[ovs-discuss] connect: Network is unreachable (container-->VM-->Phys Host)

Orabuntu-LXC gilbert at orabuntu-lxc.com
Fri Nov 24 00:07:10 UTC 2017 

note 1. An LXC container is attached to sx1 10.207.29.12 in a VM as shown
below.  Interface enp0s8 is the virtual NIC of the VM.  Interface enp0s8 is
a port on OvS sx1.
I can ping the DNS/DHCP server from the VM.

[ubuntu at ol74a-server ~]$ ifconfig enp0s8
enp0s8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::6fa9:356a:157c:f4df  prefixlen 64  scopeid 0x20<link>
        ether 08:00:27:78:ba:24  txqueuelen 1000  (Ethernet)
        RX packets 26  bytes 2660 (2.5 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 37  bytes 4778 (4.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[ubuntu at ol74a-server ~]$ ifconfig sx1
sx1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1420
        inet 10.207.29.12  netmask 255.255.255.0  broadcast 10.207.29.255
        inet6 fe80::a00:27ff:fe78:ba24  prefixlen 64  scopeid 0x20<link>
        ether 08:00:27:78:ba:24  txqueuelen 0  (Ethernet)
        RX packets 34  bytes 4404 (4.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 9  bytes 690 (690.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[ubuntu at ol74a-server ~]$ sudo ovs-vsctl show
1136907e-2980-4387-a939-7ca072762a96
    Bridge "sx1"
        Port "oel73c11"
            Interface "oel73c11"
        Port "a3"
            Interface "a3"
        Port "enp0s8"
            Interface "enp0s8"
        Port "a1"
            Interface "a1"
        Port "a2"
            Interface "a2"
        Port "sx1"
            Interface "sx1"
                type: internal

note 2:  I can ping "olive" the DNS/DHCP server from the VM, I can ssh to
"olive" and there demonstrate that the requisite DNS/DHCP is active and
working:

[ubuntu at ol74a-server ~]$ ping -c 3 olive
PING olive.urdomain1.com (10.207.39.2) 56(84) bytes of data.
64 bytes from olive.urdomain1.com (10.207.39.2): icmp_seq=1 ttl=64
time=2.88 ms
64 bytes from olive.urdomain1.com (10.207.39.2): icmp_seq=2 ttl=64
time=0.440 ms
64 bytes from olive.urdomain1.com (10.207.39.2): icmp_seq=3 ttl=64
time=0.451 ms

--- olive.urdomain1.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 0.440/1.257/2.882/1.149 ms
[ubuntu at ol74a-server ~]$ ssh olive
ubuntu at olive's password:
Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.13.0-17-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage
Last login: Thu Nov 23 23:24:49 2017 from 10.207.39.1
ubuntu at olive:~$ service isc-dhcp-server status
Failed to connect to bus: No such file or directory
Failed to connect to bus: No such file or directory
ubuntu at olive:~$ sudo service isc-dhcp-server status
[sudo] password for ubuntu:
● isc-dhcp-server.service - ISC DHCP IPv4 server
   Loaded: loaded (/lib/systemd/system/isc-dhcp-server.service; enabled;
vendor preset: enabled)
   Active: active (running) since Thu 2017-11-23 23:43:09 UTC; 7min ago
     Docs: man:dhcpd(8)
 Main PID: 187 (dhcpd)
   CGroup: /system.slice/isc-dhcp-server.service
           └─187 dhcpd -user dhcpd -group dhcpd -f -4 -pf
/run/dhcp-server/dhcpd.pid -cf /etc/dhcp/dhcpd.conf eth0 eth1

Nov 23 23:44:22 olive dhcpd[187]: DHCPDISCOVER from 00:16:3e:99:78:05
(oel73c11) via eth1
Nov 23 23:44:22 olive dhcpd[187]: DHCPOFFER on 10.207.29.13 to
00:16:3e:99:78:05 (oel73c11) via eth1
Nov 23 23:44:34 olive dhcpd[187]: DHCPDISCOVER from 00:16:3e:99:78:05
(oel73c11) via eth1
Nov 23 23:44:34 olive dhcpd[187]: DHCPOFFER on 10.207.29.13 to
00:16:3e:99:78:05 (oel73c11) via eth1
Nov 23 23:44:48 olive dhcpd[187]: DHCPDISCOVER from 00:16:3e:99:78:05
(oel73c11) via eth1
Nov 23 23:44:48 olive dhcpd[187]: DHCPOFFER on 10.207.29.13 to
00:16:3e:99:78:05 (oel73c11) via eth1
Nov 23 23:44:59 olive dhcpd[187]: DHCPDISCOVER from 00:16:3e:99:78:05
(oel73c11) via eth1
Nov 23 23:44:59 olive dhcpd[187]: DHCPOFFER on 10.207.29.13 to
00:16:3e:99:78:05 (oel73c11) via eth1
Nov 23 23:45:08 olive dhcpd[187]: DHCPDISCOVER from 00:16:3e:99:78:05
(oel73c11) via eth1
Nov 23 23:45:08 olive dhcpd[187]: DHCPOFFER on 10.207.29.13 to
00:16:3e:99:78:05 (oel73c11) via eth1
ubuntu at olive:~$ sudo service bind9 status
● bind9.service - BIND Domain Name Server
   Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor
preset: enabled)
  Drop-In: /run/systemd/generator/bind9.service.d
           └─50-insserv.conf-$named.conf
   Active: active (running) since Thu 2017-11-23 23:43:09 UTC; 7min ago
     Docs: man:named(8)
 Main PID: 185 (named)
   CGroup: /system.slice/bind9.service
           └─185 /usr/sbin/named -f -u bind

Nov 23 23:43:09 olive named[185]: zone 27.172.in-addr.arpa/IN: loaded
serial 1
Nov 23 23:43:09 olive named[185]: zone 22.172.in-addr.arpa/IN: loaded
serial 1
Nov 23 23:43:09 olive named[185]: zone urdomain2.com/IN: loaded serial
1610212002
Nov 23 23:43:09 olive named[185]: zone 20.172.in-addr.arpa/IN: loaded
serial 1
Nov 23 23:43:09 olive named[185]: zone 127.in-addr.arpa/IN: loaded serial 1
Nov 23 23:43:09 olive named[185]: zone 21.172.in-addr.arpa/IN: loaded
serial 1
Nov 23 23:43:09 olive named[185]: zone 168.192.in-addr.arpa/IN: loaded
serial 1
Nov 23 23:43:09 olive named[185]: zone 24.172.in-addr.arpa/IN: loaded
serial 1
Nov 23 23:43:09 olive named[185]: all zones loaded
Nov 23 23:43:09 olive named[185]: running
ubuntu at olive:~$ exit
logout
Connection to olive closed.
[ubuntu at ol74a-server ~]$ nslookup ol74a-server
Server:        10.207.29.2
Address:    10.207.29.2#53

Name:    ol74a-server.urdomain1.com
Address: 10.207.39.12

[ubuntu at ol74a-server ~]$

note 3:  In summary, a container "olive" provides containerized DNS/DHCP
services, and the VM can successfully use those DNS/DHCP services.

note 4:  Now I start LXC container "oel73c11" on OvS sx1 but I have no
connectivity to the 10.207.29.x network.  I get

[root at oel73c11 /]# ping 10.207.29.2
connect: Network is unreachable

When I trace packets with dhcpdump on the physical host I get nothing if
only eth0 on sx1 is started in the oel73c11 container, but if set eth0 in
oel73c11 container to start on the default lxcbr0 (which can reach
10.207.29.2 olive) now I get a DHCPNAK message as shown below.

ubuntu at athens:~$ sudo dhcpdump -i sx1
  TIME: 2017-11-23 18:02:19.534
    IP: 0.0.0.0 (0:16:3e:99:78:8) > 255.255.255.255 (ff:ff:ff:ff:ff:ff)
    OP: 1 (BOOTPREQUEST)
 HTYPE: 1 (Ethernet)
  HLEN: 6
  HOPS: 0
   XID: 41de231b
  SECS: 0
 FLAGS: 0
CIADDR: 0.0.0.0
YIADDR: 0.0.0.0
SIADDR: 0.0.0.0
GIADDR: 0.0.0.0
CHADDR: 00:16:3e:99:78:08:00:00:00:00:00:00:00:00:00:00
 SNAME: .
 FNAME: .
OPTION:  53 (  1) DHCP message type         3 (DHCPREQUEST)
OPTION:  50 (  4) Request IP address        10.42.147.244
OPTION:  12 (  8) Host name                 oel73c11
OPTION:  55 ( 13) Parameter Request List      1 (Subnet mask)
                         28 (Broadcast address)
                          2 (Time offset)
                        121 (Classless Static Route)
                         15 (Domainname)
                          6 (DNS server)
                         12 (Host name)
                         40 (NIS domain)
                         41 (NIS servers)
                         42 (NTP servers)
                         26 (Interface MTU)
                        119 (Domain Search)
                          3 (Routers)

---------------------------------------------------------------------------

  TIME: 2017-11-23 18:02:19.534
    IP: 10.207.29.2 (0:16:3e:ce:de:26) > 255.255.255.255 (ff:ff:ff:ff:ff:ff)
    OP: 2 (BOOTPREPLY)
 HTYPE: 1 (Ethernet)
  HLEN: 6
  HOPS: 0
   XID: 41de231b
  SECS: 0
 FLAGS: 7f80
CIADDR: 0.0.0.0
YIADDR: 0.0.0.0
SIADDR: 0.0.0.0
GIADDR: 0.0.0.0
CHADDR: 00:16:3e:99:78:08:00:00:00:00:00:00:00:00:00:00
 SNAME: .
 FNAME: .
OPTION:  53 (  1) DHCP message type         6 (DHCPNAK)
OPTION:  54 (  4) Server identifier         10.207.29.2
OPTION:  56 ( 31) Message                   requested address not available
---------------------------------------------------------------------------

  TIME: 2017-11-23 18:02:19.534
    IP: 0.0.0.0 (0:16:3e:99:78:8) > 255.255.255.255 (ff:ff:ff:ff:ff:ff)
    OP: 1 (BOOTPREQUEST)
 HTYPE: 1 (Ethernet)
  HLEN: 6
  HOPS: 0
   XID: 3e62b47c
  SECS: 0
 FLAGS: 0
CIADDR: 0.0.0.0
YIADDR: 0.0.0.0
SIADDR: 0.0.0.0
GIADDR: 0.0.0.0
CHADDR: 00:16:3e:99:78:08:00:00:00:00:00:00:00:00:00:00
 SNAME: .
 FNAME: .
OPTION:  53 (  1) DHCP message type         1 (DHCPDISCOVER)
OPTION:  12 (  8) Host name                 oel73c11
OPTION:  55 ( 13) Parameter Request List      1 (Subnet mask)
                         28 (Broadcast address)
                          2 (Time offset)
                        121 (Classless Static Route)
                         15 (Domainname)
                          6 (DNS server)
                         12 (Host name)
                         40 (NIS domain)
                         41 (NIS servers)
                         42 (NTP servers)
                         26 (Interface MTU)
                        119 (Domain Search)
                          3 (Routers)

---------------------------------------------------------------------------

Are there any additional settings needed to get DHCP to work from an LXC
container going through a VM to the physical host where the DNS/DHCP is
running?

container--> sx1 on VM --> sx1 on Phys Host --> olivex port on sx1 --> olive

Thanks,
-- 
Gilbert Standen
Creator Orabuntu-LXC
914-261-4594
gilbert at orabuntu-lxc.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20171123/9c499b87/attachment.html>

More information about the discuss mailing list