each virtual network must have a corresponding physical network defined for it in VLAN mode. Since we have used br-eth0 ( which has only one vlan id 1000) for network private_net, we must provide another one for network external_net, which is br-default. But in fact, we are not going to make use of it for traffic since we will use br-ex to do public related traffic. (It looks like a default of current ovs plugin.)