Yes Benoit, I have 40% of free public IPs available. So, that should not be an issue.
I don’t see any errors in log file too. Have you noticed any exceptions in log files by any chance when you encountered this issue? Thanks, Praveen Kumar -----Original Message----- From: benoit lair [mailto:kurushi4...@gmail.com] Sent: 02 April 2014 17:30 To: users@cloudstack.apache.org Subject: Re: VPN for VPC feature in 4.3 Hi Praveen, I already have this issue with vpc vr : Have you checked if you have some public ip adresses available on your zone ? Regards, Benoit. 2014-04-02 12:24 GMT+02:00 Praveen Buravilli <praveen.buravi...@citrix.com>: > Thanks Geoff. Actually, eth1 for VPC router is missing. > > When I looked at log file, surprisingly a request has been sent to > create router VM with two NICs(one link local and other public) > whereas, the router was created with only one NIC. > > > > Any thoughts? fyi, I'm running CloudStack 4.3 with KVM nodes. > > > > Here attached is log file snippet containing both request and response > info on router start command: > > (Highlighted NIC entries in the log with red and green texts). > > > ====================================================================== > ================ > > 2014-04-02 06:00:47,968 DEBUG [c.c.a.t.Request] > (Job-Executor-35:ctx-544b3513 ctx-5d9c4b47) Seq 6-1545667825: Sending > { Cmd , MgmtId: 52237010300, via: 6(localhost.localdomain), Ver: v1, Flags: > 100111, > [{"com.cloud.agent.api.StartCommand":{"vm":{"id":43,"name":"r-43-VM"," > type":"DomainRouter","cpus":1,"minSpeed":500,"maxSpeed":500,"minRam":1 > 34217728,"maxRam":134217728,"arch":"x86_64","os":"Debian > GNU/Linux 7(64-bit)","bootArgs":" > vpccidr=10.201.0.0/16domain=cs7cloud.internal dns1=8.8.8.8 > template=domP name=r-43-VM > eth0ip=169.254.1.131 eth0mask=255.255.0.0 type=vpcrouter > disable_rp_filter=true","rebootOnCrash":false,"enableHA":true,"limitCp > uUse":false,"enableDynamicallyScaleVm":false,"vncPassword":"21a870dc77 > 23830","params":{},"uuid":"05b714cf-a511-42d9-b24a-6d077342865f","disk > s":[{"data":{"org.apache.cloudstack.storage.to.VolumeObjectTO":{"uuid" > :"b61da4e1-121e-4e02-b345-35719deec994","volumeType":"ROOT","dataStore > ":{"org.apache.cloudstack.storage.to.PrimaryDataStoreTO":{"uuid":"90ff > a1df-e8bd-3e46-893d-bb9b63e0b180","id":2,"poolType":"NetworkFilesystem > ","host":"172.20.105.2","path":"/export/praveen/csprimary","port":2049 > ,"url":"NetworkFilesystem:// > 172.20.105.2//export/praveen/csprimary/?ROLE=Primary&STOREUUID=90ffa1d > f-e8bd-3e46-893d-bb9b63e0b180 > "}},"name":"ROOT-43","size":2621440000,"path":"b61da4e1-121e-4e02-b345-35719deec994","volumeId":46,"vmName":"r-43-VM","accountId":7,"format":"QCOW2","id":46,"deviceId":0,"hypervisorType":"KVM"}},"diskSeq":0,"path":"b61da4e1-121e-4e02-b345-35719deec994","type":"ROOT","_details":{"managed":"false","storagePort":"2049","storageHost":"172.20.105.2","volumeSize":"2621440000"}}],"nics":[{"deviceId":0,"networkRateMbps":-1,"defaultNic":false,"uuid":"2d4b2574-5e7d-45e7-bcbb-f64d1d9237c1","ip":"169.254.1.131","netmask":"255.255.0.0","gateway":"169.254.0.1","mac":"0e:00:a9:fe:01:83","broadcastType":"LinkLocal","type":"Control","isSecurityGroupEnabled":false}]},"hostIp":"172.20.210.7","executeInSequence":false,"wait":0}},{"com.cloud.agent.api.check.CheckSshCommand":{"ip":"169.254.1.131","port":3922,"interval":6,"retries":100,"name":"r-43-VM","wait":0}},{"com.cloud.agent.api.GetDomRVersionCmd":{"accessDetails":{"router.ip":"169.254.1.131"," > router.name > ":"r-43-VM"},"wait":0}},{"com.cloud.agent.api.PlugNicCommand":{"nic":{"deviceId":1,"networkRateMbps":200,"defaultNic":true,"uuid":"7f27078c-2123-4e53-9d4c-df2c6e4cb844","ip":"172.20.211.132","netmask":"255.255.255.0","gateway":"172.20.211.1","mac":"06:41:1a:00:00:20","broadcastType":"Vlan","type":"Public","broadcastUri":"vlan://211","isolationUri":"vlan://211","isSecurityGroupEnabled":false,"name":"cloudbr1"},"instanceName":"r-43-VM","vmType":"DomainRouter","wait":0}},{"com.cloud.agent.api.routing.IpAssocVpcCommand":{"ipAddresses":[{"accountId":7,"publicIp":"172.20.211.132","sourceNat":true,"add":true,"oneToOneNat":false,"firstIP":false,"broadcastUri":"211","vlanGateway":"172.20.211.1","vlanNetmask":"255.255.255.0","vifMacAddress":"06:41:1a:00:00:20","networkRate":200,"trafficType":"Public","networkName":"cloudbr1"}],"accessDetails":{"router.guest.ip":"172.20.211.132","zone.network.type":"Advanced","router.ip":"169.254.1.131"," > router.name > ":"r-43-VM"},"wait":0}},{"com.cloud.agent.api.routing.SetSourceNatCommand":{"ipAddress":{"accountId":7,"publicIp":"172.20.211.132","sourceNat":true,"add":true,"oneToOneNat":false,"firstIP":false,"broadcastUri":"211","vlanGateway":"172.20.211.1","vlanNetmask":"255.255.255.0","vifMacAddress":"06:41:1a:00:00:20","networkRate":200,"trafficType":"Public","networkName":"cloudbr1"},"add":true,"accessDetails":{"zone.network.type":"Advanced","router.ip":"169.254.1.131"," > router.name":"r-43-VM"},"wait":0}},{}] } > > > > > > 2014-04-02 06:01:43,695 DEBUG [c.c.a.t.Request] > (AgentManager-Handler-10:null) Seq 6-1545667825: Processing: { Ans: , > MgmtId: 52237010300, via: 6, Ver: v1, Flags: 110, > [{"com.cloud.agent.api.StartAnswer":{"vm":{"id":43,"name":"r-43-VM","t > ype":"DomainRouter","cpus":1,"minSpeed":500,"maxSpeed":500,"minRam":13 > 4217728,"maxRam":134217728,"arch":"x86_64","os":"Debian > GNU/Linux 7(64-bit)","bootArgs":" > vpccidr=10.201.0.0/16domain=cs7cloud.internal dns1=8.8.8.8 > template=domP name=r-43-VM > eth0ip=169.254.1.131 eth0mask=255.255.0.0 type=vpcrouter > disable_rp_filter=true","rebootOnCrash":false,"enableHA":true,"limitCp > uUse":false,"enableDynamicallyScaleVm":false,"vncPassword":"21a870dc77 > 23830","vncAddr":"172.20.210.7","params":{},"uuid":"05b714cf-a511-42d9 > -b24a-6d077342865f","disks":[{"data":{"org.apache.cloudstack.storage.t > o.VolumeObjectTO":{"uuid":"b61da4e1-121e-4e02-b345-35719deec994","volu > meType":"ROOT","dataStore":{"org.apache.cloudstack.storage.to.PrimaryD > ataStoreTO":{"uuid":"90ffa1df-e8bd-3e46-893d-bb9b63e0b180","id":2,"poo > lType":"NetworkFilesystem","host":"172.20.105.2","path":"/export/prave > en/csprimary","port":2049,"url":"NetworkFilesystem:// > 172.20.105.2//export/praveen/csprimary/?ROLE=Primary&STOREUUID=90ffa1d > f-e8bd-3e46-893d-bb9b63e0b180"}},"name":"ROOT-43","size":2621440000,"p > ath":"b61da4e1-121e-4e02-b345-35719deec994","volumeId":46,"vmName":"r- > 43-VM","accountId":7,"format":"QCOW2","id":46,"deviceId":0,"hypervisor > Type":"KVM"}},"diskSeq":0,"path":"b61da4e1-121e-4e02-b345-35719deec994 > ","type":"ROOT","_details":{"managed":"false","storagePort":"2049","st > orageHost":"172.20.105.2","volumeSize":"2621440000"}}],"nics":[{"devic > eId":0,"networkRateMbps":-1,"defaultNic":false,"uuid":"2d4b2574-5e7d-4 > 5e7-bcbb-f64d1d9237c1","ip":"169.254.1.131","netmask":"255.255.0.0","g > ateway":"169.254.0.1","mac":"0e:00:a9:fe:01:83","broadcastType":"LinkL > ocal","type":"Control","isSecurityGroupEnabled":false}]},"result":true > ,"wait":0}},{"com.cloud.agent.api.check.CheckSshAnswer":{"result":true > ,"wait":0}},{"com.cloud.agent.api.GetDomRVersionAnswer":{"templateVers > ion":"Cloudstack Release 4.3.0 (64-bit) Wed Jan 15 00:27:19 UTC > 2014","scriptsVersion":"07277b52f67248060835ca19947016cf","result":tru > e,"details":"Cloudstack Release 4.3.0 (64-bit) Wed Jan 15 00:27:19 UTC > 2014&07277b52f67248060835ca19947016cf","wait":0}},{"com.cloud.agent.ap > i.PlugNicAnswer":{"result":true,"details":"success","wait":0}},{"com.c > loud.agent.api.routing.IpAssocAnswer":{"results":["172.20.211.132 > - > success"],"result":true,"wait":0}},{"com.cloud.agent.api.routing.SetSo > urceNatAnswer":{"result":true,"details":"success","wait":0}},{"com.clo > ud.agent.api.NetworkUsageAnswer":{"routerName":"r-43-VM","bytesSent":0 > ,"bytesReceived":0,"result":true,"wait":0}}] > } > > > > Regards, > > Praveen Kumar > > > > -----Original Message----- > From: Geoff Higginbottom [mailto:geoff.higginbot...@shapeblue.com] > Sent: 02 April 2014 15:30 > To: users@cloudstack.apache.org > Subject: RE: VPN for VPC feature in 4.3 > > > > Praveen, > > > > I can confirm that User VPN for VPC works just like the User VPN for a > normal VR, but looking at your output below, you are missing eth2 > > > > Regards > > > > Geoff Higginbottom > > > > D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 > > > > geoff.higginbot...@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c > om> > > > > -----Original Message----- > > From: Praveen Buravilli [mailto:praveen.buravi...@citrix.com] > > Sent: 02 April 2014 03:37 > > To: users@cloudstack.apache.org<mailto:users@cloudstack.apache.org> > > Subject: VPN for VPC feature in 4.3 > > > > Hi, > > > > I have noticed an issue in working with VPN for VPC which is a new > feature introduced in CloudStack 4.3("1.1.6 Remote Access VPN for VPC" > section of CloudStack 4.3 release notes). > > Regular remote VPN for guest networks fine without any problem > whereas, VPN for VPN isn't working. > > > > When I checked the VPC router, there is no IP address assigned to its > public Nic. > > Has anyone noticed this behaviour? Does this seem like a bug? Any > known workaround available? > > > > VPC router interface details: > > ======================= > > root@r-38-VM:/etc/network# ifconfig -a > > eth0 Link encap:Ethernet HWaddr 0e:00:a9:fe:00:7d > > inet addr:169.254.0.125 Bcast:169.254.255.255 > Mask:255.255.0.0 > > inet6 addr: fe80::c00:a9ff:fefe:7d/64 Scope:Link > > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > > RX packets:1478 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:722 errors:0 dropped:0 overruns:0 carrier:0 > > collisions:0 txqueuelen:1000 > > RX bytes:126628 (123.6 KiB) TX bytes:124068 (121.1 KiB) > > > > eth1 Link encap:Ethernet HWaddr 06:59:68:00:00:1a > > BROADCAST MULTICAST MTU:1500 Metric:1 > > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 > > collisions:0 txqueuelen:1000 > > RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) > > > > lo Link encap:Local Loopback > > inet addr:127.0.0.1 Mask:255.0.0.0 > > inet6 addr: ::1/128 Scope:Host > > UP LOOPBACK RUNNING MTU:16436 Metric:1 > > RX packets:2 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:2 errors:0 dropped:0 overruns:0 carrier:0 > > collisions:0 txqueuelen:0 > > RX bytes:214 (214.0 B) TX bytes:214 (214.0 B) > > > > Thanks, > > Praveen Kumar > > Need Enterprise Grade Support for Apache CloudStack? > > Our CloudStack Infrastructure Support< > http://shapeblue.com/cloudstack-infrastructure-support/> offers the > best > 24/7 SLA for CloudStack Environments. > > > > Apache CloudStack Bootcamp training courses > > > > **NEW!** CloudStack 4.2.1 training< > http://shapeblue.com/cloudstack-training/> > > 18th-19th February 2014, Brazil. Classroom< > http://shapeblue.com/cloudstack-training/> > > 17th-23rd March 2014, Region A. Instructor led, On-line< > http://shapeblue.com/cloudstack-training/> > > 24th-28th March 2014, Region B. Instructor led, On-line< > http://shapeblue.com/cloudstack-training/> > > 16th-20th June 2014, Region A. Instructor led, On-line< > http://shapeblue.com/cloudstack-training/> > > 23rd-27th June 2014, Region B. Instructor led, On-line< > http://shapeblue.com/cloudstack-training/> > > > > This email and any attachments to it may be confidential and are > intended solely for the use of the individual to whom it is addressed. > Any views or opinions expressed are solely those of the author and do > not necessarily represent those of Shape Blue Ltd or related > companies. If you are not the intended recipient of this email, you > must neither take any action based upon its contents, nor copy or show > it to anyone. Please contact the sender if you believe you have > received this email in error. Shape Blue Ltd is a company incorporated > in England & Wales. ShapeBlue Services India LLP is a company > incorporated in India and is operated under license from Shape Blue > Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in > Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a > registered trademark. >