Develop Reference

Unable to ssh using openstack

I have the following topology:
Basically 2 subnets, 10.0.27.0 and 192.168.0.0.
I have a floating ip that I assign to one of the machines using the interface in the 10.0.27.0 subnetwork, and it works fine. I added the rules for allowing the ssh traffic. However, when I try to do the same for the interface in the subnet 192.168.0.0, it doesn't work. After a nmap I can see that the port is closed, so I don't know what is happening. Any help is appreciated.

So many possible reason,
Did subnet 192.168.0.0 has opened port? did you test it first?
Did you try to change the subnet into 192.168.0.1? test by changing the subnet into that first. Using default subnet end with 0.0 or 1.1 value sometimes in different environment cause a problem.
You may share what environment you setup this topology and how you do this?
Is it through virtualised network environment or using physical network (switches or router).

How can I get fixed IP address on my vagrant even when I move to other network?

I'm using vagrant as Linux machine.
I'm a student and I'm coding in like everywhere such as home, classroom, univ, cafe, library, etc.
The problem is that everytime I move to other place, I have to halt the vagrant machine and re-up again because the network is changed.
For example, I do some coding in cafe, where the private network IP address is 192.168.1.x. Now, I move to other place, say classroom, where the IP address this time is 192.168.99.x.
Since, IP has been changed, I have to reboot the vagrant machine. Although it takes only couple of mins but it is kinda bothering much to me.
I want to keep programming on my vagrant environment even if network environment has been changed. Need your help, Thanks.

You can have static IP wether you're using private or public network, just by specifying which IP you want to use
for public network:
config.vm.network "public_network", ip: "192.168.0.17"
for private network:
config.vm.network "private_network", ip: "192.168.50.4"

While the answer provided by Frédéric Henri is accurate, it may not actually be helpful. The problem with setting a static IP in the Vagrantfile is when you change networks (or subnets) as you described, the network device in charge of handing out IPs might not be willing to give that IP back to you - it may already be in use, or on another subnet or network.
Assuming you're trying to regain network connectivity from the Guest, you can just reboot the adapter or network interface you need in the Guest by doing the following (from the Guest):
ifdown eth0
ifup eth0
Where eth0 is the name of the network adapter you need to restart. You can verify this by running ifconfig on your Guest and determining which network interface is being used to get the IP you want to renew.
See this similar question for more information.

How to do 2 way communication between 2 different subnets?

I am sort of stumped on this.
My layout will be the following:
one subnet 192.168.0.0 255.255.255.0 whereas each computer on that subnet has 2 interfaces and it is statically assigned. GW will be a router with DHCP/DNS disabled at 192.168.0.254.
The second interface will have a subnet based on the last digit of the statically assigned first subnet whereas:
NIC1: 192.168.0.1 NIC2: 192.168.1.1 (255.255.255.0)
NIC1: 192.168.0.2 NIC2: 192.168.2.1 (255.255.255.0)
and so on.
On Nic2 will be running a software DHCP server.
My issue is this: I want all computers on all the NIC2 subnets to communicate to the master subnet of 192.168.0.X, and vice versa.
What is the best way to do this? Additionally the hardware MUST be configurable via REST or otherwise. So I cannot really hookup a router with static routes for each one of these because that's not really configurable programmatically. I CAN however use managed switches for this since CISCO makes a rather cheap managed switch that handles REST API requests.
I have considered bridging NIC 1 and NIC 2 but the issue is I would need to block DHCP packets from leaving the NIC 2 network. This doesn't seem possible with the limited windows network bridge.
Open to any suggestions!
Thanks,
Dan

Your best bet is to configure your gateway (router) with a static route from 192.168.1.0 to 192.168.2.0 and from 192.168.2.0 to 192.168.1.0. You don't say what kind of router you are using, but at least on Cisco, it IS possible to configure a static route via REST (as well as other ways). Refer to http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/mapping/mapping_gd/layer3_examples.html#pgfId-1092835 .

There are 2 answers to this.
The first is what Herb said above which is to use Cisco smart switches and REST queries.
The second which is what I in the end implemented was to use a windows server environment with RRAS Lan-Lan routing. The details of which can be found here: https://onlize.wordpress.com/2012/08/18/lan-routing-on-windows-server-2008r2-step-by-step/

how to communicate hosts in different subnet

We have two subnets
Router 1
192.168.2.1
255.255.254.0
Router 2
192.168.1.1
255.255.255.0
Modem >> switch
>> router1 wan port >> from lan port to switch >> Different computers
>> router2 wan port >> from lan port to switch >> Different computers
Please note two different static public ips(of same subnet) for both routers.
I would like to know how I can access a host from Router 1 to a host in Router 2 or vice-versa.

use a single router:
Modem >> router >> switch >> lan1 >> computers in lan1
>> lan2 >> computers in lan2
You don't even need two LANs formally, since the PCs don't need a special routing rule to reach all local systems in this case.
You use two address sets: 192.168.1.xxx and 192.168.2.xxx and a network mask of /23 or even /16, no difference there. This way all PCs know they can simply send out packages to everything inside 192.168... Whereas for packages outside they need a rule routing those packages through the router. The routing of packages between the two areas on the LAN side is done automatically by the switch. That is what a switch is build for.

This is an explanation of how you would do it assuming that you must keep these as two separate subnets!
That is, you'll have to set up access for each IP address in the other router's firewall, and then specify to which internal system it will connect.
Note: It's only safe to do this because you have two static IP addresses! There really isn't an easy, safe way to do this with dynamic IPs.
In that case, Router 1 will have to grant access to Router 2's public IP address and vice versa. How you do this completely dependent on the make and model of the router.
The routers will know how to route to each other, because they'll be using the public IPs.
So, the data path will be: System1 (subnet1)->Router1->Internet->Router2->System2
Since different routers have you specify addresses in different ways, make sure you know how yours expects you to input the address or range of addresses.
However, that's not enough. Because you have multiple systems on each subnet, all sharing the same public IP address, you also have to specify which inbound traffic goes to what subnet host.
That is, you start on System1 in the above data path. The data goes out Router1 and back into Router2. How does Router2 know where to send it? It only has ONE external IP address.
Again, there are different ways of doing this for different routers. On some, you can specify that data on certain ports gets sent to certain systems. (Port Forwarding)
Using Telnet as an example (you shouldn't! Telnet isn't secure. It's just easy to use as an example)...
You want to get from System1 (on subnet1) to System3 (subnet2).
On Router1 you specify that incoming data on Port 23 (Telnet port) should go to System1. On Router2 you send all Port 23 data to System3.
Port Forwarding, however, is somewhat limited insofar as, in the setup above, only System1 and System3 can receive Telnet data.
The other common way to do this is to have all data from a particular IP sent to one particular system on your subnet. That won't work for you, because you have multiple systems on each subnet!
I hope this isn't too non-specific! (Or too rambling! :-) ) I'm trying to be as non-specific as possible, but it makes it difficult to explain things! Unfortunately, since each company's routers use different interfaces, it's impossible for me to exactly what you need to do!
Let us know what your routers are. Then I can possibly be more specific.
In the meantime, however, look for the sections in your router to 1) the other router's data in, and 2) specify what data goes to which system on the subnet!
I hope this helps!

What are the effects of incorrectly setting the netmask?

What are the effects of incorrectly setting the netmask? I have a C++ application that sets the network mask of a device. If the netmask is set incorrectly, tftp doesn't seem to work properly. Why would this happen? What other problems occur when the netmask is not properly set for a device/PC?

While this question is probably more about IP networks than programming it is a challenging subject for many developers.
The netmask delimits the host address (your PC or server) and the network address (the part of the logical network infrastructure in which your system lives). The two parts are used to deliver the data packet to the correct device. The network address is obtained by ANDing the netmask with the IP Address. Consider the following scenario:
IP Address: 10.0.1.1
Netmask: 255.255.0.0
The host address portion of the IP address for our PC is 1.1, so the PC knows that any host addresses starting 10.0. are local to it. Any addresses that then start 10.1, etc, are not 'local' and will need to be forwarded to a router. If you have another device intended to be on the same network that is:
IP Address: 10.0.2.1
Netmask: 255.255.255.0
Here the netmask is wrong for our example setup, this device is now going to see the network address as 10.0.2 and the host address as 1, if it tries to communicate with 10.0.1.1 it will see a network address of 10.0.1! Not local and so will refer it to the default router for forwarding. If the netmask was correctly set (i.e. the same as the first example, assuming that's the correct setting for your network) then the second device would see the first as local, i.e. on the 10.0 network and wouldn't attempt to forward the packet to a router.
Many protocols will happily cope with this but tftp is intended to operate within a single network and so will fail as there's a perception that the target is on a different network.
This may not describe your exact situation but I hope that the example demonstrates the important principle that configuration matters, you can't have an inaccurately configured environment and expect it to work.

The netmask determines which IP adresses are local (non-routed); IP adresses outside that range go through the router. If the netmask is wrong, the program tries to directly access sites where it has to go through the router, or vice versa.

The netmask defines, which part of the IP-address is used as address for the network and which part is used for the workstations.
First Example:
IP1: 192.168.20.4
IP2: 192.168.192.4
NM: 255.255.0.0
Both IPs are in the same net. They can communicate with each other without needing a router. That's because the IP-addresses will result in the same bitmask when you or it with the netmask.
Second Example:
IP1: 192.168.20.4
IP2: 192.168.192.4
NM: 255.255.128.0
Now both IPs are in different networks because when you or the IP-addresses with the Netmask, the resulting bitmask will be different and they wont be able to communicate with each other without a router that routes between the two networks.
You can test this by yourself with ipcalc.

Possible implications of mismatched netmask are explained here. In short:
The host is likely to construct routing table incorrectly.
The host will miss some broadcast packets and not send broadcasts properly.
Mis-function of TFTP is almost for sure caused by the first reason. It affects any other IP protocol in the same way.
Other answers mention only the first problem (which is OK, as the second one is rather marginal). Note that it is not the netmask of the interface itself which determines how the IP packets would be routed - it is the routing subsystem of the host; but the netmask is normally used for constructing the routing table.