Cant able to connect Vms of different Vnets using Virtual Routers

Community Support
1

This is my VR-VM:

Information

  • ID: 89
  • Name: vr-vr-192-route
  • State: ACTIVE
  • LCM State: RUNNING
  • Host:
  • IP Addresses:
    • 0: 172.16.*.*
    • 1: 192.168.*.* subnet-1
    • 2: 192.168.*.* subnet-2
  • Start Time: 11:52:42, 31/03/2025
  • Deploy ID: 500940a9-384a-4cd1-9ee6-39243bcb3a34
  • Reschedule: No

Issue:
I can ping both VNET gateway IPs and two VMs from vrouter:~# However, from inside a VM, I am unable to ping a VM in another VNET.

From: ---------- TO:
VR (vrouter)|VNET-1 Gateway (192.168.10.1)|βœ… Reachable|
VR (vrouter)|VNET-2 Gateway (192.168.10.129)|βœ… Reachable|
VR (vrouter)|VM1 (192.168.*.* in Subnet-1)|βœ… Reachable|
VR (vrouter)|VM2 (192.168.*.* in Subnet-2)|βœ… Reachable|
VM1 (Subnet-1)|VNET-1 Gateway (192.168.*.1)|βœ… Reachable|
VM1 (Subnet-1)|VM2 (192.168.*.* in Subnet-2)|❌ Not Reachable|
VM2 (Subnet-2)|VNET-2 Gateway (192.168.*.129)|βœ… Reachable|
VM2 (Subnet-2)|VM1 (192.168.*.* in Subnet-1)|❌ Not Reachable|

Can you say where I might be missing something?

1 Like
2

Can you please say where i am missing.

3

Hello @Senthil_Kumar_M,

It looks like you have some issues with the Virtual Router. As I’ve mentioned on the other thread, please check our Documentation:
Documentation: Virtual Routers

As possible steps, it is suggested to follow these:

  • Verify Virtual Router Interface IPs
  • Check VM Gateway Settings
  • Inspect Firewall and Security Group Rules
  • Enable IP Forwarding on Virtual Router

Hope it helps, but let us know if the issue continues.

Cheers,

1 Like
4

Hi , Thanks for your Tremendous Support.

I am sending you all configuration of mine pls say where i am missing .

As per your reply i added routes on both vms.

VM-1:

[root@localhost ~]# ip r s
default via 192.168.10.3 dev eth0 proto static metric 10
192.168.10.0/25 dev eth0 proto kernel scope link src 192.168.10.5 metric 10
192.168.10.128/25 via 192.168.10.3 dev eth0
[root@localhost ~]# ping 192.168.10.133
PING 192.168.10.133 (192.168.10.133) 56(84) bytes of data.
^C
β€” 192.168.10.133 ping statistics β€”
1 packets transmitted, 0 received, 100% packet loss, time 0ms

VM-2 :

[root@localhost ~]# ip r s
default via 192.168.10.131 dev eth0 proto static metric 10
192.168.10.0/25 via 192.168.10.131 dev eth0
192.168.10.128/25 dev eth0 proto kernel scope link src 192.168.10.133 metric 10
[root@localhost ~]# ping 192.168.10.5
PING 192.168.10.5 (192.168.10.5) 56(84) bytes of data.
^C
β€” 192.168.10.5 ping statistics β€”
1 packets transmitted, 0 received, 100% packet loss, time 0ms

Also done Ip forwading in vrouters:
vrouter:~# cat /etc/sysctl.d/98-Router4.conf
net.ipv4.ip_forward = 0
net.ipv4.conf.all.forwarding = 0
net.ipv4.conf.default.forwarding = 0
net.ipv4.conf.eth0.forwarding = 1
net.ipv4.conf.eth1.forwarding = 1
net.ipv4.conf.eth2.forwarding = 0

vrouter:~#

This is my router vm template :
onevm update 100 ( virtual router configuration).txt (2.0 KB)

Also in iptables :

vrouter:~# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT 1 – 0.0.0.0/0 0.0.0.0/0
ACCEPT 0 – 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT 0 – 192.168.10.0/25 192.168.10.128/25
ACCEPT 0 – 192.168.10.128/25 192.168.10.0/25
ACCEPT 0 – 0.0.0.0/0 0.0.0.0/0
ACCEPT 0 – 0.0.0.0/0 0.0.0.0/0
ACCEPT 1 – 192.168.10.0/25 192.168.10.128/25
ACCEPT 1 – 192.168.10.128/25 192.168.10.0/25

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Still i did not get this file why ?

/ _ \ | '_ \ / _ \ OpenNebula Service Appliance
| () || | | || /
_/ || |_| ___|

All set and ready to serve 8)

vrouter:~# tail -f /var/log/one-appliance/ONE_configure.log
tail: cannot open β€˜/var/log/one-appliance/ONE_configure.log’ for reading: No such file or directory
tail: no files remaining
vrouter:~# cat /etc/one-appliance/config
cat: /etc/one-appliance/config: No such file or directory
vrouter:~#

can you pls say where i am missing configuration to make connectvity between subnet-1 vm to subnet 2 vm?

5

Looking for your response

6

Could you do a mtr IP_NOT_REACHABLE on the non-reachable routes to see where does the communication stop?