Juniper Openstack

VM unable to ping to outer world using router gateway snat

Bug #1352966 reported by Vedamurthy Joshi
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Juniper Openstack
Fix Committed
High
Rudra Rugge
R1.1
Fix Committed
High
Rudra Rugge
Juniper Openstack r1.10-fcs

Bug Description

Build 1.10 5

I have a private VN and public VN(sharing connectivity with MX).
A router rtr1 is created with interfaces on these two VMs and router-gateway is set.

It is seen that the nh for 0.0.0.0 on the private VN is a ECMP route with two nhs : a snat si and a tunnel nh to MX.
Ping from VM in private VN to 8.8.8.8 fails.

#Role definition of the hosts.
env.roledefs = {
    'all': [host1, host2, host3, host4, host5],
    'cfgm': [host1,host4,host3],
    'openstack': [host2],
    'control': [host1,host4],
    'compute': [host5],
    'collector': [host1,host4,host3],
    'webui': [host1],
    'database': [host1,host4,host3],
    'build': [host_build],
}

env.hostnames = {
    'all': ['nodec22', 'nodeg30', 'nodeg29', 'nodeh4', 'nodeh5']
}

root@nodec22:/opt/contrail/utils# neutron router-list
+--------------------------------------+------+--------------------------------------------------------+
| id | name | external_gateway_info |
+--------------------------------------+------+--------------------------------------------------------+
| aefd6a55-c08c-4997-8822-a227a9b1bc26 | prk1 | null |
| 6d37bb29-cd4e-496b-97d4-5131b61097c6 | rtr1 | {"network_id": "7b751ddb-9a40-4c73-ae8c-76c3036a09f5"} |
+--------------------------------------+------+--------------------------------------------------------+
root@nodec22:/opt/contrail/utils# neutron router-port-list rtr1
+--------------------------------------+--------------------------------------+-------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| id | name | mac_address | fixed_ips |
+--------------------------------------+--------------------------------------+-------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| 23515e92-bc20-495f-bd32-5c70c0381ff4 | 23515e92-bc20-495f-bd32-5c70c0381ff4 | 02:23:51:5e:92:bc | {"subnet_id": "d17cc8a6-e1cf-4225-9296-f8addadf4f0d", "ip_address": "100.1.1.1", "port_id": "23515e92-bc20-495f-bd32-5c70c0381ff4", "net_id": "d63b82d4-1ac8-4fdc-8f15-aa223ce47923"} |
| cafa8a25-d3a4-49d5-9c6a-8c19432a0be0 | cafa8a25-d3a4-49d5-9c6a-8c19432a0be0 | 02:ca:fa:8a:25:d3 | {"subnet_id": "9fafb922-6ae2-4147-98ab-a9b3135c7042", "ip_address": "10.204.219.65", "port_id": "cafa8a25-d3a4-49d5-9c6a-8c19432a0be0", "net_id": "7b751ddb-9a40-4c73-ae8c-76c3036a09f5"} |
+--------------------------------------+--------------------------------------+-------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
root@nodec22:/opt/contrail/utils#

root@nodec22:/opt/contrail/utils# neutron net-list
+--------------------------------------+--------------------------------------------------+-------------------------------------------------------+
| id | name | subnets |
+--------------------------------------+--------------------------------------------------+-------------------------------------------------------+
| e5bb40b7-95f7-4072-9f4b-14b481ce81e3 | svc_snat_si_6d37bb29-cd4e-496b-97d4-5131b61097c6 | db26f944-8fe8-4536-8b28-091362a3ad2f 100.64.0.0/29 |
| 7b751ddb-9a40-4c73-ae8c-76c3036a09f5 | public_vn | 9fafb922-6ae2-4147-98ab-a9b3135c7042 10.204.219.64/29 |
| 96f9e820-2048-403c-8219-1dda7b841a2d | prk1 | 3de0d4ea-4684-43b7-9a78-6821ce25f5da 1.1.1.0/24 |
| d63b82d4-1ac8-4fdc-8f15-aa223ce47923 | private_vn | d17cc8a6-e1cf-4225-9296-f8addadf4f0d 100.1.1.0/24 |
| 19f0df79-fe9d-41fe-bc58-4fa21b19d0ba | prk2 | 00651d77-fde1-4bfd-b859-3422d69d088f 2.2.2.0/24 |
+--------------------------------------+--------------------------------------------------+-------------------------------------------------------+
root@nodec22:/opt/contrail/utils#

root@nodec22:/opt/contrail/utils# nova list
+--------------------------------------+-------------+--------+------------+-------------+-------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+-------------+--------+------------+-------------+-------------------------+
| b6105ddd-7ee0-45de-bd5b-44b5cd2c01ed | private-vm1 | ACTIVE | None | Running | private_vn=100.1.1.2 |
| bca79b2e-6835-4195-b7f0-b1cf47645ec2 | public_vm1 | ACTIVE | None | Running | public_vn=10.204.219.67 |
+--------------------------------------+-------------+--------+------------+-------------+-------------------------+
root@nodec22:/opt/contrail/utils#

Revision history for this message
Raj Reddy (rajreddy) wrote :

development still in progress.. done by the end of this week..

Raj Reddy (rajreddy)
Changed in juniperopenstack:
importance: Critical → High
Sachin Bansal (sbansal)
Changed in juniperopenstack:
assignee: Sachin Bansal (sbansal) → Rudra Rugge (rudrarugge)
Nagabhushana R (bhushana)
Changed in juniperopenstack:
milestone: r1.10-beta → none
Revision history for this message
Rudra Rugge (rrugge) wrote :

R1.10 fix committed:
https://github.com/Juniper/contrail-controller/commit/cfe7291cb93b1d4d02ad5be7b5da0375b5c764db

Rudra Rugge (rrugge)
Changed in juniperopenstack:
status: New → Fix Committed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.