Fuel for OpenStack

Fuel slave nodes can not reach the DHCP server

Bug #1312638 reported by Timur Nurlygayanov
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Fuel for OpenStack
Fix Committed
High
Dmitry Teselkin
Fuel for OpenStack 5.0

Bug Description

Note: please see attached screenshot for more detailed information

Steps To Reproduce:
1. Clone the latest (#140 build) iso with Fuel 5.0
2. Create several VMs with Virtual Box scripts and install master node

Observed Result:
Master node was installed successfully, but slave nodes can not see the DHCP server and can not bootstrap the OS (please see attached screenshot for more detailed information)

Tags: dhcp iso
Revision history for this message
Timur Nurlygayanov (tnurlygayanov) wrote :
Revision history for this message
Timur Nurlygayanov (tnurlygayanov) wrote :

root@comp:~/fuel-main/virtualbox# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:bootps
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:bootps

Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere

Revision history for this message
Vladimir Kuklin (vkuklin) wrote :

post iptables-save please and ip information of all virtual networks and so on

Revision history for this message
Timur Nurlygayanov (tnurlygayanov) wrote :

route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 172.18.78.1 0.0.0.0 UG 0 0 0 eth0
10.20.0.0 * 255.255.255.0 U 0 0 0 vboxnet0
172.16.0.0 * 255.255.255.0 U 0 0 0 vboxnet1
172.16.1.0 * 255.255.255.0 U 0 0 0 vboxnet2
172.18.78.0 * 255.255.255.128 U 1 0 0 eth0
192.168.122.0 * 255.255.255.0 U 0 0 0 virbr0

Revision history for this message
Timur Nurlygayanov (tnurlygayanov) wrote :

iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
-A INPUT -i virbr2 -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -i virbr2 -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -i virbr2 -p udp -m udp --dport 67 -j ACCEPT
-A INPUT -i virbr2 -p tcp -m tcp --dport 67 -j ACCEPT
-A FORWARD -j ACCEPT
-A FORWARD -j ACCEPT
-A FORWARD -j ACCEPT
-A FORWARD -d 192.168.122.0/24 -o virbr0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 192.168.122.0/24 -i virbr0 -j ACCEPT
-A FORWARD -i virbr0 -o virbr0 -j ACCEPT
-A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -i virbr2 -o virbr2 -j ACCEPT
-A FORWARD -o virbr2 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -i virbr2 -j REJECT --reject-with icmp-port-unreachable

Revision history for this message
Timur Nurlygayanov (tnurlygayanov) wrote :

Fixed in https://review.openstack.org/#/c/90313/

Changed in fuel:
status: Confirmed → Fix Committed
assignee: nobody → Dmitry Teselkin (teselkin-d)
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.