[ovs-discuss] Connection to VM issue

Polossat, Arnaud [FR] arnaud.polossat at fr.airbus.com
Fri Sep 14 11:22:55 UTC 2018 

Hello,

I would like to connect a CentOS 7 virtual machine to an Open vSwitch 2.5.0 (OVS) with SSH. The OVS is installed on a CentOS 7 physical server and the VM, which runs on the same server, is managed with VirtualBox. The interface in the OVS, called vnet7, is internal type, and has been added in VirtualBox as a Bridge.
I put the IP address 10.0.0.8/28 in the OVS to enable it to communicate with the VM (the latter has the IP address 10.0.0.7/28).
Here is a schema of the configuration:
[Schema]

The setup of OVS is as follows:
ovs-vsctl add-br ovs1
ovs-vsctl add-port ovs1 vnet7
ovs-vsctl set Interface vnet7 type=internal
ip link set vnet7 up
ip addr add 10.0.0.8/28 dev ovs1
ip link set ovs1 up

In the server and the VM, ip routes are correct, there is no Iptables, Firewalld is disabled and SELinux is in permissive mode.
However, I do not manage to connect the VM to the OVS with SSH (or conversely to connect the server with OVS to the VM) whereas Nmap shows that port 22 is open.
In addition, I completed several tests:

*         I can ping the OVS from the VM, and the VM from the physical server.

*         UDP traffic generated with Iperf from the VM to the server is also working, but not conversely.

*         If I connect another VM to the OVS (still installed on the same server), the 2 VMs are able to communicate with TCP.

For example, a tcpdump in the server while launching a ssh 10.0.0.8 from the VM shows:

[cid:image004.jpg at 01D44C2E.0B4A1CC0]

The server receives SYN flags but doesn't reply with an ACK.

A tcpdump in the VM while launching a ssh 10.0.0.7 form the server with the OVS shows:

[cid:image006.jpg at 01D44C2E.0B4A1CC0]

Flags are diverse but the TCP session remains not established.

Surprisingly, the result differs sometimes. In the server after a ssh from the VM:

[Tcpdump SSH server 2]

In the VM after a ssh from the server:

[Tcpdump SSH VM 2]

Do you have any idea about this kind of issue and the way to solve it?

Thank you very much in advance for answering my question.

Best regards,

Arnaud POLOSSAT
Airbus Defence and Space
1, Bvd Jean Moulin, CS 40001
78 996 Elancourt Cedex, France
E-mail: arnaud.polossat at fr.airbus.com<mailto:arnaud.polossat at fr.airbus.com>


***************************************************************
Ce courriel (incluant ses eventuelles pieces jointes) peut contenir des informations confidentielles et/ou protegees ou dont la diffusion est restreinte. Si vous avez recu ce courriel par erreur, vous ne devez ni le copier, ni l'utiliser, ni en divulguer le contenu a quiconque. Merci d'en avertir immediatement l'expediteur et d'effacer ce courriel de votre systeme. Airbus Defence and Space et les sociétés Airbus Group declinent toute responsabilite en cas de corruption par virus, d'alteration ou de falsification de ce courriel lors de sa transmission par voie electronique.
This email (including any attachments) may contain confidential and/or privileged information or information otherwise protected from disclosure. If you are not the intended recipient, please notify the sender immediately, do not copy this message or any attachments and do not use it for any purpose or disclose its content to any person, but delete this message and any attachments from your system. Airbus Defence and Space and Airbus Group companies disclaim any and all liability if this email transmission was virus corrupted, altered or falsified. 
---------------------------------------------------------------------
Airbus Defence and Space SAS (393 341 516 RCS Toulouse) - Capital: 29.821.072 EUR - Siege social: 31 rue des Cosmonautes, ZI du Palays, 31402 Toulouse cedex 4, France
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20180914/5afb3cec/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.jpg
Type: image/jpeg
Size: 7025 bytes
Desc: image002.jpg
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20180914/5afb3cec/attachment-0005.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.jpg
Type: image/jpeg
Size: 23384 bytes
Desc: image004.jpg
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20180914/5afb3cec/attachment-0006.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image006.jpg
Type: image/jpeg
Size: 56313 bytes
Desc: image006.jpg
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20180914/5afb3cec/attachment-0007.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image008.jpg
Type: image/jpeg
Size: 43896 bytes
Desc: image008.jpg
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20180914/5afb3cec/attachment-0008.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image010.jpg
Type: image/jpeg
Size: 25053 bytes
Desc: image010.jpg
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20180914/5afb3cec/attachment-0009.jpg>

More information about the discuss mailing list