0 all.
and when i initail vrouter on Xen host, guest host can access
internet. but vroute on kvm+openvswitch Host can not.
2013/8/23 Ahmad Emneina <ae...@gmail.com>:
> I believe you have to create an egress networking rule to allow for vm's to
> reach the internet.
>
>
> On Thu, Aug 22, 2013 at 7:53 PM, 不坏阿峰 <on...@gmail.com> wrote:
>
>> vm with openvswitch+KVM can not access extranal network, can ping gateway
>>
>> Cloudstack4.1.1
>> A: one kvm host ubuntu12.04 with openvswitch,
>> B: xen server6.0,
>> C: one kvm host centos with openvswitch
>>
>> in cloudstack have two network.
>> Guestvlan301 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all
>> Guestvlan300 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all
>>
>>
>> ①:vrouter301 run on Xen, Public IP Address 192.168.240.54 Guest IP
>> Address 192.168.31.1
>> vm in vlan301 ,can ping gateway 192.168.31.1 and can access
>> internet. vm can run on kvm or xen, both ok.
>>
>> ②:vronter300 run on Kvm with openvswitch, Public IP Address
>> 192.168.240.53 Guest IP Address 192.168.30.1
>> vm in vlan300 ,can ping gateway 192.168.30.1, but can not access
>> internet. vrouter can access internet.
>>
>> how to make vm under kvm+openvswitch to access outside network and internet
>>
>>
>> [root@centos-kvm01 libvirt]# ovs-vsctl show
>> 7cb5f505-7ac1-4403-9f9d-101882ed7bad
>> Bridge kvmmgt
>> Port kvmmgt
>> Interface kvmmgt
>> type: internal
>> Port "eth0"
>> Interface "eth0"
>> Bridge "cloudbr0"
>> Port "cloudbr0"
>> Interface "cloudbr0"
>> type: internal
>> Port "eth1"
>> Interface "eth1" ## Eth1 uplink port is Esxi
>> vswitch in promiscuous mode, Xen server Eth1 uplink this too, can
>> work fine ; Kvm use native bridge work fine too.
>> Port "vnet3"
>> tag: 240
>> Interface "vnet3"
>> Port "vnet0"
>> tag: 301
>> Interface "vnet0"
>> Port "vnet1"
>> tag: 300
>> Interface "vnet1"
>> Port "vnet4"
>> tag: 240
>> Interface "vnet4"
>> Bridge "cloud0"
>> Port "cloud0"
>> Interface "cloud0"
>> type: internal
>> Port "vnet2"
>> Interface "vnet2"
>> Bridge storage
>> Port "eth2"
>> Interface "eth2"
>> Port storage
>> Interface storage
>> type: internal
>> ovs_version: "1.10.0"
>>
>>
>> i do the test,
>> one VM 192.168.30.90 run ping 192.168.123.1
>> vrouter 192.168.30.1(outside IP 192.168.240.53 vlan 240) run ping
>> www.google.com
>>
>> [root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 30.90
>>
>>
>> in_port(9),eth(src=02:00:07:94:00:09,dst=02:00:3c:30:00:06),eth_type(0x0806),arp(sip=192.168.30.1,tip=192.168.30.90,op=2,sha=02:00:07:94:00:09,tha=02:00:3c:30:00:06),
>> packets:0, bytes:0, used:never, actions:push_vlan(vid=300,pcp=0),5
>>
>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=63,frag=no),icmp(type=8,code=0),
>> packets:5855, bytes:573790, used:0.810s,
>> actions:push_vlan(vid=240,pcp=0),5
>>
>> in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.30.90,tip=192.168.30.1,op=1,sha=02:00:3c:30:00:06,tha=00:00:00:00:00:00)),
>> packets:0, bytes:0, used:never, actions:pop_vlan,9
>>
>> in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0)),
>> packets:5855, bytes:597210, used:0.809s, actions:pop_vlan,9
>>
>> ###### actions:push_vlan(vid=240,pcp=0),5 , this is maybe have
>> some problem !!!!!!! is it??
>>
>>
>>
>>
>> [root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 240.53
>>
>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.240.53,dst=74.125.128.105,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0),
>> packets:6167, bytes:604366, used:0.486s,
>> actions:push_vlan(vid=240,pcp=0),5
>>
>> in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.240.1,tip=192.168.240.53,op=1,sha=00:50:56:97:5c:55,tha=00:00:00:00:00:00)),
>> packets:0, bytes:0, used:never, actions:pop_vlan,11
>>
>> in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0800),ipv4(src=74.125.128.105,dst=192.168.240.53,proto=1,tos=0,ttl=49,frag=no),icmp(type=0,code=0)),
>> packets:6059, bytes:618018, used:0.450s, actions:pop_vlan,11
>>
>> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0806),arp(sip=192.168.240.53,tip=192.168.240.1,op=2,sha=06:28:b6:00:01:20,tha=00:50:56:97:5c:55),
>> packets:0, bytes:0, used:never, actions:push_vlan(vid=240,pcp=0),5
>>
Re: vm with Cloudstack+openvswitch+KVM can not access extranal
network, can ping gateway
Posted by Ahmad Emneina <ae...@gmail.com>.
I believe you have to create an egress networking rule to allow for vm's to
reach the internet.
On Thu, Aug 22, 2013 at 7:53 PM, 不坏阿峰 <on...@gmail.com> wrote:
> vm with openvswitch+KVM can not access extranal network, can ping gateway
>
> Cloudstack4.1.1
> A: one kvm host ubuntu12.04 with openvswitch,
> B: xen server6.0,
> C: one kvm host centos with openvswitch
>
> in cloudstack have two network.
> Guestvlan301 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all
> Guestvlan300 Isolated 192.168.31.0/24 ,Egress rule, 0.0.0.0/0 all
>
>
> ①:vrouter301 run on Xen, Public IP Address 192.168.240.54 Guest IP
> Address 192.168.31.1
> vm in vlan301 ,can ping gateway 192.168.31.1 and can access
> internet. vm can run on kvm or xen, both ok.
>
> ②:vronter300 run on Kvm with openvswitch, Public IP Address
> 192.168.240.53 Guest IP Address 192.168.30.1
> vm in vlan300 ,can ping gateway 192.168.30.1, but can not access
> internet. vrouter can access internet.
>
> how to make vm under kvm+openvswitch to access outside network and internet
>
>
> [root@centos-kvm01 libvirt]# ovs-vsctl show
> 7cb5f505-7ac1-4403-9f9d-101882ed7bad
> Bridge kvmmgt
> Port kvmmgt
> Interface kvmmgt
> type: internal
> Port "eth0"
> Interface "eth0"
> Bridge "cloudbr0"
> Port "cloudbr0"
> Interface "cloudbr0"
> type: internal
> Port "eth1"
> Interface "eth1" ## Eth1 uplink port is Esxi
> vswitch in promiscuous mode, Xen server Eth1 uplink this too, can
> work fine ; Kvm use native bridge work fine too.
> Port "vnet3"
> tag: 240
> Interface "vnet3"
> Port "vnet0"
> tag: 301
> Interface "vnet0"
> Port "vnet1"
> tag: 300
> Interface "vnet1"
> Port "vnet4"
> tag: 240
> Interface "vnet4"
> Bridge "cloud0"
> Port "cloud0"
> Interface "cloud0"
> type: internal
> Port "vnet2"
> Interface "vnet2"
> Bridge storage
> Port "eth2"
> Interface "eth2"
> Port storage
> Interface storage
> type: internal
> ovs_version: "1.10.0"
>
>
> i do the test,
> one VM 192.168.30.90 run ping 192.168.123.1
> vrouter 192.168.30.1(outside IP 192.168.240.53 vlan 240) run ping
> www.google.com
>
> [root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 30.90
>
>
> in_port(9),eth(src=02:00:07:94:00:09,dst=02:00:3c:30:00:06),eth_type(0x0806),arp(sip=192.168.30.1,tip=192.168.30.90,op=2,sha=02:00:07:94:00:09,tha=02:00:3c:30:00:06),
> packets:0, bytes:0, used:never, actions:push_vlan(vid=300,pcp=0),5
>
> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=63,frag=no),icmp(type=8,code=0),
> packets:5855, bytes:573790, used:0.810s,
> actions:push_vlan(vid=240,pcp=0),5
>
> in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.30.90,tip=192.168.30.1,op=1,sha=02:00:3c:30:00:06,tha=00:00:00:00:00:00)),
> packets:0, bytes:0, used:never, actions:pop_vlan,9
>
> in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0)),
> packets:5855, bytes:597210, used:0.809s, actions:pop_vlan,9
>
> ###### actions:push_vlan(vid=240,pcp=0),5 , this is maybe have
> some problem !!!!!!! is it??
>
>
>
>
> [root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 240.53
>
> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.240.53,dst=74.125.128.105,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0),
> packets:6167, bytes:604366, used:0.486s,
> actions:push_vlan(vid=240,pcp=0),5
>
> in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.240.1,tip=192.168.240.53,op=1,sha=00:50:56:97:5c:55,tha=00:00:00:00:00:00)),
> packets:0, bytes:0, used:never, actions:pop_vlan,11
>
> in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0800),ipv4(src=74.125.128.105,dst=192.168.240.53,proto=1,tos=0,ttl=49,frag=no),icmp(type=0,code=0)),
> packets:6059, bytes:618018, used:0.450s, actions:pop_vlan,11
>
> in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0806),arp(sip=192.168.240.53,tip=192.168.240.1,op=2,sha=06:28:b6:00:01:20,tha=00:50:56:97:5c:55),
> packets:0, bytes:0, used:never, actions:push_vlan(vid=240,pcp=0),5
>
Re: Re: Re: 答复: 4.2.0是不是已经要发布了
Posted by 陈珂 <ch...@ourfuture.cn>.
最近4.2分支的更新已经很多是集中到文档层面了,这是不是要发布的千兆了。有没有人测试部署过。
2013-08-30
陈珂
发件人: 陈珂
发送时间: 2013-08-26 10:30:30
收件人: users-cn
抄送:
主题: Re: Re: 答复: 4.2.0是不是已经要发布了
预计4.1分支还会出新版本么,大概什么时候出。
4.2系列什么时候能发布版本
2013-08-26
陈珂
发件人: Wei ZHOU
发送时间: 2013-08-23 14:18:41
收件人: users-cn
抄送:
主题: Re: 答复: 4.2.0是不是已经要发布了
4.1分支的代码更新已经很少了。
4.2的功能很多,new feature list在
https://issues.apache.org/jira/issues/#?filter=12323963
citrix的committer做了不少自动化测试,这才是做产品啊
在 2013年8月23日下午1:38,陈珂 <ch...@ourfuture.cn>写道:
> 4.1系列的代码还是很活跃的。估计还能再出个4.1.2
> 4.2的新功能有哪些,谁有内幕消息给剧透一下
>
> -----邮件原件-----
> 发件人: Wei ZHOU [mailto:ustcweizhou@gmail.com]
> 发送时间: 2013年8月23日 13:14
> 收件人: users-cn@cloudstack.apache.org
> 主题: Re: 4.2.0是不是已经要发布了
>
> 马上就要出RC1了
>
> 在 13-8-23,陈珂<ch...@ourfuture.cn> 写道:
> >
> > Updating pom.xml version numbers for release 4.2.0
> >
> >
> > 今天cs的git上显示pom的版本号已经从4.2.0-SNAPSHOT改成4.2.0了,这是要发布新
> 版本的节奏么。
> > 2013-08-23
> >
> >
> >
> > 陈珂
> >
>
Re: Re: 答复: 4.2.0是不是已经要发布了
Posted by 陈珂 <ch...@ourfuture.cn>.
预计4.1分支还会出新版本么,大概什么时候出。
4.2系列什么时候能发布版本
2013-08-26
陈珂
发件人: Wei ZHOU
发送时间: 2013-08-23 14:18:41
收件人: users-cn
抄送:
主题: Re: 答复: 4.2.0是不是已经要发布了
4.1分支的代码更新已经很少了。
4.2的功能很多,new feature list在
https://issues.apache.org/jira/issues/#?filter=12323963
citrix的committer做了不少自动化测试,这才是做产品啊
在 2013年8月23日下午1:38,陈珂 <ch...@ourfuture.cn>写道:
> 4.1系列的代码还是很活跃的。估计还能再出个4.1.2
> 4.2的新功能有哪些,谁有内幕消息给剧透一下
>
> -----邮件原件-----
> 发件人: Wei ZHOU [mailto:ustcweizhou@gmail.com]
> 发送时间: 2013年8月23日 13:14
> 收件人: users-cn@cloudstack.apache.org
> 主题: Re: 4.2.0是不是已经要发布了
>
> 马上就要出RC1了
>
> 在 13-8-23,陈珂<ch...@ourfuture.cn> 写道:
> >
> > Updating pom.xml version numbers for release 4.2.0
> >
> >
> > 今天cs的git上显示pom的版本号已经从4.2.0-SNAPSHOT改成4.2.0了,这是要发布新
> 版本的节奏么。
> > 2013-08-23
> >
> >
> >
> > 陈珂
> >
>
Re: 答复: 4.2.0是不是已经要发布了
Posted by Wei ZHOU <us...@gmail.com>.
4.1分支的代码更新已经很少了。
4.2的功能很多,new feature list在
https://issues.apache.org/jira/issues/#?filter=12323963
citrix的committer做了不少自动化测试,这才是做产品啊
在 2013年8月23日下午1:38,陈珂 <ch...@ourfuture.cn>写道:
> 4.1系列的代码还是很活跃的。估计还能再出个4.1.2
> 4.2的新功能有哪些,谁有内幕消息给剧透一下
>
> -----邮件原件-----
> 发件人: Wei ZHOU [mailto:ustcweizhou@gmail.com]
> 发送时间: 2013年8月23日 13:14
> 收件人: users-cn@cloudstack.apache.org
> 主题: Re: 4.2.0是不是已经要发布了
>
> 马上就要出RC1了
>
> 在 13-8-23,陈珂<ch...@ourfuture.cn> 写道:
> >
> > Updating pom.xml version numbers for release 4.2.0
> >
> >
> > 今天cs的git上显示pom的版本号已经从4.2.0-SNAPSHOT改成4.2.0了,这是要发布新
> 版本的节奏么。
> > 2013-08-23
> >
> >
> >
> > 陈珂
> >
>
答复: 4.2.0是不是已经要发布了
Posted by 陈珂 <ch...@ourfuture.cn>.
4.1系列的代码还是很活跃的。估计还能再出个4.1.2
4.2的新功能有哪些,谁有内幕消息给剧透一下
-----邮件原件-----
发件人: Wei ZHOU [mailto:ustcweizhou@gmail.com]
发送时间: 2013年8月23日 13:14
收件人: users-cn@cloudstack.apache.org
主题: Re: 4.2.0是不是已经要发布了
马上就要出RC1了
在 13-8-23,陈珂<ch...@ourfuture.cn> 写道:
>
> Updating pom.xml version numbers for release 4.2.0
>
>
> 今天cs的git上显示pom的版本号已经从4.2.0-SNAPSHOT改成4.2.0了,这是要发布新
版本的节奏么。
> 2013-08-23
>
>
>
> 陈珂
>
Re: 4.2.0是不是已经要发布了
Posted by Wei ZHOU <us...@gmail.com>.
马上就要出RC1了
在 13-8-23,陈珂<ch...@ourfuture.cn> 写道:
>
> Updating pom.xml version numbers for release 4.2.0
>
>
> 今天cs的git上显示pom的版本号已经从4.2.0-SNAPSHOT改成4.2.0了,这是要发布新版本的节奏么。
> 2013-08-23
>
>
>
> 陈珂
>
4.2.0是不是已经要发布了
Posted by 陈珂 <ch...@ourfuture.cn>.
Updating pom.xml version numbers for release 4.2.0
今天cs的git上显示pom的版本号已经从4.2.0-SNAPSHOT改成4.2.0了,这是要发布新版本的节奏么。
2013-08-23
陈珂