[ovs-discuss] vm with openvswitch+KVM can not access extranal network, can ping gateway

不坏阿峰 onlydebian at gmail.com
Thu Aug 22 10:53:35 UTC 2013 

vm with openvswitch+KVM can not access extranal network, can ping gateway

Cloudstack4.1.1
A: one kvm host ubuntu12.04 with openvswitch,
B:  xen server6.0,
C: one kvm host centos with openvswitch

in cloudstack have two network.
Guestvlan301 Isolated 192.168.31.0/24 ,Egress rule,   0.0.0.0/0 all
Guestvlan300 Isolated  192.168.31.0/24  ,Egress rule,   0.0.0.0/0 all


①:vrouter301 run on Xen,   Public IP Address 192.168.240.54 Guest IP
Address 192.168.31.1
   vm in vlan301 ,can ping gateway 192.168.31.1 and can access
internet. vm can run on kvm or xen, both ok.

②:vronter300 run on Kvm with openvswitch,   Public IP Address
192.168.240.53 Guest IP Address 192.168.30.1
   vm in vlan300 ,can ping gateway 192.168.30.1, but can not access
internet.  vrouter can access internet.

how to make vm under kvm+openvswitch to access outside network and internet


[root at centos-kvm01 libvirt]# ovs-vsctl show
7cb5f505-7ac1-4403-9f9d-101882ed7bad
    Bridge kvmmgt
        Port kvmmgt
            Interface kvmmgt
                type: internal
        Port "eth0"
            Interface "eth0"
    Bridge "cloudbr0"
        Port "cloudbr0"
            Interface "cloudbr0"
                type: internal
        Port "eth1"
            Interface "eth1"           ## Eth1 uplink port is Esxi
vswitch in promiscuous mode,  Xen server Eth1 uplink this too, can
work fine ; Kvm use native bridge work fine too.
        Port "vnet3"
            tag: 240
            Interface "vnet3"
        Port "vnet0"
            tag: 301
            Interface "vnet0"
        Port "vnet1"
            tag: 300
            Interface "vnet1"
        Port "vnet4"
            tag: 240
            Interface "vnet4"
    Bridge "cloud0"
        Port "cloud0"
            Interface "cloud0"
                type: internal
        Port "vnet2"
            Interface "vnet2"
    Bridge storage
        Port "eth2"
            Interface "eth2"
        Port storage
            Interface storage
                type: internal
    ovs_version: "1.10.0"


i do the test,
  one VM 192.168.30.90  run  ping 192.168.123.1
  vrouter 192.168.30.1(outside IP 192.168.240.53 vlan 240)  run  ping
www.google.com

[root at centos-kvm01 ~]# ovs-dpctl dump-flows |grep 30.90

in_port(9),eth(src=02:00:07:94:00:09,dst=02:00:3c:30:00:06),eth_type(0x0806),arp(sip=192.168.30.1,tip=192.168.30.90,op=2,sha=02:00:07:94:00:09,tha=02:00:3c:30:00:06),
packets:0, bytes:0, used:never, actions:push_vlan(vid=300,pcp=0),5
in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=63,frag=no),icmp(type=8,code=0),
packets:5855, bytes:573790, used:0.810s,
actions:push_vlan(vid=240,pcp=0),5
in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.30.90,tip=192.168.30.1,op=1,sha=02:00:3c:30:00:06,tha=00:00:00:00:00:00)),
packets:0, bytes:0, used:never, actions:pop_vlan,9
in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0)),
packets:5855, bytes:597210, used:0.809s, actions:pop_vlan,9

######   actions:push_vlan(vid=240,pcp=0),5  ,  this is maybe have
some problem !!!!!!!  is it??




[root at centos-kvm01 ~]# ovs-dpctl dump-flows |grep 240.53
in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.240.53,dst=74.125.128.105,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0),
packets:6167, bytes:604366, used:0.486s,
actions:push_vlan(vid=240,pcp=0),5
in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.240.1,tip=192.168.240.53,op=1,sha=00:50:56:97:5c:55,tha=00:00:00:00:00:00)),
packets:0, bytes:0, used:never, actions:pop_vlan,11
in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0800),ipv4(src=74.125.128.105,dst=192.168.240.53,proto=1,tos=0,ttl=49,frag=no),icmp(type=0,code=0)),
packets:6059, bytes:618018, used:0.450s, actions:pop_vlan,11
in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0806),arp(sip=192.168.240.53,tip=192.168.240.1,op=2,sha=06:28:b6:00:01:20,tha=00:50:56:97:5c:55),
packets:0, bytes:0, used:never, actions:push_vlan(vid=240,pcp=0),5

More information about the discuss mailing list