Reputation: 193
Gcloud VM additional network interface - no internet access
I'm trying to set up a VM with 2 interfaces. The first interface works fine, but the second not really.
gcloud compute instances create worker-0 \
--boot-disk-size 200GB \
--can-ip-forward \
--image-family ubuntu-2004-lts \
--image-project ubuntu-os-cloud \
--machine-type e2-standard-4 \
--metadata-from-file=startup-script=vm-startup-script.sh \
--network-interface network=$NET_INTERNAL,subnet=$SUBNET_INTERNAL,private-network-ip=192.168.10.3 \
--network-interface network=$NET_DN,subnet=$SUBNET_DN,private-network-ip=192.168.11.100 \
--scopes compute-rw,storage-ro,service-management,service-control,logging-write,monitoring \
--tags $NAME,worker
After that I'm testing it with ping
ping -I ens5 1.1.1.1 but it results in Destination Host Unreachable
I've read that for any additional interface we have to setup routing.
Following section https://cloud.google.com/vpc/docs/create-use-multiple-interfaces#configuring_policy_routing I've checked gateway using gcloud API - it is 192.168.11.1
So then I try
echo "1 rt1" | sudo tee -a /etc/iproute2/rt_tables
sudo ip route add 192.168.11.1 src 192.168.11.100 dev ens5 table rt1
sudo ip route add default via 192.168.11.1 dev ens5 table rt1
sudo ip rule add from 192.168.11.100/24 table rt1
sudo ip rule add to 192.168.11.100/24 table rt1
ip route
default via 192.168.10.1 dev ens4 proto dhcp src 192.168.10.3 metric 100
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
192.168.10.0/24 via 192.168.10.1 dev ens4 proto dhcp src 192.168.10.3 metric 100
192.168.10.1 dev ens4 proto dhcp scope link src 192.168.10.3 metric 100
192.168.11.0/24 via 192.168.11.1 dev ens5
192.168.11.1 dev ens5 scope link
ip route show table 1
default via 192.168.11.1 dev ens5
192.168.11.1 dev ens5 scope link src 192.168.11.100
But I still can't reach internet when using ping.
Firewall rules for this interface's network are set to allow all.
Is there anything I'm missing?
Upvotes: 0
Views: 235
Answers (1)
Reputation: 193
It turned out that the internet is actually reachable, ping works but only this way
ping -I 192.168.11.100 1.1.1.1 -c 1
When using interface as argument it fails, how is it possible?
Upvotes: 1
Related Questions
- Google serverless VPC connector does not access GCE instance with multiple network interfaces
- Routing traffic to specific VM's via load balancer on GCP
- New VM can't use unassigned Static Internal IP GCP
- how to create gcp projects without default network using gcloud sdk
- Google Cloud VM additional IP adress same subnet
- Not able to ping gateway in GCE new VM Instance
- Create route between two networks in Google Cloud Compute Engine
- Google - Compute Engine VM - cannot bind to internal IP
- Google cloud platform: Add new interface to existing instance
- Google Cloud - Adding additional Internal IP to VM