Bug #4628
the public image 'alpine-vrouter (KVM)' doesn't forward packets
Status: | Pending | Start date: | 07/11/2016 | |
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | - | % Done: | 0% | |
Category: | MarketPlace | |||
Target version: | - | |||
Resolution: | Pull request: | |||
Affected Versions: | OpenNebula 5.0 |
Description
I wanted to know if it's vrouter that's not forwarding the packets so tried to install the alpine linux package 'tshark' but it didn't have any space in the partition of '/'. could anyone please help me with this problem?
Best Wishes.
here's the network topology:
here's the log from the vrouter:
You can setup the system with the command: setup-alpine
You may change this message by editing /etc/motd.
vr-test0:~# ip route
default via 116.193.90.65 dev eth1
10.0.0.32/27 dev eth0 proto kernel scope link src 10.0.0.33
116.193.90.64/28 dev eth1 proto kernel scope link src 116.193.90.74
vr-test0:~# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 02:00:0a:00:00:21 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.33/27 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::aff:fe00:21/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 02:00:74:c1:5a:4a brd ff:ff:ff:ff:ff:ff
inet 116.193.90.74/28 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::74ff:fec1:5a4a/64 scope link
valid_lft forever preferred_lft forever
vr-test0:~# iptables-save
\# Generated by iptables-save v1.4.21 on Mon Jul 11 10:59:12 2016
*filter
:INPUT ACCEPT [42635:54269948]
:FORWARD DROP [239:20044]
:OUTPUT ACCEPT [100713:4382758]
-A INPUT -i eth0 -p tcp -m tcp --dport 443 -j DROP
-A INPUT -i eth1 -p tcp -m tcp --dport 443 -j DROP
-A FORWARD -i eth0 -o eth1 -j ACCEPT
-A FORWARD -i eth1 -o eth0 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 443 -j DROP
-A OUTPUT -o eth1 -p tcp -m tcp --sport 443 -j DROP
COMMIT
\# Completed on Mon Jul 11 10:59:12 2016
vr-test0:~# pgrep iptables
vr-test0:~# /etc/init.d/iptables stop
* WARNING: you are stopping a boot service
* Saving iptables state ... [ ok ]
* Stopping firewall ... [ ok ]
vr-test0:~# /etc/init.d/iptables stop
* WARNING: iptables is already stopped
vr-test0:~# /etc/init.d/iptables stop
* WARNING: iptables is already stopped
vr-test0:~# cat /etc/sysctl.
sysctl.conf sysctl.d/
vr-test0:~# cat /etc/sysctl.
sysctl.conf sysctl.d/
vr-test0:~# cat /etc/sysctl.d/
00-alpine.conf 01-one.conf README
vr-test0:~# cat /etc/sysctl.d/01-one.conf
net.ipv4.ip_forward = 1
vr-test0:~# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1
here's the log from a VM in the private network: