Packet flow in linux-bridge environment
I wanted to understand the packet flow in neutron. The scenario is particularly the case where an instance receives an IP address from the DHCP process running on the controller node.
One of my instances was not getting an IP address to its eth0 interface. Upon debugging, i found out in '/var/log/messages' that it didnot receive a DHCP Offer.
So i started capturing bootp packets on all the interfaces.
1) Ran dhclient on the VM. 2) Captured Bootp packets on the tap interface on compute node 3) Captured Bootp packets on the brq interface on compute node. [linux bridge -newton install openstack] 4) captured bootp packets on vxlan-85 interface on compute node.
All these dumps had the packets. Then i figured out the physical interface on the compute node that establishes the tunnel network. I checked the "/etc/neutron/plugins/ml2/linuxbridgeagent.ini" file and in the [vxlan] section, checked for the physical interface whose IP was listed in the [vxlan] section.
When i tried a tcpdump on this physical interface , i saw no packets.
So i wanted to understand what is the packet flow route? Why should i not expect these bootp packets on the physical interfaces on the compute and the controller machines which are configured in the [vxlan] section in the "/etc/neutron/plugins/ml2/linuxbridgeagent.ini" file?
A packet trace on that physical interface won't reveal DHCP (or BOOTP) packets, since they are encapsulated in VXLAN packets. You have to filter for VXLAN, for example
tcpdump -i ethX udp port 4789. tcpdump will interpret VXLAN packets and show you the DHCP payload they contain.I tried capturing VXLAN packets on the physical interface on port 4789. Gives me nothing. I did a network restart on the VM, but still didnot receive any packets on the physical interface
According to https://docs.openstack.org/newton/net..., the DHCP server may be on the same compute node as your VM. This would explain why packets don't leave the node. If not I am, unfortunately, at my wits' end.
I now read that your DHCP server is on the controller, but perhaps it also runs on the compute node?
There is no DHCP agent running on compute node in my case. But i would like you to confirm if my understanding of packets flow is correct or not. Thanks in advance!