[SOLVED] Trouble with networking after successul install

Community Support
1

I have successfully installed OpenNebula 5.4 and everything is working perfectly, but am having trouble with the networking piece. I have successfully launched VMs (ttylinux and Ubuntu 17.04) and they are getting an IP address from the virtual network created. I am able to ping/ssh/etc to the VMs from the frontend/node, however I am unable to reach the VMs from any other machine on the network.

Pretty sure I am just not seeing the forest because of all the trees…

This is my setup/config:
OpenNebula 5.4 on single Ubuntu 16.04 frontend/node with one NIC.
$ brctl show
bridge name bridge id STP enabled interfaces
virbr0 8000.525400ae5d29 yes virbr0-nic

ifconfig
ens33 Link encap:Ethernet HWaddr 00:0c:29:88:c1:50
inet addr:192.168.1.78 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: 2602:30a:2e51:9990:20c:29ff:fe88:c150/64 Scope:Global
inet6 addr: fe80::20c:29ff:fe88:c150/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:539812 errors:0 dropped:0 overruns:0 frame:0
TX packets:315876 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:545254455 (545.2 MB) TX bytes:51029756 (51.0 MB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:598642 errors:0 dropped:0 overruns:0 frame:0
TX packets:598642 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:1947163247 (1.9 GB) TX bytes:1947163247 (1.9 GB)

virbr0 Link encap:Ethernet HWaddr 52:54:00:ae:5d:29
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1174 errors:0 dropped:0 overruns:0 frame:0
TX packets:1242 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:144190 (144.1 KB) TX bytes:132279 (132.2 KB)

$ onevnet show 0
VIRTUAL NETWORK 0 INFORMATION
ID : 0
NAME : test_network
USER : oneadmin
GROUP : oneadmin
CLUSTERS : 0
BRIDGE : virbr0
VN_MAD : fw
USED LEASES : 1

PERMISSIONS
OWNER : um-
GROUP : —
OTHER : —

VIRTUAL NETWORK TEMPLATE
BRIDGE="virbr0"
GATEWAY=“192.168.122.1"
PHYDEV=”"
SECURITY_GROUPS=“0"
VLAN_ID=”"
VN_MAD=“fw”

ADDRESS RANGE POOL
AR 0
SIZE : 24
LEASES : 1

RANGE FIRST LAST
MAC 02:00:c0:a8:7a:02 02:00:c0:a8:7a:19
IP 192.168.122.2 192.168.122.25

LEASES
AR OWNER MAC IP IP6
0 V:6 02:00:c0:a8:7a:02 192.168.122.2 -

VIRTUAL ROUTERS

$ onetemplate show 1
TEMPLATE 1 INFORMATION
ID : 1
NAME : Ubuntu 17.04 - KVM
USER : oneadmin
GROUP : oneadmin
REGISTER TIME : 09/28 07:54:03

PERMISSIONS
OWNER : um-
GROUP : —
OTHER : —

TEMPLATE CONTENTS
CONTEXT=[
NETWORK=“YES”,
SSH_PUBLIC_KEY="$USER[SSH_PUBLIC_KEY]" ]
CPU=“1"
DISK=[
IMAGE_ID=“1” ]
GRAPHICS=[
LISTEN=“0.0.0.0”,
TYPE=“VNC” ]
INPUTS_ORDER=”"
LOGO="images/logos/ubuntu.png"
MEMORY=“768"
MEMORY_UNIT_COST=“MB"
NIC=[
NETWORK=“test_network”,
NETWORK_UNAME=“oneadmin” ]
OS=[
ARCH=“x86_64”,
BOOT=”” ]

$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp – anywhere anywhere udp dpt:domain
ACCEPT tcp – anywhere anywhere tcp dpt:domain
ACCEPT udp – anywhere anywhere udp dpt:bootps
ACCEPT tcp – anywhere anywhere tcp dpt:bootps

Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all – anywhere 192.168.122.0/24 ctstate RELATED,ESTABLISHED
ACCEPT all – 192.168.122.0/24 anywhere
ACCEPT all – anywhere anywhere
REJECT all – anywhere anywhere reject-with icmp-port-unreachable
REJECT all – anywhere anywhere reject-with icmp-port-unreachable
opennebula all – anywhere anywhere PHYSDEV match --physdev-is-bridged

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp – anywhere anywhere udp dpt:bootpc

I get the feeling I am using maybe the wrong NIC/bridge or something similar. Maybe the bridge isn’t forwarding packets? Any help would be greatly appreciated.
Thanks

2

Hi,

According to https://help.ubuntu.com/community/KVM/Networking if you doesn’t change anything you have “Usermode Networking”. There are several ways to resolve the issue depending on your target goal. Most of them described in the above document. In brief you have a couple of ways:

  • Routed network traffic - you should figure out how to allow & route the traffic between the “other” machines and the VM.
  • Bridged network traffic - you should add the NIC where the “other” network belong to the bridge, reconfigure the brige to be just a bridge and reconfigure OpenNebula to use IPs from the same network segment as the “other” network keeping in mind that you must avoid IP collisions.

Best Regards,
Anton Todorov

3

If I reading/understanding the documentation, it appears I running in ‘usermode’ but I need to set up bridged.

So would the advice be to completely start over, or can I just set up bridged networking, then create that network in opennebula and assign guests/VMs to it?

Thanks in advance!!

4

I went ahead and created the bridged network according to the documentation above, and created a new virtual network using the bridged interface. Everything now appears to be working correctly.

I believe I was making it a little harder than it was and overthinking it too much…

Thanks again!!