Ask Your Question
0

Problem connecting external host to vxlan

asked 2018-05-23 05:01:38 -0500

crazik gravatar image

What I need: connect external host to the neutron VXLAN subnet (for Octavia deployment).
What I did:

  • created network&subnet on neutron
  • spawned OpenStack VM with this subnet
  • created vxlan-ID interface on my external host with static address from neutron subnet
    (ip link add vxlanXX type vxlan id XX dev br0.yy dstport 0, and so on..)

What happens:

  • when I ping subnet ha-router from external host, there is no effect
  • when I ping external host from neutron namespace for this qrouter, ping starts to work in a few seconds on both sides.
  • when I try to ping any nova instance inside this subnet, there is no connection
  • when I add routing to this subnet via neutron ha-router (x.x.x.1), I got redirects, but still no connection
  • when I login to the nova instance and add exclusive routing to the my external instance via ha-router, then pings starts working on both sides.

I need to make it working without adding additional routings, or find a way to automatically add them to the newly created Openstack's VMs.
Probably I did some mistakes in above config, so please help me to find a proper way to do that.
All examples I found are about connecting OpenStack subnets with OVS, which I can't use.

Environment:

  • Ubuntu Xenial
  • OpenStack Queens
  • Neutron with LinuxBridge Agents
edit retag flag offensive close merge delete

Comments

Normally, Octavia runs in instances that are hosted on compute nodes. Why do you want to deploy it otherwise?

Bernd Bausch gravatar imageBernd Bausch ( 2018-05-23 06:21:49 -0500 )edit

You mean Octavia manager/api, or Amphoras? I thought that only Amphoras live there. As I said - I saw many configuration examples for similar design, but based on OVS, not linuxbridge.

crazik gravatar imagecrazik ( 2018-05-23 06:29:20 -0500 )edit

2 answers

Sort by ยป oldest newest most voted
0

answered 2018-05-24 03:57:02 -0500

crazik gravatar image

I changed network type from VXLAN to VLAN everything is working as expected.
I have no more time for VXLAN debugging, but it might be worth to solve this in a further time.

edit flag offensive delete link more
0

answered 2018-05-23 16:29:18 -0500

johnsom gravatar image

Yes, this is a common deployment topology connecting the lb-mgmt-net in neutron to your controller instances/hosts.

This does sound like a neutron / networking issue and not related to Octavia itself. Just off the top of my head here are a few things to consider: 1. Check your security groups and iptables configurations 2. Check you host's reverse path check settings in the kernel 3. Check the spanning tree configurations (if there are any)

Michael

edit flag offensive delete link more

Comments

Correct, it's a neutron issue only.
No iptables on both ends, SG permits all. rp_filter =1.

Anyway, I switched to the VLANs.

crazik gravatar imagecrazik ( 2018-05-24 03:59:39 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2018-05-23 05:01:38 -0500

Seen: 240 times

Last updated: May 24 '18