OpenStack VM 网络中断

Question

Good morning all.大家早上好。

I have an old OpenStack server (IceHouse running on Ubuntu 12) that the networking is broken on.我有一个网络中断的旧 OpenStack 服务器（在 Ubuntu 12 上运行的 IceHouse）。 I can access the main host on it's external IP but none of the VMs on their internal or external IPs.我可以在其外部 IP 上访问主主机，但在其内部或外部 IP 上没有任何虚拟机。 I'm trying to fix the networking on this because one day it just stopped working and as I didn't set up the networking on this (an old friend did) and my networking isn't good.我正在尝试修复此网络，因为有一天它刚刚停止工作，而且我没有在此设置网络（一位老朋友做了），而且我的网络不好。

So my OpenStack is setup as follows:所以我的 OpenStack 设置如下：

Physical Server - External IP + internal IP of 10.0.0.1物理服务器 - 外部 IP + 内部 IP 的 10.0.0.1
5 VMs inside the physical server - each with their own External IP + internal IP of 10.0.0.2/3/5/6/12 respectively物理服务器内的 5 个虚拟机 - 每个都有自己的外部 IP + 内部 IP 分别为 10.0.0.2/3/5/6/12

brctl show brctl 显示

bridge name     bridge id               STP enabled     interfaces
br100           8000.002590a623ea       no              eth0
                                                        vnet0
virbr0          8000.000000000000       yes

cat /var/lib/libvirt/network/default.xml猫 /var/lib/libvirt/network/default.xml

<networkstatus>
  <class_id bitmap='0-2'/>
  <floor sum='0'/>
  <network>
    <name>default</name>
    <uuid>1418323a-ec13-4ea0-b342-c3263e44c4c4</uuid>
    <forward mode='nat'>
      <nat>
        <port start='1024' end='65535'/>
      </nat>
    </forward>
    <bridge name='virbr0' stp='on' delay='0'/>
    <ip address='192.168.122.1' netmask='255.255.255.0'>
      <dhcp>
        <range start='192.168.122.2' end='192.168.122.254'/>
      </dhcp>
    </ip>
  </network>
</networkstatus>

ifconfig如果配置

br100     Link encap:Ethernet  HWaddr 00:25:90:a6:23:ea
          inet addr:10.0.0.1  Bcast:10.0.0.255  Mask:255.255.255.0
          inet6 addr: fe80::225:90ff:fea6:23ea/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:21253 errors:0 dropped:0 overruns:0 frame:0
          TX packets:14720 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1346723 (1.3 MB)  TX bytes:1655846 (1.6 MB)

eth0      Link encap:Ethernet  HWaddr 00:25:90:a6:23:ea
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:21898 errors:0 dropped:68 overruns:0 frame:0
          TX packets:14881 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1828683 (1.8 MB)  TX bytes:1655116 (1.6 MB)
          Memory:fb920000-fb940000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:110260 errors:0 dropped:0 overruns:0 frame:0
          TX packets:110260 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:37015458 (37.0 MB)  TX bytes:37015458 (37.0 MB)

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:172.16.17.1  P-t-P:172.16.17.2  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

virbr0    Link encap:Ethernet  HWaddr aa:88:14:70:4d:e2
          inet addr:192.168.122.1  Bcast:192.168.122.255  Mask:255.255.255.0
          inet6 addr: fe80::a888:14ff:fe70:4de2/64 Scope:Link
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:588 (588.0 B)

vnet0     Link encap:Ethernet  HWaddr fe:16:3e:24:da:f2
          inet6 addr: fe80::fc16:3eff:fe24:daf2/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:113 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3849 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500
          RX bytes:13581 (13.5 KB)  TX bytes:356808 (356.8 KB)

ip a | ip grep state grep state

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br100 state UP qlen 1000
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
4: br100: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
5: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
6: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 100
8: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br100 state UNKNOWN qlen 500

ip route (XXXX being the externally facing public IP) ip路由（XXXX为对外公网IP）

default via X.X.X.254 dev br100  metric 100
10.0.0.0/24 dev br100  proto kernel  scope link  src 10.0.0.1
X.X.X.0/24 dev br100  proto kernel  scope link  src X.X.X.X
172.16.17.0/24 via 172.16.17.2 dev tun0
172.16.17.2 dev tun0  proto kernel  scope link  src 172.16.17.1
192.168.122.0/24 dev virbr0  proto kernel  scope link  src 192.168.122.1
192.168.122.0/24 dev br100  proto kernel  scope link  src 192.168.122.222

I can't ping or SSH to a VM externally or internally eg 10.0.0.5 from 10.0.0.1 and when a VM boots eg 10.0.0.5 it shows this:我无法从外部或内部 ping 或 SSH 到 VM，例如来自 10.0.0.1 的 10.0.0.5，当 VM 启动时，例如 10.0.0.5，它显示：

[....] Configuring network interfaces...Internet Systems Consortium DHCP Client 4.2.2
Copyright 2004-2011 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/eth0/fa:16:3e:24:da:f2
Sending on   LPF/eth0/fa:16:3e:24:da:f2
Sending on   Socket/fallback
DHCPREQUEST on eth0 to 255.255.255.255 port 67
DHCPACK from 10.0.0.1
bound to 10.0.0.5 -- renewal in 50 seconds.

ci-info: +++++++++++++++++++++++++Net device info+++++++++++++++++++++++++
ci-info: +--------+------+-----------+---------------+-------------------+
ci-info: | Device |  Up  |  Address  |      Mask     |     Hw-Address    |
ci-info: +--------+------+-----------+---------------+-------------------+
ci-info: |   lo   | True | 127.0.0.1 |   255.0.0.0   |         .         |
ci-info: |  eth0  | True |  10.0.0.5 | 255.255.255.0 | fa:16:3e:24:da:f2 |
ci-info: +--------+------+-----------+---------------+-------------------+
ci-info: ++++++++++++++++++++++++++++++Route info++++++++++++++++++++++++++++++
ci-info: +-------+-------------+----------+---------------+-----------+-------+
ci-info: | Route | Destination | Gateway  |    Genmask    | Interface | Flags |
ci-info: +-------+-------------+----------+---------------+-----------+-------+
ci-info: |   0   |   0.0.0.0   | 10.0.0.1 |    0.0.0.0    |    eth0   |   UG  |
ci-info: |   1   |   10.0.0.0  | 0.0.0.0  | 255.255.255.0 |    eth0   |   U   |
ci-info: +-------+-------------+----------+---------------+-----------+-------+

virsh list虚拟列表

 Id    Name                           State
----------------------------------------------------
 3     instance-00000025              running

Can anyone help a network noob?任何人都可以帮助网络菜鸟吗？

Answer 1

I suggest you start looking at the configured security groups and see if ingress rules for icmp and tcp on port 22 are present to accept the connections.我建议您开始查看已配置的安全组，并查看端口 22 上的 icmp 和 tcp 的入口规则是否存在以接受连接。

By default Openstack security groups deny external traffic.默认情况下，Openstack 安全组拒绝外部流量。

OpenStack VM 网络中断

问题描述

1 个解决方案

解决方案1
0 2019-11-27 09:30:20

OpenStack VM 网络中断

问题描述

1 个解决方案

解决方案1 0 2019-11-27 09:30:20

解决方案1
0 2019-11-27 09:30:20