Unable to access a GCE in another subnet on same VPC over another NIC

Rubans

3/1/24, 12:03 AM

I have two GCEs in the same VPC but in different subnets. Both are GCEs are dual nic and everything is accessible over nic0.

VM-1
    nic0    172.16.132.4
    nic1    192.168.132.2
VM-2
    nic0    172.16.154.202
    nic1    192.168.154.202

However for nic1, I can't ping VM-2 from VM-1 on VPC-2. The following doesn't work

ping 192.168.154.202 (doesn't work)
sudo ping -I eth0 8.8.8.8 (works!)
sudo ping -I eth1 8.8.8.8 (doesn't work!)

As per GCP guidance https://cloud.google.com/vpc/docs/create-use-multiple-interfaces#routing-linux I added what I believed is the requred routing:

sudo ifconfig eth1 192.168.132.2 netmask 255.255.255.255 broadcast 192.168.132.2 mtu 1430
echo "1 rt1" | sudo tee -a /etc/iproute2/rt_tables
sudo ip route add 192.168.132.1 src 192.168.132.2 dev eth1 table rt1
sudo ip route add default via 192.168.132.1 dev eth1 table rt1
sudo ip rule add from 192.168.132.2/16 table rt1
sudo ip rule add to 192.168.132.2/16  table rt1

Fw rules are all configured and should allow required ingress. Running Rocky Linux. Any ideas?

112

0 + 3

linux

google-cloud-platform

Abhijith Chitrapu

3/1/24, 9:16 AM

Could you please clarify whether you have multiple VPC’s because you have mentioned VPC-2 (“cant ping VM-2 from VM-1 on VPC-2”). Also could you please elaborate on your setup and if possible, please update the question with a Network Architecture diagram for the clear understanding. When I tried to replicate the issue I found that it is not possible to choose different subnets of the same VPC while creating network interfaces of the VM.

Rubans

3/2/24, 1:06 AM

yes, nic0 is on on VPC-1 and nic1 is on VPC-2. The point is, I can't communicate over nic1.

Abhijith Chitrapu

3/2/24, 1:50 AM

Hi Rubans, Thanks for the clarification. Please check on [Reverse Path Filtering](https://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.kernel.rpf.html) troubleshooting.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Unable to access a GCE in another subnet on same VPC over another NIC

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.