Internal traffic problem

[Otto Bretz]

Hello,

I can't get any traffic going between my instances.

I have a www1 instance with an external ip that I can ssh into without any problems. But now I have created a db instance with no external ip, and I cannot access this machine with ssh from the www1 instance. The ip seems to be resolving correctly but I don't get any replies from ping either. If I add an external ip to the db instance, I can ssh to it, but not ssh from the db to www1 instance. So both directions are blocked.

$ ping db
PING db.c.e-vard.internal (10.240.36.X): 56 data bytes
ping: sendto: Host is down

Both machines are on the same default network with the default firewalls. Both machines are running FreeBSD 9.2-RELEASE-p3

ifconfig from db:
vtnet0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1460 options=c01ba<TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,VLAN_HWTSO,LINKSTATE>

    ether 42:01:0a:f0:24:4a inet 10.240.36.74 netmask 0xffff0000 broadcast 10.240.255.255 

    nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>

    media: Ethernet 1000baseT <full-duplex>

    status: active

ifconfig from www1:
vtnet0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1460 options=c01ba<TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,VLAN_HWTSO,LINKSTATE>
    ether 42:01:0a:f0:7b:79
    inet 10.240.123.121 netmask 0xffff0000 broadcast 10.240.255.255

    inet 23.251.X.Y netmask 0xffff0000 broadcast 23.251.255.255
    inet 23.251.X.Z netmask 0xffff0000 broadcast 23.251.255.255 

    nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
    media: Ethernet 1000baseT <full-duplex>
    status: active

rc.conf (from db):
ifconfig_vtnet0="SYNCDHCP mtu 1460" 
sshd_enable="YES"
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
dumpdev="AUTO"
console="comconsole"

rc.conf (from www1):

same as for db but with two aliases, since I have two forwarding rules to the www1 instance.

ifconfig_vtnet0_alias0="inet 23.251.X.Y netmask 255.255.0.0"
ifconfig_vtnet0_alias1="inet 23.251.X.Z netmask 255.255.0.0"

Any ideas what I'm doing wrong?

cheers,

Otto

[Alex Gaysinsky]

Hi Otto,

Could you please check that the routing table on FreeBSD instances is right [you need to send all but the local traffic to the gateway].

Please try to run this command: "sudo route change 10.240.0.0/16 10.240.0.1". It might help.

-Alex

--
© 2013 Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043
 
Email preferences: You received this email because you signed up for the Google Compute Engine Discussion Google Group (gce-dis...@googlegroups.com) to participate in discussions with other members of the Google Compute Engine community and the Google Compute Engine Team.
---
You received this message because you are subscribed to the Google Groups "gce-discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gce-discussio...@googlegroups.com.
To post to this group, send email to gce-dis...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/gce-discussion/cd027a3b-4ad7-49d5-b8a8-bd73c63b3db7%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

--

Alex Gaysinsky | Product Manager | gays...@google.com | 310-406-4298

[Otto Bretz]

On Friday, February 21, 2014 10:31:39 PM UTC+1, gaysinsky wrote:

Hi Otto,

Could you please check that the routing table on FreeBSD instances is right [you need to send all but the local traffic to the gateway].

Please try to run this command: "sudo route change 10.240.0.0/16 10.240.0.1". It might help.

-Alex

That worked, thank you very much Alex!

[Otto Bretz]

Something is still wrong. My www1 instance is working well but the db instance loses the network connection randomly.

When the connection is gone, I cannot ssh to the machine (neither from external ip or internal) or ping it from the internal net.

Could this also be a routing issue? The only thing that differs is that the www1 instance has additional ips as aliases and is behind the load balancer. But adding an alias to the db instance doesn't seem to help.

routes after boot:

Destination        Gateway            Flags    Refs      Use  Netif Expire

default            10.240.0.1         UGS         0       71 vtnet0

10.240.0.0         link#1             U           0        0 vtnet0

db                 link#1             UHS         0        0    lo0

localhost          link#2             UH          0        0    lo0

routes after the routes add command you suggested:

Destination        Gateway            Flags    Refs      Use  Netif Expire

default            10.240.0.1         UGS         0      133 vtnet0

10.240.0.0         10.240.0.1         UGS         0        2 vtnet0

db                 link#1             UHS         0        0    lo0

localhost          link#2             UH          0        0    lo0

I've tried with both FreeBSD 9.2 and 10.0. And it's the same problem with both versions.

Shouldn't the routes be automatically set up on boot? When I'm booting my OpenBSD image, I don't have to change anything.

routes from openbsd:

Destination        Gateway            Flags   Refs      Use   Mtu  Prio Iface

default            10.240.0.1         UGS        2       68     -     8 vio0 

10.240.0.1         42:01:0a:f0:00:01  UHLc       1        0     -     8 vio0 

10.240.0.1/32      link#1             UCS        1        0     -     8 vio0 

openbsd.c.e-vard.i link#1             UC         0        0     -     4 vio0 

loopback           localhost          UGRS       0        0 33144     8 lo0  

localhost          localhost          UH         1        0 33144     4 lo0  

BASE-ADDRESS.MCAST localhost          URS        0        0 33144     8 lo0