HTTP PUT:
http://< controller-ip >:8181/restconf/config/network-topology:network-
topology/topology/ovsdb:1/node/ovsdb:%2F%2FHOST1
BODY:
{
"network-topology:node": [
{
"node-id": "ovsdb://HOST1",
"connection-info": {
"ovsdb:remote-port": "6640",
"ovsdb:remote-ip": "<ovs-host-ip>"
}
}
]
}
i'm giving the controller IP as instance IP, it's asking me to put OVS Host ip to connect, may i know what is OVS host IP.
Can i give controller IP as ovshost IP?
should be the ip address where you have ovsdb running, which may
or may not be on the same system that your ODL controller is running
Related
I have 2 EC2 instances - one in public subnet one in private.
I need both of them to access a service via public ip and port forwarding on Mako router.
Mako router port forwards port 552 to local 192.168.. ip
I set up firewall rules on Mako router that whitelists 2 public IPs - one of the EC2 instance in public subnet and NAT Gateway public IP (was also able to confirm it is the Internet ip from the instance in private subnet via dig myip.opendns.com #resolver1.opendns.com
curl from EC2 instance in public subnet works
curl from EC2 instance in private subnet doesn't
Endpoint I am hitting is rtsp://admin:password#123.123.123.123:552/Streaming/Channels/2
Any thoughts? What might be wrong? Advise on troubleshooting/mitigation?
We have just set up Mikrotik router and have public ip address and our local ip address for the server.
We created a dst-nat rule where anyone who accesses
public_ip:80 is applied a dst_nat to local_ip:8082 port
However, from our local ip address we cannot access this public ip address.
It will work if at hosts file we write local_ip public_dns_name.
Why does mikrotik not send to the public_ip address, i.e does not apply a dst-nat rule?
The problem got solved via adding srcnat rule, which masquearades all traffic from local network
Chain
srcnat
Src. Address -> our local network
192.168.88.0/24
Dst. Address -> our server
192.168.88.249
Protocol
6 (tcp)
Action
masquerade
This problem and its solution are explained on microtik's documentation: https://wiki.mikrotik.com/wiki/Hairpin_NAT
Basically, the router translates everything into local IP addresses when replying to machines inside the network. Your client sent a request to some public IP, so it's waiting for a reply from that same public IP. The microtik translated the request into a local IP, so it sent a reply with the wrong "from" address, and your client ignored it. You can work around this by setting up a masquerade rule, or by adding a static DNS entry that bypasses the need for a public IP.
In my case, the problem was that the rule was set up to only work for traffic coming in on WAN (not LAN). I changed it to route traffic from anywhere, as long as it is requesting my public IP.
chain: dstnat
dst address: <public ip>
protocol: 6 (tcp)
dst port: 80
in. interface list: all
action: dst-nat
to addresses: <server local ip>
to ports: <server port>
I in a remote Server (I call it host machine) setup the OpenStack Ocata.
And in the OpenStack Ocata I created a VM, the VM use the Security Group (named allow ping & ssh), which is created by myself:
Now, I can use my Mac ping the VM. but can not ssh connect to the VM.
And in the VM(it's IP is 192.168.1.4 and floating IP is 103.35.202.3), I can ping 192.168.1.1 and 103.35.202.1(the host machine's public IP), but can not ping google.com or other public IP.
Why in my Mac I can ping the VM but can not ssh to it?
Why in the VM I can ping the host machine, but can not ping other public IP?
where is the issue?
Currently the only Egress traffic allowed out is for ICMP. Egress is missing for TCP/UDP. Add in Egress rules for both UDP (should help resolve the DNS issue) and TCP (should resolve the SSH issue.)
After adding in the Egress rules for TCP - test ssh again.
After adding in the Egress rules for UDP - test DNS resolution, if you are still running into issues then you may want to verify the DNS servers used when configuring the network.
Here is the scenario:
I have asked my ISP to give me public IP, which I can connect to my laptop and access from other outside network. They gave me following
IP : 103.51.2.198
subnet mask : 255.255.255.248
default Gateway : 103.51.2.193
preferred dns : 8.8.8.8
Alternate dns : 8.8.4.4
I have connected PPPoE connection in my laptop (not in router) and set these values at TCP/IP V4. My internet connection is fine.
But If I ping from other network by this IP (103.51.2.198), request is timed out.
Than I checked whatsmyrealip. and the IP is (103.51.2.102). this IP is a public IP of my ISP provider. And they are trying to give me an IP from that IP.
My ISP providers are not expert in networking nor am I. They are also not sure how they can give me a public IP.
I am not sure about what are they trying to do. and how will they give me another IP from a public IP. It will be very helpful, If anyone can explain the problem. and give a solution.
First of all, it's called public IP not "realIP".
Anyways, the answer for your question is:
You cannot access your home computer because it is behind NAT so it is unreachable from the outside of your network.
Quick example on how NAT works:
Scenario:
Private IP: 192.168.0.10
Public IP: 1.2.3.4
You are connecting to webserver on IP: 5.5.5.5
What happens:
You send data to your router, telling it that you want something from
5.5.5.5, your router assigns you a random port, let's say 11111,
sends the data with source IP 1.2.3.4 and port 11111. Stuff
happens on the webserver and the data comes back. Router reads it and
remembers that everything going to 1.2.3.4:11111 belongs to
192.168.0.10 so it sends you the data.
Here everything works because it's your computer the one starting the connection, otherwise, the webserver would never be able to connect to you.
Working in VMWare vCloud.
Webserver has internal ip 172.16.0.61, public ip 148.25.6.22 (invented numbers);
App Server has internal ip 172.16.0.52
From App Server I can ping and surf Webserver using its internal 172.16.0.61, but... how can I reach it (from App Server) using its public 148.25.6.22?
Just searching for something that let me say to the App Server
148.25.6.22 => 172.16.0.61
If I had a domain name I could resolv it in /etc/hosts, but at the moment I have just ip.
Thanks in advance
If I understand you correctly, your servers are behind a NAT, which masquerades their IP addresses (which is why your webserver has both an internal and an external IP address - the external one is actually the NAT's public address).
You can define a local route on your appserver, which will direct packets sent to 148.25.6.22 to 172.16.0.61, however that defeats the purpose, as that would cause the appserver to just send everything to the internal address.
What you should do is configure port forwarding on your NAT - this means that the NAT will listen on a port you specify, and all communication which reaches this port will be forwarded to the webserver's internal IP to another port you specify, for example: 148.25.6.22:8080 => 172.16.0.61:8080. Now, if your appserver connects to 148.25.6.22:8080, the packets will reach the webserver at port 8080.