how to accessing a vxlan network from a external device

asked 2018-03-25 03:43:11 -0500

minimike gravatar image

Hello

I've got a running vxlan with openvswitch. Created and managed with neutron. This network I would like to access directly from a FreeBSD Router

+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | UP                                   |
| availability_zone_hints   |                                      |
| availability_zones        | nova                                 |
| created_at                | 2018-03-01T10:51:25Z                 |
| description               |                                      |
| dns_domain                | None                                 |
| id                        | 2d50dea0-7498-4c57-9d2f-a13a07ae3726 |
| ipv4_address_scope        | None                                 |
| ipv6_address_scope        | None                                 |
| is_default                | None                                 |
| is_vlan_transparent       | None                                 |
| mtu                       | 1450                                 |
| name                      | standard                             |
| port_security_enabled     | True                                 |
| project_id                | 74adea56ce2e48ed826860155aab9801     |
| provider:network_type     | vxlan                                |
| provider:physical_network | None                                 |
| provider:segmentation_id  | 64                                   |
| qos_policy_id             | None                                 |
| revision_number           | 3                                    |
| router:external           | Internal                             |
| segments                  | None                                 |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   | 8e8e2026-0a90-44af-8768-3e72838dbe78 |
| tags                      |                                      |
| updated_at                | 2018-03-01T10:51:25Z                 |
+---------------------------+--------------------------------------+

subnet 8e8e2026-0a90-44af-8768-3e72838dbe78 has the address 172.16.25.0/24

ovs-vsctl show tells me

...
Bridge br-tun
    Controller "tcp:127.0.0.1:6633"
        is_connected: true
    fail_mode: secure
    Port "vxlan-ac186434"
        Interface "vxlan-ac186434"
            type: vxlan
            options: {df_default="true", in_key=flow, local_ip="172.24.100.53", out_key=flow, remote_ip="172.24.100.52"}
    Port br-tun
        Interface br-tun
            type: internal
    Port "vxlan-ac186437"
        Interface "vxlan-ac186437"
            type: vxlan
            options: {df_default="true", in_key=flow, local_ip="172.24.100.53", out_key=flow, remote_ip="172.24.100.55"}
    Port patch-int
        Interface patch-int
            type: patch
            options: {peer=patch-tun}
...

On the FreeBSD Router I've created a vxlan

ifconfig vxlan create vxlanid 64 vxlanlocal 172.24.100.1 vxlanremote 172.24.100.53 inet 172.16.25.254/24

on the neutron network node with openvswitch

ovs-vsctl add-port br-tun vxlan-l3 -- set Interface vxlan-l3 type=vxlan options:df_default="true" options:in_key=flowoptions:local_ip="172.24.100.53" options:out_key=flow options:remote_ip="172.24.100.1"

maybe vxlanid 64 is missing? Something else missing? What could do the trick :) I've inspected the tunnel with e.g. tcpdump but it seems the network is on L2 not propperly connected

cheers Darko

edit retag flag offensive close merge delete