Connection error 595: No route to host, Hetzner

[manuelmonroyb]

Hello, I have a problem that I have not been able to find the solution to and I imagine it could be something related to the firewall since I cannot find another problem that could be happening unless it is a bottleneck.

I have a cluster of 4 machines, 3 the same and 1 different, which is the head of the cluster. All the machines have 3 network cards, 1 connected with its public IP, 1 to the cluster sync and 1 to ceph (not configured yet) the local network is on a 1GB switch, 3 machines have 2 NVME disks and the head has SSD disks . The cluster was configured correctly but when I wanted to access the other nodes I got the message "no route to host (595)", I have checked the firewall, enabled the ports and even deactivated everything but the same thing still appears, I'm on point dead. I really don't know what it could be.

It is as if there is no connection between them or there is a bottleneck that causes a longer waiting time and disconnection. The important detail is that locally I made the same configuration with the only difference that I had SD disks and I did not have any problems, the cluster has worked well for months. Now I replicated it in Hetzner and I have this problem.

root@pve101:~# cat /etc/pve/corosync.conf
logging {
debug: off
to_syslog: yes
}
nodelist {
node {
name: pve101
nodeid: 1
quorum_votes: 1
ring0_addr: 10.10.10.101
}
node {
name: pve102
nodeid: 2
quorum_votes: 1
ring0_addr: 10.10.10.102
}
node {
name: pve103
nodeid: 3
quorum_votes: 1
ring0_addr: 10.10.10.103
}
node {
name: pve104
nodeid: 4
quorum_votes: 1
ring0_addr: 10.10.10.104
}
}
quorum {
provider: corosync_votequorum
}
totem {
cluster_name: afrodita
config_version: 4
interface {
linknumber: 0
}
ip_version: ipv4-6
link_mode: passive
secauth: on
version: 2
}
root@pve101:~#

 

[KevinS]

This might do the trick, have you tried this?

https://forum.proxmox.com/threads/c...ster-no-route-to-host-595.114290/#post-493956


EDIT: Sorry i misread, i thought you moved the cluster and probably changed IP addresses, nevertheless i would still try this since the behavior seems quite similar

 

[manuelmonroyb]

This might do the trick, have you tried this?

https://forum.proxmox.com/threads/c...ster-no-route-to-host-595.114290/#post-493956


EDIT: Sorry i misread, i thought you moved the cluster and probably changed IP addresses, nevertheless i would still try this since the behavior seems quite similar

If you check the mentioned thread, in my case I did not make any changes. configure the cluster cleanly from the beginning, same version on all proxmox nodes, clean installation and exactly the same for all nodes.

 

[KevinS]

Ok to rule out a networking problem i would do a tcpdump on both devices (you might have to change the network device accordingly):

from 101:

tcpdump -i vmbr0 host 10.10.10.102 and port 8006

from 102:

tcpdump -i vmbr0 host 10.10.10.102 and port 8006

As soon as you try to access the other node (assuming you're logged in on 101 and want to access 102) the network packets should appear in both directions on both nodes.


But to be honest, since the cluster is working the corosync communication has to work as well. So I highly doubt it's a network issue.
Out of curiosity I even blocked the 8006 port (only from my first node) on my 2nd node and on the web interface of my 1st node i get the error message "Connection error 595: Connection timed out". So no route to host seems to indicate a different issue