#4025 routing problem between guests in cloud
Closed: Fixed None Opened 10 years ago by msuchy.

I have routing problem between two guests in Fedora Cloud.

Try this:
curl http://copr-be.cloud.fedoraproject.org/results/msuchy/copr/fedora-19-x86_64/
it works from wild internet.
But if I try it from:
copr-be-dev.cloud.fedoraproject.org
or
copr-fe-dev.cloud.fedoraproject.org
it does not work:
curl: (7) Failed connect to copr-be.cloud.fedoraproject.org:80; Connection timed out

Strange is that ping from copr-fe-dev to copr-be works.
And it does not work even if I disable iptables on both machines.
Strange is that the same action works, when executed on copr-fe machine (i.e without -dev suffix).

Can be something set up in security group of copr-be.cloud.fedoraproject.org?
In file:
./inventory/host_vars/209.132.184.142
is:
security_group: webserver
I'm not sure how it is defined, but I naively expect this is correct.

Hmm I can not even connect to ssh between those two, so it is not related to http daemon, but it will be really some network misconfiguration.

Can someone please investigate?


So, this is a known bug we ran into a while back with openstack. ;(

If two instances are both on the same compute node, they are unable to talk to each others external ip's. It's a bug in the way that it sets up iptables/arptables. ;(

As a work around can you use the internal ip's instead of external?

Hopefully they will fix this down the road in openstack.

Indeed, with internal IPs, it works.
So we have workaround, but still nice to have this fixed.

I will keep this open, but with low priority.

Well, not sure it makes sense to keep it open here... the fix would be in a newer openstack (or backported fix)

This should be fixed in the newer cloud?

Or not an issue anymore I think...

Login to comment on this ticket.

Metadata