<div dir="ltr">Actually, I finally was able to identify the issue and fix it...Turns out (as you probably expected), it wasn't ovirt...<div><br></div><div>My upstream provider had some wierd security left over, it limited the MAC addresses permitted to exit the building, and my ovirt host made the list somehow while my VMs did not.</div><div><br></div><div>I now have two VMs on two different nodes that are online!</div><div><br></div><div>Thank you for your help!</div><div><br></div><div>--Jim</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Sun, Jan 1, 2017 at 11:57 PM, Edward Haas <span dir="ltr"><<a href="mailto:ehaas@redhat.com" target="_blank">ehaas@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote"><span class="">On Sun, Jan 1, 2017 at 7:16 PM, Jim Kusznir <span dir="ltr"><<a href="mailto:jim@palousetech.com" target="_blank">jim@palousetech.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div dir="auto">I pinged both the router on the subnet and a host IP in-between the two ip's.</div><div class="gmail_extra"><br></div><div class="gmail_extra"><div class="gmail_extra">[root@ovirt3 ~]# ping -I 162.248.147.33 162.248.147.1</div><div class="gmail_extra">PING 162.248.147.1 (162.248.147.1) from 162.248.147.33 : 56(84) bytes of data.</div><div class="gmail_extra">64 bytes from <a href="http://162.248.147.1" target="_blank">162.248.147.1</a>: icmp_seq=1 ttl=255 time=8.17 ms</div><div class="gmail_extra">64 bytes from <a href="http://162.248.147.1" target="_blank">162.248.147.1</a>: icmp_seq=2 ttl=255 time=7.47 ms</div><div class="gmail_extra">64 bytes from <a href="http://162.248.147.1" target="_blank">162.248.147.1</a>: icmp_seq=3 ttl=255 time=7.53 ms</div><div class="gmail_extra">64 bytes from <a href="http://162.248.147.1" target="_blank">162.248.147.1</a>: icmp_seq=4 ttl=255 time=8.42 ms</div><div class="gmail_extra">^C</div><div class="gmail_extra">--- 162.248.147.1 ping statistics ---</div><div class="gmail_extra">4 packets transmitted, 4 received, 0% packet loss, time 3004ms</div><div class="gmail_extra">rtt min/avg/max/mdev = 7.475/7.901/8.424/0.420 ms</div><div class="gmail_extra">[root@ovirt3 ~]# </div><div><br></div><div>The VM only has its public IP.</div></div><span class="m_-1005700338987857767HOEnZb"><font color="#888888"><div class="gmail_extra"><br></div><div class="gmail_extra">--Jim</div></font></span></div></blockquote><div><br></div></span><div>Very strange, all looks good to me.<br><br></div><div>I can try to help you debug using tcpdump, just send me the details for remote connection on private.<br></div><div>It will also help if you join the vdsm or ovir IRC channels.<br></div><div><div class="h5"><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div class="m_-1005700338987857767h5"><div class="gmail_extra"><br><div class="gmail_quote">On Jan 1, 2017 01:26, "Edward Haas" <<a href="mailto:ehaas@redhat.com" target="_blank">ehaas@redhat.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Sun, Jan 1, 2017 at 10:50 AM, Jim Kusznir <span dir="ltr"><<a href="mailto:jim@palousetech.com" target="_blank">jim@palousetech.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">I currently only have two IPs assigned to me...I can try and take another, but that may not route out of the rack. I've got the VM on one of the IPs and the host on the other currently.<div><br></div><div>The switch is a "web-managed" basic 8-port switch (thrown in for testing while the "real" switch is in transit). It has the 3 ports the hosts are plugged in configured with vlan 1 untagged, set as PVID, and vlan 2 tagged. Another port on the switch is untagged on vlan 1 connected to the router for the ovirtmgmt network (protected by a VPN, but not "burning" public IPs for mgmt purposes), another couple ports are untagged on vlan 2. One of those ports goes out of the rack, another goes to the router's internet port. Router gets to the internet just fine.</div><div><br></div><div>VM: </div><div><div>kusznir@FusionPBX:~$ ip address</div><div>1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default </div><div> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00</div><div> inet <a href="http://127.0.0.1/8" target="_blank">127.0.0.1/8</a> scope host lo</div><div> valid_lft forever preferred_lft forever</div><div> inet6 ::1/128 scope host </div><div> valid_lft forever preferred_lft forever</div><div>2: eth0: <BROADCAST,MULTICAST,UP,LOWER_<wbr>UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000</div><div> link/ether 00:1a:4a:16:01:51 brd ff:ff:ff:ff:ff:ff</div><div> inet <a href="http://162.248.147.31/24" target="_blank">162.248.147.31/24</a> brd 162.248.147.255 scope global eth0</div><div> valid_lft forever preferred_lft forever</div><div> inet6 fe80::21a:4aff:fe16:151/64 scope link </div><div> valid_lft forever preferred_lft forever</div><div>kusznir@FusionPBX:~$ ip route</div><div>default via 162.248.147.1 dev eth0 </div><div><a href="http://162.248.147.0/24" target="_blank">162.248.147.0/24</a> dev eth0 proto kernel scope link src 162.248.147.31 </div><div>kusznir@FusionPBX:~$ </div></div><div><br></div><div>Host:</div><div><div>[root@ovirt3 ~]# ip address</div><div>1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN </div><div> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00</div><div> inet <a href="http://127.0.0.1/8" target="_blank">127.0.0.1/8</a> scope host lo</div><div> valid_lft forever preferred_lft forever</div><div> inet6 ::1/128 scope host </div><div> valid_lft forever preferred_lft forever</div><div>2: em1: <BROADCAST,MULTICAST,UP,LOWER_<wbr>UP> mtu 1500 qdisc mq master ovirtmgmt state UP qlen 1000</div><div> link/ether 00:21:9b:98:2f:44 brd ff:ff:ff:ff:ff:ff</div><div>3: em2: <BROADCAST,MULTICAST> mtu 1500 qdisc mq state DOWN qlen 1000</div><div> link/ether 00:21:9b:98:2f:46 brd ff:ff:ff:ff:ff:ff</div><div>4: em3: <BROADCAST,MULTICAST> mtu 1500 qdisc mq state DOWN qlen 1000</div><div> link/ether 00:21:9b:98:2f:48 brd ff:ff:ff:ff:ff:ff</div><div>5: em4: <NO-CARRIER,BROADCAST,MULTICAS<wbr>T,UP> mtu 1500 qdisc mq state DOWN qlen 1000</div><div> link/ether 00:21:9b:98:2f:4a brd ff:ff:ff:ff:ff:ff</div><div>6: ;vdsmdummy;: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN </div><div> link/ether 8e:1b:51:60:87:55 brd ff:ff:ff:ff:ff:ff</div><div>7: ovirtmgmt: <BROADCAST,MULTICAST,UP,LOWER_<wbr>UP> mtu 1500 qdisc noqueue state UP </div><div> link/ether 00:21:9b:98:2f:44 brd ff:ff:ff:ff:ff:ff</div><div> inet <a href="http://192.168.8.13/24" target="_blank">192.168.8.13/24</a> brd 192.168.8.255 scope global dynamic ovirtmgmt</div><div> valid_lft 54830sec preferred_lft 54830sec</div><div>11: em1.2@em1: <BROADCAST,MULTICAST,UP,LOWER_<wbr>UP> mtu 1500 qdisc noqueue master Public_Cable state UP </div><div> link/ether 00:21:9b:98:2f:44 brd ff:ff:ff:ff:ff:ff</div><div>12: Public_Cable: <BROADCAST,MULTICAST,UP,LOWER_<wbr>UP> mtu 1500 qdisc noqueue state UP </div><div> link/ether 00:21:9b:98:2f:44 brd ff:ff:ff:ff:ff:ff</div><div> inet <a href="http://162.248.147.33/24" target="_blank">162.248.147.33/24</a> brd 162.248.147.255 scope global Public_Cable</div><div> valid_lft forever preferred_lft forever</div><div>14: vnet0: <BROADCAST,MULTICAST,UP,LOWER_<wbr>UP> mtu 1500 qdisc pfifo_fast master ovirtmgmt state UNKNOWN qlen 500</div><div> link/ether fe:1a:4a:16:01:54 brd ff:ff:ff:ff:ff:ff</div><div> inet6 fe80::fc1a:4aff:fe16:154/64 scope link </div><div> valid_lft forever preferred_lft forever</div><div>15: vnet1: <BROADCAST,MULTICAST,UP,LOWER_<wbr>UP> mtu 1500 qdisc pfifo_fast master ovirtmgmt state UNKNOWN qlen 500</div><div> link/ether fe:1a:4a:16:01:52 brd ff:ff:ff:ff:ff:ff</div><div> inet6 fe80::fc1a:4aff:fe16:152/64 scope link </div><div> valid_lft forever preferred_lft forever</div><div>16: vnet2: <BROADCAST,MULTICAST,UP,LOWER_<wbr>UP> mtu 1500 qdisc pfifo_fast master ovirtmgmt state UNKNOWN qlen 500</div><div> link/ether fe:1a:4a:16:01:53 brd ff:ff:ff:ff:ff:ff</div><div> inet6 fe80::fc1a:4aff:fe16:153/64 scope link </div><div> valid_lft forever preferred_lft forever</div><div>17: vnet3: <BROADCAST,MULTICAST,UP,LOWER_<wbr>UP> mtu 1500 qdisc pfifo_fast master Public_Cable state UNKNOWN qlen 500</div><div> link/ether fe:1a:4a:16:01:51 brd ff:ff:ff:ff:ff:ff</div><div> inet6 fe80::fc1a:4aff:fe16:151/64 scope link </div><div> valid_lft forever preferred_lft forever</div><div>[root@ovirt3 ~]# ip route</div><div>default via 192.168.8.1 dev ovirtmgmt </div><div><a href="http://162.248.147.0/24" target="_blank">162.248.147.0/24</a> dev Public_Cable proto kernel scope link src 162.248.147.33 </div><div><a href="http://169.254.0.0/16" target="_blank">169.254.0.0/16</a> dev ovirtmgmt scope link metric 1007 </div><div><a href="http://169.254.0.0/16" target="_blank">169.254.0.0/16</a> dev Public_Cable scope link metric 1012 </div><div><a href="http://192.168.8.0/24" target="_blank">192.168.8.0/24</a> dev ovirtmgmt proto kernel scope link src 192.168.8.13 </div><div>[root@ovirt3 ~]# brctl show</div><div>bridge name<span class="m_-1005700338987857767m_2513604432110852901gmail-m_-2531304164531624285m_6154291536610681281m_-6154649521194743206gmail-Apple-tab-span" style="white-space:pre-wrap"> </span>bridge id<span class="m_-1005700338987857767m_2513604432110852901gmail-m_-2531304164531624285m_6154291536610681281m_-6154649521194743206gmail-Apple-tab-span" style="white-space:pre-wrap"> </span>STP enabled<span class="m_-1005700338987857767m_2513604432110852901gmail-m_-2531304164531624285m_6154291536610681281m_-6154649521194743206gmail-Apple-tab-span" style="white-space:pre-wrap"> </span>interfaces</div><div>;vdsmdummy;<span class="m_-1005700338987857767m_2513604432110852901gmail-m_-2531304164531624285m_6154291536610681281m_-6154649521194743206gmail-Apple-tab-span" style="white-space:pre-wrap"> </span>8000.000000000000<span class="m_-1005700338987857767m_2513604432110852901gmail-m_-2531304164531624285m_6154291536610681281m_-6154649521194743206gmail-Apple-tab-span" style="white-space:pre-wrap"> </span>no<span class="m_-1005700338987857767m_2513604432110852901gmail-m_-2531304164531624285m_6154291536610681281m_-6154649521194743206gmail-Apple-tab-span" style="white-space:pre-wrap"> </span></div><div>Public_Cable<span class="m_-1005700338987857767m_2513604432110852901gmail-m_-2531304164531624285m_6154291536610681281m_-6154649521194743206gmail-Apple-tab-span" style="white-space:pre-wrap"> </span>8000.00219b982f44<span class="m_-1005700338987857767m_2513604432110852901gmail-m_-2531304164531624285m_6154291536610681281m_-6154649521194743206gmail-Apple-tab-span" style="white-space:pre-wrap"> </span>no<span class="m_-1005700338987857767m_2513604432110852901gmail-m_-2531304164531624285m_6154291536610681281m_-6154649521194743206gmail-Apple-tab-span" style="white-space:pre-wrap"> </span>em1.2</div><div><span class="m_-1005700338987857767m_2513604432110852901gmail-m_-2531304164531624285m_6154291536610681281m_-6154649521194743206gmail-Apple-tab-span" style="white-space:pre-wrap"> </span>vnet3</div><div>ovirtmgmt<span class="m_-1005700338987857767m_2513604432110852901gmail-m_-2531304164531624285m_6154291536610681281m_-6154649521194743206gmail-Apple-tab-span" style="white-space:pre-wrap"> </span>8000.00219b982f44<span class="m_-1005700338987857767m_2513604432110852901gmail-m_-2531304164531624285m_6154291536610681281m_-6154649521194743206gmail-Apple-tab-span" style="white-space:pre-wrap"> </span>no<span class="m_-1005700338987857767m_2513604432110852901gmail-m_-2531304164531624285m_6154291536610681281m_-6154649521194743206gmail-Apple-tab-span" style="white-space:pre-wrap"> </span>em1</div><div><span class="m_-1005700338987857767m_2513604432110852901gmail-m_-2531304164531624285m_6154291536610681281m_-6154649521194743206gmail-Apple-tab-span" style="white-space:pre-wrap"> </span>vnet0</div><div><span class="m_-1005700338987857767m_2513604432110852901gmail-m_-2531304164531624285m_6154291536610681281m_-6154649521194743206gmail-Apple-tab-span" style="white-space:pre-wrap"> </span>vnet1</div><div><span class="m_-1005700338987857767m_2513604432110852901gmail-m_-2531304164531624285m_6154291536610681281m_-6154649521194743206gmail-Apple-tab-span" style="white-space:pre-wrap"> </span>vnet2</div><div>[root@ovirt3 ~]# </div></div><div><br></div><div>I did see that the cluster settings has a switch type setting; currently at the default "LEGACY", it also has "OVS" as an option. Not sure if that matters or not.</div><div><br></div><div>I configured another VM on the network, and static'ed an IP, and could ping the other VM as well as the host, but not the internet. The host can still ping the internet.</div><span class="m_-1005700338987857767m_2513604432110852901gmail-m_-2531304164531624285m_6154291536610681281HOEnZb"><font color="#888888"><div><br></div><div>--Jim</div></font></span></div>
</blockquote></div><br><br></div><div class="gmail_extra">What address are you pinging the internet?<br>For the successful ping, can you use ping -I (capital i) to choose the source address you exit the host with?<br><br></div></div>
</blockquote></div></div>
</div></div></div>
</blockquote></div></div></div><br></div></div>
</blockquote></div><br></div>