-1

I am trying to setup an instance (landingpage2) to use custom internal ip, after instance is up, I could not ssh to public IP, I even can't ping it.

If I don't use custom internal IP for the instance, everything is working fine.

Did I miss anything?

fwissue@gcp2017-181116:~$ gcloud compute routes list | grep dmz1

default-route-4d479ca761d23b53  dmz1     10.8.0.0/24                              1000
default-route-552ffd32014e8b04  dmz1     0.0.0.0/0      default-internet-gateway  1000

fwissue@gcp2017-181116:~$ gcloud compute instances list

NAME          ZONE        MACHINE_TYPE   PREEMPTIBLE  INTERNAL_IP  EXTERNAL_IP     STATUS
landingpage2  us-east1-b  n1-standard-1               10.8.0.2     35.190.156.124  RUNNING

fwissue@gcp2017-181116:~$ ping 35.190.156.124

PING 35.190.156.124 (35.190.156.124): 56 data bytes
--- 35.190.156.124 ping statistics ---
21 packets transmitted, 0 packets received, 100% packet loss
Cory Knutson
  • 1,876
  • 13
  • 20
fwissue
  • 1
  • 1
    Seems like your routes are wrong. You tried to define two define routes which are clearly not useable. Use a tracert to see more specific information about the way the icmp packet goes. – mushr00mer1990 Sep 28 '17 at 11:53

1 Answers1

0

The steps on this article worked fine for me. Here is how I tested:

1) Created a new network

gcloud compute --project=Myproject networks create testnet --mode=auto

2) Opened firewall rules to allow SSH and ICMP

gcloud compute --project=Myproject firewall-rules create allowicmpandssh --direction=INGRESS --priority=1000 --network=testnet --action=ALLOW --rules=tcp:22,icmp --source-ranges=0.0.0.0/0

3) Reserved the static IP 10.128.0.11

gcloud compute addresses create myinternalip --region us-central1 --subnet testnet --addresses 10.128.0.11

4) I created two VMs one with dynamic IP and the second one with the reserved

gcloud compute  instances create "instance-2" --zone "us-central1-f" --machine-type "n1-standard-1" --subnet "testnet" --image "debian-9-drawfork-v20180109" --image-project "eip-images" --boot-disk-size "10" --boot-disk-type "pd-standard" --boot-disk-device-name "instance-2"

gcloud compute instances create my-instance --zone us-central1-f --image  "debian-9-drawfork-v20180109" --image-project "eip-images"  --private-network-ip myinternalip --subnet testnet

5) SSH in the instance using the dynamic internal IP and ping both addressees on the second VM

user@instance-2:~$ ping 10.128.0.11
PING 10.128.0.11 (10.128.0.11) 56(84) bytes of data.
64 bytes from 10.128.0.11: icmp_seq=1 ttl=64 time=1.08 ms
64 bytes from 10.128.0.11: icmp_seq=2 ttl=64 time=0.222 ms

I am certainly able to SSH directly in the in second VM by using its external IP.

Carlos
  • 1,395
  • 9
  • 15