How to surf internet via Neutron GRE tunnel (Fedora 20) ?
Setup described here in details it follows Kashyap links http://kashyapc.fedorapeople.org/virt/openstack/neutron-configs-GRE-OVS-two-node.txt and http://kashyapc.fedorapeople.org/virt/openstack/Two-node-Havana-setup.txt but done for real boxes ( not virtual machines and on non-libvirt subnet )
[root@dfw02 ~(keystone_admin)]$ neutron net-show 780ce2f3-2e6e-4881-bbac-857813f9a8e0
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | 780ce2f3-2e6e-4881-bbac-857813f9a8e0 |
| name | ext |
| provider:network_type | gre |
| provider:physical_network | |
| provider:segmentation_id | 1 |
| router:external | True |
| shared | False |
| status | ACTIVE |
| subnets | f30e5a16-a055-4388-a6ea-91ee142efc3d |
| tenant_id | 04ebe929a2a34557af21b6a735986278 |
+---------------------------+--------------------------------------+
[root@dfw02 ~(keystone_admin)]$ neutron net-show 1eea88bb-4952-4aa4-9148-18b61c22d5b7
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | 1eea88bb-4952-4aa4-9148-18b61c22d5b7 |
| name | int |
| provider:network_type | gre |
| provider:physical_network | |
| provider:segmentation_id | 2 |
| router:external | False |
| shared | False |
| status | ACTIVE |
| subnets | fa930cea-3d51-4cbe-a305-579f12aa53c0 |
| tenant_id | d0a0acfdb62b4cc8a2bfa8d6a08bb62f |
+---------------------------+--------------------------------------+
[root@dfw02 ~(keystone_admin)]$ neutron router-list
+--------------------------------------+---------+-----------------------------------------------------------------------------+
| id | name | external_gateway_info |
+--------------------------------------+---------+-----------------------------------------------------------------------------+
| bf360d81-79fb-4636-8241-0a843f228fc8 | router1 | {"network_id": "780ce2f3-2e6e-4881-bbac-857813f9a8e0", "enable_snat": true} |
+--------------------------------------+---------+-----------------------------------------------------------------------------+
[root@dfw02 ~(keystone_admin)]$ neutron router-show bf360d81-79fb-4636-8241-0a843f228fc8
+-----------------------+-----------------------------------------------------------------------------+
| Field | Value |
+-----------------------+-----------------------------------------------------------------------------+
| admin_state_up | True |
| external_gateway_info | {"network_id": "780ce2f3-2e6e-4881-bbac-857813f9a8e0", "enable_snat": true} |
| id | bf360d81-79fb-4636-8241-0a843f228fc8 |
| name | router1 |
| routes | |
| status | ACTIVE |
| tenant_id | d0a0acfdb62b4cc8a2bfa8d6a08bb62f |
+-----------------------+-----------------------------------------------------------------------------+
I have two instances on Physical Compute node F19 (text) and CentOS 6.5 (Gnome desktop) I can ping and traceroute any web site. Hoewever, both browsers - "links" on F19 and firefox on CentOS 6.5 open only fedoraproject.org and yandex.ru. I read several manuals in particular
Why Can't I Browse the Internet when Using a GRE Tunnel? . I don't have any Cisco router on LAN ( just usual Dlink)
When I attempted :
ifconfig br-ex mtu 1400 ( on Controller physical host)
ifconfig p37p1 mtu 1400 (on Compute physical host)
Firefox on CentOS 6.5 stopped working at all. I cannot touch outgoing Dlink Router and change MTU on it. I believe it has to be done on all devices of my LAN. It seems to me that neutron router-create should be taken care of GRE as well
At the same time "yum -y update" & "yum -y install" works on both instances switching quickly between different mirrors in case of slow response . It means RH mirrors are ready for GRE tunneling
As far as I understand `ip tcp adjust-mss 1400` would work only on Cisco router.
I've also set mtu to 1400 on running instances ,controller (br-ex), compute (p37p1). System works, but results are the same as with mtu 1500.