That looks good to me. Couple of suggestions: try to ping the gateway of the public network, 172.16.1.1. You could try a tcpdump. You need to run this on the domain router console - tcpdump -n -tttt -i eth2 icmp. Then on the dom0 console on the xenserver the domain router is running on, run this - ssh root@169.254.0.47 -p 3922 -i /root/.ssh/id_rsa.cloud - that will log you in to the domain router via the link local network (169.254.0.47 seems to be the IP link local address on the domain router from your output below. Then run ping once logged in and check the output on the domain router console.
Have you tried to destroy the domain router and create a new one? A new domain router should be created when you create another VM. Hope that helps! -----Original Message----- From: Warren Nicholson [mailto:warren.nichol...@nfinausa.com] Sent: Wednesday, May 01, 2013 6:13 PM To: users@cloudstack.apache.org Subject: RE: router not working root@r-12-VM:~# netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2 10.1.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 0.0.0.0 172.16.1.1 0.0.0.0 UG 0 0 0 eth2 [root@HV1 ~]# xe vif-list params=network-name-label,vm-name-label,device vm-name-label=s-10-VM vm-name-label ( RO) : s-10-VM device ( RO): 0 network-name-label ( RO): cloud_link_local_network vm-name-label ( RO) : s-10-VM device ( RO): 2 network-name-label ( RO): VLAN-1d4e2ee4-6c9f-6587-71e5-180c5ba901a7-20 vm-name-label ( RO) : s-10-VM device ( RO): 3 network-name-label ( RO): storage [root@HV1 ~]# xe vif-list params=network-name-label,vm-name-label,device vm-name-label=r-12-VM vm-name-label ( RO) : r-12-VM device ( RO): 0 network-name-label ( RO): VLAN-1d4e2ee4-6c9f-6587-71e5-180c5ba901a7-796 vm-name-label ( RO) : r-12-VM device ( RO): 2 network-name-label ( RO): VLAN-1d4e2ee4-6c9f-6587-71e5-180c5ba901a7-20 vm-name-label ( RO) : r-12-VM device ( RO): 1 network-name-label ( RO): cloud_link_local_network I appreciate the assistance... Warren -----Original Message----- From: Oliver Leach [mailto:oliver.le...@tatacommunications.com] Sent: Wednesday, May 01, 2013 11:55 AM To: users@cloudstack.apache.org Subject: RE: router not working And a netstat -rn on the domain router? Does the SSVM (which works) have a similar ifconfig output and a similar netsta -rn output? It is difficult to say that the virtual routers networks are correct from the output below. Try this: xe vif-list params=network-name-label,vm-name-label,device vm-name-label=<SSVM name label s-xxx> xe vif-list params=network-name-label,vm-name-label,device vm-name-label=<domain router name label v-xxx> -----Original Message----- From: Warren Nicholson [mailto:warren.nichol...@nfinausa.com] Sent: Wednesday, May 01, 2013 5:27 PM To: users@cloudstack.apache.org; aemne...@gmail.com Subject: RE: router not working 1. We are using Advanced Zone. 2. root@r-12-VM:~# ifconfig |grep inet -B 2 eth0 Link encap:Ethernet HWaddr 02:00:15:4c:00:04 inet addr:10.1.1.1 Bcast:10.1.1.255 Mask:255.255.255.0 inet6 addr: fe80::15ff:fe4c:4/64 Scope:Link -- eth1 Link encap:Ethernet HWaddr 0e:00:a9:fe:00:2f inet addr:169.254.0.47 Bcast:169.254.255.255 Mask:255.255.0.0 inet6 addr: fe80::c00:a9ff:fefe:2f/64 Scope:Link -- eth2 Link encap:Ethernet HWaddr 06:99:5a:00:00:61 inet addr:172.16.1.226 Bcast:172.16.1.255 Mask:255.255.255.0 inet6 addr: fe80::499:5aff:fe00:61/64 Scope:Link -- lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host 3. [root@HV1 ~]# xe vif-list device=1 uuid ( RO) : cfd2a22f-8dc6-757b-4171-3992c7e0f435 vm-uuid ( RO): 3f705289-bf96-e5ca-85fa-2572c27109cb device ( RO): 1 network-uuid ( RO): fd7ce650-0d40-69ea-ba83-20287290ae15 uuid ( RO) : 2fc93309-791a-317f-b48e-77b35efdf30e vm-uuid ( RO): 7379ffda-9e45-49a0-0040-52a678a9c809 device ( RO): 1 network-uuid ( RO): 96b63187-9785-53f0-5cb3-bfd662f3d69a uuid ( RO) : a072870d-f8a5-9f82-9efd-9f62f7629597 vm-uuid ( RO): 281750f2-3b81-e2d5-48df-f3fed56f7bcf device ( RO): 1 network-uuid ( RO): fd7ce650-0d40-69ea-ba83-20287290ae15 [root@HV1 ~]# xe pif-list VLAN=20 uuid ( RO) : 2e0c3966-2b1b-2fee-6609-8ee30c8d6693 device ( RO): eth1 currently-attached ( RO): true VLAN ( RO): 20 network-uuid ( RO): 21fedae7-8424-272a-2a62-0c9343b683fe uuid ( RO) : 4841d837-5975-3a42-a310-ceec11403581 device ( RO): eth1 currently-attached ( RO): true VLAN ( RO): 20 network-uuid ( RO): 21fedae7-8424-272a-2a62-0c9343b683fe [root@HV1 ~]# xe network-list name-label=guest_public uuid ( RO) : 1d4e2ee4-6c9f-6587-71e5-180c5ba901a7 name-label ( RW): guest_public name-description ( RW): bridge ( RO): xenbr1 [root@HV1 ~]# xe network-list name-label=VLAN-1d4e2ee4-6c9f-6587-71e5-180c5ba901a7-20 uuid ( RO) : 21fedae7-8424-272a-2a62-0c9343b683fe name-label ( RW): VLAN-1d4e2ee4-6c9f-6587-71e5-180c5ba901a7-20 name-description ( RW): bridge ( RO): xapi3 Warren -----Original Message----- From: Oliver Leach [mailto:oliver.le...@tatacommunications.com] Sent: Wednesday, May 01, 2013 10:44 AM To: users@cloudstack.apache.org; aemne...@gmail.com Subject: RE: router not working Are you using basic zone or an advance zone? In advance zone, the domain router should have 3 interfaces - 1 on the private vlan, 1 on the linklocal network and one on the public network, which is the source nat for the account. What does ifconfig |grep inet -B 2 output? And do these interfaces tie up with the correct networks in XenCenter? Ie, private should belong to a private vlan, link local should be connected using a 169.254.x.x address and the public interface should be tied to the vlan of your public network. -----Original Message----- From: Warren Nicholson [mailto:warren.nichol...@nfinausa.com] Sent: Wednesday, May 01, 2013 4:35 PM To: users@cloudstack.apache.org; aemne...@gmail.com Subject: RE: router not working I do find it interesting that Xenserver and XenCenter report one network UUID and cloudstack another. Why don't these agree? Warren -----Original Message----- From: Oliver Leach [mailto:oliver.le...@tatacommunications.com] Sent: Wednesday, May 01, 2013 9:47 AM To: users@cloudstack.apache.org; aemne...@gmail.com Subject: RE: router not working I am assuming you are using XenServer. Is the domain router's public vif using the correct network on the XenServer? This is the same network as the ssvm and the console proxy which you say can access the internet. If the domain router is on the same host using the same network and the same vlan as the SSVM and the CP, then it should be able to ping the internet. Potentially, the other thing to check is your egress firewall rules for cloudstack network allows outbound traffic. Oliver -- -----Original Message----- From: Warren Nicholson [mailto:warren.nichol...@nfinausa.com] Sent: Wednesday, May 01, 2013 2:46 PM To: users@cloudstack.apache.org; aemne...@gmail.com Subject: RE: router not working I dropped a direct connection to the HW using XenCenter, and statically configured the IP. That works fine, and I am able to get on the internet. However, doing it this way, I've lost the firewall protection of the Cloudstack Router. I would still like to know why the router isn't working..... Warren -----Original Message----- From: Ahmad Emneina [mailto:aemne...@gmail.com] Sent: Tuesday, April 30, 2013 6:27 PM To: Cloudstack users mailing list Subject: Re: router not working i would imagine your trunked public vlan is the issue. boot a vm and tag it with the public vlan, see if it gets out. check the switches also, make sure its trunked down properly. On Tue, Apr 30, 2013 at 4:02 PM, Warren Nicholson < warren.nichol...@nfinausa.com> wrote: > When my router boots it can't ping its public side. > > > > What's up with that? > > > > Is the supplied router bad? > > > > Warren > >
