Ask Your Question

Revision history [back]

I would remove public_subnet and public network created by Neutron. Just clean up gateway to public in demo login. Then create new public network via admin account matching exactly your real network 172.16.21.0/23 with gateway matching real gateway 172.16.20.1 and with big enough allocation pool
New public network should have shared status if belongs admin tenant either belong tenant services.
Relogin to demo and make router to have gateway to new public network.
Then make em1 OVS port of OVS bridge br-ex. Like this :-

[root@juno1 network-scripts(keystone_admin)]# cat ifcfg-br-ex
DEVICE="br-ex"
BOOTPROTO="static"
IPADDR="172.16.21.11"
NETMASK="172.16.21.0/23"
DNS1="8.8.8.8"
GATEWAY="172.16.20.1"
NM_CONTROLLED="no"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="yes"
IPV6INIT=no
ONBOOT="yes"
TYPE="OVSIntPort"
OVS_BRIDGE=br-ex
DEVICETYPE="ovs"

[root@juno1 network-scripts(keystone_admin)]# cat ifcfg-em1
DEVICE="em1"
# HWADDR=00:22:15:63:E4:E2
ONBOOT="yes"
TYPE="OVSPort"
DEVICETYPE="ovs"
OVS_BRIDGE=br-ex
NM_CONTROLLED=no
IPV6INIT=no

Disable && Stop NetworkManager, enable service network && restart it.

I would remove public_subnet and public network created by Neutron. Just clean up gateway to public in demo login. Then create new public network via admin account matching exactly your real network 172.16.21.0/23 with gateway matching real gateway 172.16.20.1 and with big enough allocation pool
New public network should have shared status if belongs admin tenant either belong tenant services.
Relogin to demo and make router to have gateway to new public network.
Then make em1 OVS port of OVS bridge br-ex. Like this :-

[root@juno1 network-scripts(keystone_admin)]# cat ifcfg-br-ex
DEVICE="br-ex"
BOOTPROTO="static"
IPADDR="172.16.21.11"
NETMASK="172.16.21.0/23"
NETMASK="255.255.254.0"
BROADCAST="172.16.21.255"
DNS1="8.8.8.8"
GATEWAY="172.16.20.1"
NM_CONTROLLED="no"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="yes"
IPV6INIT=no
ONBOOT="yes"
TYPE="OVSIntPort"
OVS_BRIDGE=br-ex
DEVICETYPE="ovs"

[root@juno1 network-scripts(keystone_admin)]# cat ifcfg-em1
DEVICE="em1"
# HWADDR=00:22:15:63:E4:E2
ONBOOT="yes"
TYPE="OVSPort"
DEVICETYPE="ovs"
OVS_BRIDGE=br-ex
NM_CONTROLLED=no
IPV6INIT=no

Disable && Stop NetworkManager, enable service network && restart it.

I would remove public_subnet and public network created by Neutron. Just clean up gateway to public in demo login. Then create new public network via admin account matching exactly your real network 172.16.21.0/23 172.16.20.0/23 with gateway matching real gateway 172.16.20.1 and with big enough allocation pool
New public network should have shared status if belongs admin tenant either belong tenant services.
Relogin to demo and make router to have gateway to new public network.
Then make em1 OVS port of OVS bridge br-ex. Like this :-

[root@juno1 network-scripts(keystone_admin)]# cat ifcfg-br-ex
DEVICE="br-ex"
BOOTPROTO="static"
IPADDR="172.16.21.11"
NETMASK="255.255.254.0"
BROADCAST="172.16.21.255"
DNS1="8.8.8.8"
GATEWAY="172.16.20.1"
NM_CONTROLLED="no"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="yes"
IPV6INIT=no
ONBOOT="yes"
TYPE="OVSIntPort"
OVS_BRIDGE=br-ex
DEVICETYPE="ovs"

[root@juno1 network-scripts(keystone_admin)]# cat ifcfg-em1
DEVICE="em1"
# HWADDR=00:22:15:63:E4:E2
ONBOOT="yes"
TYPE="OVSPort"
DEVICETYPE="ovs"
OVS_BRIDGE=br-ex
NM_CONTROLLED=no
IPV6INIT=no

Disable && Stop NetworkManager, enable service network && restart it.

I would remove public_subnet and public network created by Neutron. Just clean up gateway to public in demo login. Then create new public network via admin account matching exactly your real network 172.16.20.0/23 with gateway matching real gateway 172.16.20.1 and with big enough allocation pool
New public network should have shared status if belongs admin tenant either belong tenant services.
Via CLI :

# source keystonerc_admin
# neutron net-create public --router:external=True  --shared
# neutron subnet-create public 172.16.20.0/23 --name sub_public --enable_dhcp False \
   --allocation_pool start=172.16.20.50,end=172.16.21.150  \
   --gateway 172.16.20.1

Relogin to demo and make router to have gateway to new public network.
Then make em1 OVS port of OVS bridge br-ex. Like this :-

[root@juno1 network-scripts(keystone_admin)]# cat ifcfg-br-ex
DEVICE="br-ex"
BOOTPROTO="static"
IPADDR="172.16.21.11"
NETMASK="255.255.254.0"
BROADCAST="172.16.21.255"
DNS1="8.8.8.8"
GATEWAY="172.16.20.1"
NM_CONTROLLED="no"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="yes"
IPV6INIT=no
ONBOOT="yes"
TYPE="OVSIntPort"
OVS_BRIDGE=br-ex
DEVICETYPE="ovs"

[root@juno1 network-scripts(keystone_admin)]# cat ifcfg-em1
DEVICE="em1"
# HWADDR=00:22:15:63:E4:E2
ONBOOT="yes"
TYPE="OVSPort"
DEVICETYPE="ovs"
OVS_BRIDGE=br-ex
NM_CONTROLLED=no
IPV6INIT=no

Disable && Stop NetworkManager, enable service network && restart it.

I would remove public_subnet and public network created by Neutron. Just clean up gateway to public in demo login. Then create new public network via admin account matching exactly your real network 172.16.20.0/23 with gateway matching real gateway 172.16.20.1 and with big enough allocation pool
New public network should have shared status if belongs admin tenant either belong tenant services.
Via CLI remove old public :

source keystonerc_demo
neutron router-gateway-clear router1
source keystonerc_admin
neutron subnet-delete public_subnet
neutron net-delete public

Create new public matching real

# source keystonerc_admin
# neutron net-create public --router:external=True  --shared
# neutron subnet-create public 172.16.20.0/23 --name sub_public --enable_dhcp False \
   --allocation_pool start=172.16.20.50,end=172.16.21.150  \
   --gateway 172.16.20.1

Relogin to demo and make router to have gateway to new public network.
Then make em1 OVS port of OVS bridge br-ex. Like this :-

[root@juno1 network-scripts(keystone_admin)]# cat ifcfg-br-ex
DEVICE="br-ex"
BOOTPROTO="static"
IPADDR="172.16.21.11"
NETMASK="255.255.254.0"
BROADCAST="172.16.21.255"
DNS1="8.8.8.8"
GATEWAY="172.16.20.1"
NM_CONTROLLED="no"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="yes"
IPV6INIT=no
ONBOOT="yes"
TYPE="OVSIntPort"
OVS_BRIDGE=br-ex
DEVICETYPE="ovs"

[root@juno1 network-scripts(keystone_admin)]# cat ifcfg-em1
DEVICE="em1"
# HWADDR=00:22:15:63:E4:E2
ONBOOT="yes"
TYPE="OVSPort"
DEVICETYPE="ovs"
OVS_BRIDGE=br-ex
NM_CONTROLLED=no
IPV6INIT=no

Disable && Stop NetworkManager, enable service network && restart it.

UPDATE as of 11/24/2014
VLAN tag 4095 has special meaning that the port is "dead"
From your `ovs-vsctl show report

[hcuser@localhost ~]$ sudo ovs-vsctl show
62c30134-97e2-4723-b42c-9474eb333885
    Bridge br-int
        fail_mode: secure
        Port "tap231aae57-ee"
            tag: 1
            Interface "tap231aae57-ee"
        Port "tap0b36c82a-61"
            tag: 4095
            Interface "tap0b36c82a-61"

The last interface corresponds your private demo network

Via dashboard :-
Please create new demo_private1 network ( say 20.0.0.0/24), new router router2
Create interface to demo_private1 network at router2. 
Create gateway to public at router2.
Repost new `ovs-vsctl` show. 
If you will  still will experience problems please open new question

I would remove public_subnet and public network created by Neutron. Just clean up gateway to public in demo login. Then create new public network via admin account matching exactly your real network 172.16.20.0/23 with gateway matching real gateway 172.16.20.1 and with big enough allocation pool
New public network should have shared status if belongs admin tenant either belong tenant services.
Via CLI remove old public :

source keystonerc_demo
neutron router-gateway-clear router1
source keystonerc_admin
neutron subnet-delete public_subnet
neutron net-delete public

Create new public matching real

# source keystonerc_admin
# neutron net-create public --router:external=True  --shared
# neutron subnet-create public 172.16.20.0/23 --name sub_public --enable_dhcp False \
   --allocation_pool start=172.16.20.50,end=172.16.21.150  \
   --gateway 172.16.20.1

Relogin to demo and make router to have gateway to new public network.
Then make em1 OVS port of OVS bridge br-ex. Like this :-

[root@juno1 network-scripts(keystone_admin)]# cat ifcfg-br-ex
DEVICE="br-ex"
BOOTPROTO="static"
IPADDR="172.16.21.11"
NETMASK="255.255.254.0"
BROADCAST="172.16.21.255"
DNS1="8.8.8.8"
GATEWAY="172.16.20.1"
NM_CONTROLLED="no"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="yes"
IPV6INIT=no
ONBOOT="yes"
TYPE="OVSIntPort"
OVS_BRIDGE=br-ex
DEVICETYPE="ovs"

[root@juno1 network-scripts(keystone_admin)]# cat ifcfg-em1
DEVICE="em1"
# HWADDR=00:22:15:63:E4:E2
ONBOOT="yes"
TYPE="OVSPort"
DEVICETYPE="ovs"
OVS_BRIDGE=br-ex
NM_CONTROLLED=no
IPV6INIT=no

Disable && Stop NetworkManager, enable service network && restart it.

UPDATE as of 11/24/2014
VLAN tag 4095 has special meaning that the port is "dead"
From your `ovs-vsctl show ovs-vsctl show report

[hcuser@localhost ~]$ sudo ovs-vsctl show
62c30134-97e2-4723-b42c-9474eb333885
    Bridge br-int
        fail_mode: secure
        Port "tap231aae57-ee"
            tag: 1
            Interface "tap231aae57-ee"
        Port "tap0b36c82a-61"
            tag: 4095
            Interface "tap0b36c82a-61"

The last interface corresponds your private demo network

Via dashboard :-
Please create new demo_private1 network ( say 20.0.0.0/24), new router router2
Create interface to demo_private1 network at router2. 
Create gateway to public at router2.
Repost new `ovs-vsctl` show. 
If you will  still will  experience problems please open new question

I would remove public_subnet and public network created by Neutron. Just clean up gateway to public in demo login. Then create new public network via admin account matching exactly your real network 172.16.20.0/23 with gateway matching real gateway 172.16.20.1 and with big enough allocation pool
New public network should have shared status if belongs admin tenant either belong tenant services.
Via CLI remove old public :

source keystonerc_demo
neutron router-gateway-clear router1
source keystonerc_admin
neutron subnet-delete public_subnet
neutron net-delete public

Create new public matching real

# source keystonerc_admin
# neutron net-create public --router:external=True  --shared
# neutron subnet-create public 172.16.20.0/23 --name sub_public --enable_dhcp False \
   --allocation_pool start=172.16.20.50,end=172.16.21.150  \
   --gateway 172.16.20.1

Relogin to demo and make router to have gateway to new public network.
Then make em1 OVS port of OVS bridge br-ex. Like this :-

[root@juno1 network-scripts(keystone_admin)]# cat ifcfg-br-ex
DEVICE="br-ex"
BOOTPROTO="static"
IPADDR="172.16.21.11"
NETMASK="255.255.254.0"
BROADCAST="172.16.21.255"
DNS1="8.8.8.8"
GATEWAY="172.16.20.1"
NM_CONTROLLED="no"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="yes"
IPV6INIT=no
ONBOOT="yes"
TYPE="OVSIntPort"
OVS_BRIDGE=br-ex
DEVICETYPE="ovs"

[root@juno1 network-scripts(keystone_admin)]# cat ifcfg-em1
DEVICE="em1"
# HWADDR=00:22:15:63:E4:E2
ONBOOT="yes"
TYPE="OVSPort"
DEVICETYPE="ovs"
OVS_BRIDGE=br-ex
NM_CONTROLLED=no
IPV6INIT=no

Disable && Stop NetworkManager, enable service network && restart it.