[jira] [Commented] (CLOUDSTACK-938) s2s VPN trouble

Wed, 09 Jan 2013 11:52:15 -0800 

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-938?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13548910#comment-13548910
 ] 

Richard Shevel commented on CLOUDSTACK-938:
-------------------------------------------

I noticed another oddity 
in VR :
root@r-288-VM:/var/log# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state 
UNKNOWN qlen 1000
    link/ether 0e:00:a9:fe:01:e8 brd ff:ff:ff:ff:ff:ff
    inet 169.254.1.232/16 brd 169.254.255.255 scope global eth0
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether 06:2c:58:00:00:6d brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state 
UNKNOWN qlen 1000
    link/ether 02:00:1b:48:00:02 brd ff:ff:ff:ff:ff:ff
    inet 10.3.3.1/24 brd 10.3.3.255

but if I look through the web interface, I see : 

NIC 1
Type    
Traffic Type    Control
Network Name    
Netmask 255.255.0.0
IP Address      169.254.1.232
ID      1b61695a-70e7-4667-a3f5-ee6f9dbbbd80
Network ID      f7e55fd4-4bc4-4857-bcc1-a5d7903159ab
Isolation URI   
Broadcast URI
NIC 2 (Default)
Type    
Traffic Type    Public
Network Name    
Netmask 255.255.255.192
IP Address      77.95.133.141
ID      b20274d3-155e-42b5-afb3-f6f76b35275b
Network ID      9ba9f56d-4a0c-47b1-91e1-e9592e84f3c2
Isolation URI   vlan://50
Broadcast URI   vlan://50
NIC 3
Type    Isolated
Traffic Type    Guest
Network Name    test_tier
Netmask 255.255.255.0
IP Address      10.3.3.1
ID      e0813f21-83ac-4d87-8c06-9eb534ddba8f
Network ID      bf3ec1b2-4a50-4264-8844-3fb47ccb240a
Isolation URI   vlan://598
Broadcast URI   vlan://598

After adding the vpn connection, the router lost nic2
                
> s2s VPN trouble
> ---------------
>
>                 Key: CLOUDSTACK-938
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-938
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: Network Controller
>    Affects Versions: 4.0.0, 4.0.1
>         Environment: CentOS 6.3 x86_64
> CS - 4.0.1-0.11
>            Reporter: Richard Shevel
>            Priority: Critical
>         Attachments: auth.log, catalina.zip, management-server.zip
>
>
> Dear colleagues, the problem is clearly a bug:
> I created a VPC
> Further, in my VPN Customer Gateway to the settings
> Gateway 217.70.20.213
> CIDR list 192.168.10.0/24
> IPsec Preshared-Key blablablablablabla
> IKE Encryption 3des
> IKE Hash md5
> IKE DH None
> ESP Encryption 3des
> ESP Hash md5
> Perfect Forward Secrecy None
> IKE lifetime (second) 86 400
> ESP Lifetime (second) 28 800
> Dead Peer Detection Yes
> In the setting of VPC I create VPN Gateway
> When creating a VPN Connection get the error:
> Resource [Site2SiteVpnConnection:15] is unreachable: Failed to apply 
> site-to-site VPN
> catalina.out:
> WARN  [cloud.api.ApiDispatcher] (Job-Executor-11:job-463) class 
> com.cloud.api.ServerApiException : Resource [Site2SiteVpnConnection:15] is 
> unreachable: Failed to apply site-to-site VPN
> WARN  [cloud.async.AsyncJobManagerImpl] (Job-Executor-11:job-463) Unable to 
> unregister active job 463 from JMX monitoring
> WARN  [network.router.VirtualNetworkApplianceManagerImpl] 
> (RouterStatusMonitor-1:) Unable to update router r-288-VM's VPN connection 
> status
> WARN  [network.router.VirtualNetworkApplianceManagerImpl] 
> (RouterStatusMonitor-1:) Unable to update router r-288-VM's VPN connection 
> status
> WARN  [network.router.VirtualNetworkApplianceManagerImpl] 
> (RouterStatusMonitor-1:) Unable to update router r-288-VM's VPN connection 
> status
> WARN  [network.router.VirtualNetworkApplianceManagerImpl] 
> (RouterStatusMonitor-1:) Unable to update router r-288-VM's VPN connection 
> status
> WARN  [network.router.VirtualNetworkApplianceManagerImpl] 
> (RouterStatusMonitor-1:) Unable to update router r-288-VM's VPN connection 
> status
> management-server.log:
> 2013-01-09 21:27:54,587 DEBUG [agent.manager.AgentManagerImpl] 
> (AgentManager-Handler-4:null) Ping from 5
> 2013-01-09 21:27:54,623 DEBUG [agent.manager.AgentManagerImpl] 
> (AgentManager-Handler-2:null) Ping from 3
> 2013-01-09 21:28:17,546 DEBUG [storage.secondary.SecondaryStorageManagerImpl] 
> (secstorage-1:null) Zone 1 is ready to launch secondary storage VM
> 2013-01-09 21:28:17,656 DEBUG [cloud.consoleproxy.ConsoleProxyManagerImpl] 
> (consoleproxy-1:null) Zone 1 is ready to launch console proxy
> 2013-01-09 21:28:18,306 DEBUG 
> [network.router.VirtualNetworkApplianceManagerImpl] 
> (RouterStatusMonitor-1:null) Found 3 routers.
> 2013-01-09 21:28:18,316 DEBUG [agent.transport.Request] 
> (RouterStatusMonitor-1:null) Seq 5-223284290: Sending  { Cmd , MgmtId: 
> 52239887788, via: 5, Ver: v1, Flags: 100111, 
> [{"CheckS2SVpnConnectionsCommand":{"vpnIps":[],"accessDetails":{"router.ip":"169.254.1.232","router.name":"r-288-VM"},"wait":30}}]
>  }
> 2013-01-09 21:28:18,458 DEBUG [agent.transport.Request] 
> (AgentManager-Handler-3:null) Seq 5-223284290: Processing:  { Ans: , MgmtId: 
> 52239887788, via: 5, Ver: v1, Flags: 110, 
> [{"CheckS2SVpnConnectionsAnswer":{"ipToConnected":{},"ipToDetail":{},"details":"CheckS2SVpnConneciontsCommand
>  failed","result":false,"wait":0}}] }
> 2013-01-09 21:28:18,458 DEBUG [agent.manager.AgentAttache] 
> (AgentManager-Handler-3:null) Seq 5-223284290: No more commands found
> 2013-01-09 21:28:18,458 DEBUG [agent.transport.Request] 
> (RouterStatusMonitor-1:null) Seq 5-223284290: Received:  { Ans: , MgmtId: 
> 52239887788, via: 5, Ver: v1, Flags: 110, { CheckS2SVpnConnectionsAnswer } }
> 2013-01-09 21:28:18,458 DEBUG [agent.manager.AgentManagerImpl] 
> (RouterStatusMonitor-1:null) Details from executing class 
> com.cloud.agent.api.CheckS2SVpnConnectionsCommand: 
> CheckS2SVpnConneciontsCommand failed
> 2013-01-09 21:28:18,458 WARN  
> [network.router.VirtualNetworkApplianceManagerImpl] 
> (RouterStatusMonitor-1:null) Unable to update router r-288-VM's VPN 
> connection status
> 2013-01-09 21:28:43,063 DEBUG [cloud.server.StatsCollector] 
> (StatsCollector-2:null) StorageCollector is running...
> 2013-01-09 21:28:43,117 DEBUG [agent.transport.Request] 
> (StatsCollector-2:null) Seq 17-292881626: Received:  { Ans: , MgmtId: 
> 52239887788, via: 17, Ver: v1, Flags: 10, { GetStorageStatsAnswer } }
> 2013-01-09 21:28:45,185 DEBUG [agent.transport.Request] 
> (StatsCollector-2:null) Seq 3-1166872144: Received:  { Ans: , MgmtId: 
> 52239887788, via: 3, Ver: v1, Flags: 10, { GetStorageStatsAnswer } }
> 2013-01-09 21:28:47,545 DEBUG [storage.secondary.SecondaryStorageManagerImpl] 
> (secstorage-1:null) Zone 1 is ready to launch secondary storage VM
> 2013-01-09 21:28:47,655 DEBUG [cloud.consoleproxy.ConsoleProxyManagerImpl] 
> (consoleproxy-1:null) Zone 1 is ready to launch console proxy
> 2013-01-09 21:28:48,305 DEBUG 
> [network.router.VirtualNetworkApplianceManagerImpl] 
> (RouterStatusMonitor-1:null) Found 3 routers.
> 2013-01-09 21:28:48,328 DEBUG [agent.transport.Request] 
> (RouterStatusMonitor-1:null) Seq 5-223284291: Sending  { Cmd , MgmtId: 
> 52239887788, via: 5, Ver: v1, Flags: 100111, 
> [{"CheckS2SVpnConnectionsCommand":{"vpnIps":[],"accessDetails":{"router.ip":"169.254.1.232","router.name":"r-288-VM"},"wait":30}}]
>  }
> 2013-01-09 21:28:48,430 DEBUG [agent.transport.Request] 
> (AgentManager-Handler-9:null) Seq 5-223284291: Processing:  { Ans: , MgmtId: 
> 52239887788, via: 5, Ver: v1, Flags: 110, 
> [{"CheckS2SVpnConnectionsAnswer":{"ipToConnected":{},"ipToDetail":{},"details":"CheckS2SVpnConneciontsCommand
>  failed","result":false,"wait":0}}] }
> 2013-01-09 21:28:48,430 DEBUG [agent.manager.AgentAttache] 
> (AgentManager-Handler-9:null) Seq 5-223284291: No more commands found
> 2013-01-09 21:28:48,430 DEBUG [agent.transport.Request] 
> (RouterStatusMonitor-1:null) Seq 5-223284291: Received:  { Ans: , MgmtId: 
> 52239887788, via: 5, Ver: v1, Flags: 110, { CheckS2SVpnConnectionsAnswer } }
> 2013-01-09 21:28:48,430 DEBUG [agent.manager.AgentManagerImpl] 
> (RouterStatusMonitor-1:null) Details from executing class 
> com.cloud.agent.api.CheckS2SVpnConnectionsCommand: 
> CheckS2SVpnConneciontsCommand failed
> 2013-01-09 21:28:48,430 WARN  
> [network.router.VirtualNetworkApplianceManagerImpl] 
> (RouterStatusMonitor-1:null) Unable to update router r-288-VM's VPN 
> connection status
> 2013-01-09 21:28:49,298 DEBUG [agent.manager.AgentManagerImpl] 
> (AgentManager-Handler-7:null) Ping from 11
> 2013-01-09 21:28:49,299 DEBUG [agent.manager.AgentManagerImpl] 
> (AgentManager-Handler-6:null) Ping from 17
> 2013-01-09 21:28:51,594 DEBUG [cloud.server.StatsCollector] 
> (StatsCollector-3:null) HostStatsCollector is running...

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to