OVH Community, your new community space.

More IP address problems


DigitalDaz
21-10-2010, 11:08
Mark, there are no errors on the VM interface, if you check the two pingdom things in the post above you are looking at two identical vm's, the only difference is one is a failover, the other is a ripe, the failover is 100% uptime.

There is also no ssh access, I cannot connect fromn the VM to anywhere else either.

I appreciate its a kimsufi but we are talking weeks now, not days that this problem has been here and it appears to have absolutely nothing to do with the server itself.

I've done enough testing now to know with 99% certainty that if I put a failover IP on the problem vm, I will get 100% uptime again.

In fact, if the problem is still outstanding tonight thats exactly what I will do, swap the IP's on the two VM's being monitored.

marks
21-10-2010, 10:42
I'm trying to ping the VM IP and it's right, there is quite significant packet loss. We did put in place an ICMP protection in our network, but I don't think this is the problem.

Could you confirm that the virtual interface doesn't show network errors? In any case, your ticket will be attended soon. It's a kimsufi server so the responses are a bit slower.


Also, in the ticket you mention that pinging the gateway, vss-3-6k.fr.eu, shows packet loss. That's normal as the routers are configured to drop some of the ICMP traffic, for security reasons.

DigitalDaz
21-10-2010, 09:46
I've tried phoning, I have tried forums, I have tried tickets, will someone please resolve this issue!

DigitalDaz
20-10-2010, 09:24
Far from resolved, just as broken only now intermittent.

Two identical virtual machines, one on a failover, the other on the *fixed* RIPE block

Set these both up at about midnignt last night:

http://www.pingdom.com/reports/nff88...88.165.127.129

http://www.pingdom.com/reports/svjik...=94.23.157.237

Checking every minute

DigitalDaz
19-10-2010, 11:45
Mark

I have moved those other IP's away from this server now.

I'm not really bothered about the fact that the limit is broken, I cannot see me ever using more than the 32 IP's that its allowing.

It was more being allocated the other block and being able to use them, hopefully that will be resolved soon.

Thanks for your help.

Issue now seems to be ***RESOLVED***

marks
19-10-2010, 11:31
@digitalDaz: I can see that you've opened about some of your IPs not getting traffic to the VM (even though you see the incoming ICMP echo packets from your VM).
That's a known issue and the engineers will fix it. Just wait for the answer on the ticket
Once that's fixed, let's see the issue on assigning the second RIPE IP block. Btw, I did send you an email last week about it but you didn't reply (about changing the nichandles back)

Let me know

DigitalDaz
18-10-2010, 13:02
The problem seems to be deeper, it *appears* to be the router/switch is not accepting traffic for my VM's though it is sending traffic to them.

They are working on it now I believe.

Razakel
18-10-2010, 10:55
You could try splitting your blocks into individual failovers.

DigitalDaz
16-10-2010, 16:24
This box is totally goosed, it will not let me add more than 32 IP's either even though I have a gig port.

Myatu
16-10-2010, 16:19
Hmmf, you shouldn't have to anymore, which was the whole reason for those virtual macs... Typical OVH voodoo to get things working

DigitalDaz
16-10-2010, 16:10
Yes, if I use a failover IP its works perfectly

The only thing I change is the ip address and broadcast and then it is broken

Just got it working fine with proxy arp on the addresses which I hadn't configured virtual macs for.

I obviously change the mac address too to the corresponding virtual mac

Myatu
16-10-2010, 16:04
Is the gateway routable from within the VM though?

DigitalDaz
16-10-2010, 16:01
Quote Originally Posted by Myatu
From this I gather the proxmox host is 188.165.127.129 and the VM is 188.165.127.130. So is this a 188.165.127.224/28 block? If so, then your netmask limits you to 255.255.255.240 - which gives IPs from 188.165.127.125 thru 188.165.127.238. Broadcast would be on .239.

Given that the gateway you've tried to use was 188.165.225.254, makes it unroutable (it's outside the above IP range). So you either need to double check if you're using the correct gateway and correct it (like, maybe 188.165.127.125?), or if it's indeed the right gateway then you need to define a route to it like so:

Code:
route add 188.165.225.254 dev eth0
route add default gw 188.165.225.254
(that would be within the VM itself, as surely the host already has a route to it )

It would also explain why there's no answers to the ARPs, as they're not allowed to leave the system (which is the way it's supposed to be).
Sorry for not stating it, the proxmox host sits at 188.165.225.113

Myatu
16-10-2010, 15:32
Quote Originally Posted by DigitalDaz
root@ks312816:~# tcpdump host 188.165.127.130 -ni vmbr0
If I try and ping the gateway 188.165.225.254 from a vm, on both the proxmox host and the vm I just get a constant:

13:01:40.030494 arp who-has 188.165.225.254 tell 188.165.127.129
From this I gather the proxmox host is 188.165.127.129 and the VM is 188.165.127.130. So is this a 188.165.127.224/28 block? If so, then your netmask limits you to 255.255.255.240 - which gives IPs from 188.165.127.125 thru 188.165.127.238. Broadcast would be on .239.

Given that the gateway you've tried to use was 188.165.225.254, makes it unroutable (it's outside the above IP range). So you either need to double check if you're using the correct gateway and correct it (like, maybe 188.165.127.125?), or if it's indeed the right gateway then you need to define a route to it like so:

Code:
route add 188.165.225.254 dev eth0
route add default gw 188.165.225.254
(that would be within the VM itself, as surely the host already has a route to it )

It would also explain why there's no answers to the ARPs, as they're not allowed to leave the system (which is the way it's supposed to be).

DigitalDaz
16-10-2010, 12:07
Quote Originally Posted by Andy
Good luck getting any support until Monday...
Andy we both know I have no chance of getting anything done before Monday so thats why I'm trying to do ANYTHING myself that may get me going

UPDATE:
To try and move this along myself, I added the professional option to another server (yet more cost to me) and transferred the OLD IP block away to see if I could then allocate the NEW block I bought and use them. This successfully overcame the BROKEN limit on my number of IP's 32 on a 100 Mbit, even though I have a gig port.

The new block also does not work! I'm struggling with this but I'm trying!

It appears, the router/switch, whatever it is, will not talk to my virtual macs for any RIPE IP that I have even though it seems to allocate them.

I make that assumption because of the following:

Pinging an IP from home I have set up with a virtual mac gives the following on the proxmox host

root@ks312816:~# tcpdump host 188.165.127.130 -ni vmbr0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vmbr0, link-type EN10MB (Ethernet), capture size 96 bytes

ie nothing, this I assume is because the gateway in this case 188.165.225.254 does not need to arp for it because it has the mac address already.

Sometimes, the gateway will send an ICMP echo request and then my virtual machine starts arping for the mac address of the gateway which I think is what is meant to happen.
But this request is ignored.

If I try and ping the gateway 188.165.225.254 from a vm, on both the proxmox host and the vm I just get a constant:

13:01:40.030494 arp who-has 188.165.225.254 tell 188.165.127.129
13:01:42.030766 arp who-has 188.165.225.254 tell 188.165.127.129
13:01:43.029758 arp who-has 188.165.225.254 tell 188.165.127.129
13:01:44.030079 arp who-has 188.165.225.254 tell 188.165.127.129

Pinging 188.165.127.131, an ip from home that I haven't created a virtual mac for, on the proxmox host gives:

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vmbr0, link-type EN10MB (Ethernet), capture size 96 bytes
12:55:45.727443 arp who-has 188.165.127.131 tell 188.165.225.254

This I am hoping gives me a temporary solution.

I'm hoping that the gateway arping for this mac means that if I supply one that it is willing to talk to I will get a response so if I can create another bridge and set it to proxy arp I may pull this off yet

Someone please correct me if my logic is flawed!

Andy
16-10-2010, 11:23
Good luck getting any support until Monday...

DigitalDaz
16-10-2010, 09:04
OVH will you please fix this issue!!

I have now had this server a week and cannot use it.

Why can you not just give me another one and start again?

I paid the best part of 200 with the setup fee and last night had to shell out another 100 to get a Q1-T to temporarily put someone on who I need to get working today.

I am asking for nothing more than I have paid and am paying for day by day that doesn't work!

If the old RIPE block is the problem just remove it and bin them and give me the new ones I paid for last Sunday.

DigitalDaz
15-10-2010, 10:31
Cheers Mark,

Yep, I can see the packets hitting what appears to be the correct router, what I was hoping to see is packets from the router hitting the host interface so I can determine whether or not its a configuration issue my end.

I'm pretty sure its not as i can substitute the RIPE IP's and macs with the failover ips and macs and everything works fine.

I assumed the rerouting of RIPE IPs to another server was a straightforward thing so I'm looking at where I may have made a mistake.

marks
15-10-2010, 10:11
regarding the router , you should be able to see it in the traceroute to your server and to your RIPE IP failover.
Compare the 2 traceroutes, and even though the IPs are not installed in the server yet, if they are properly routed, you should see the same router just before your machine.

Regarding the 2 blocks of 16 RIPE IPs, we're working on your email and we'll get back to you later on today.

DigitalDaz
14-10-2010, 19:58
Is there a definitive way to test if an OVH router is trying to talk to an IP address of a virtual mac?

I moved a block of RIPE IP's between servers but none appear to be working.

The fallover IP's seem to be working properly but not the RIPE ones.

I'm running Proxmox on the host and I am thinking if I ping one of them from my home machine, I should be ablt to see the OVH router somehow trying to communicate with my box.

This is turning into another nightmare. I have paid for two lots of 16 now and can use neither block. The first for the above reason and the second because it appears my server thinks I have a limit of 32 even though I have a gig port.

So out of a server that has 36 ip's assigned, I can effectively use 3!!