Add and use secondary up to openstack vm

asked 2018-08-06 00:05:15 -0600

akarki gravatar image

updated 2018-08-06 00:06:35 -0600

Hi, We are trying to add secondary ip to an openstack vm. We saw that vm's were not able to communicate via secondary ip.however disabling port security did the trick also came around --allowed address pair in neutron commmand would also work

So, my question is is it possible to change ovs configuration to allow traffic from the secondary ip and not disable port security or allowed address pair...

Because according to me ovs must put vlan tags for the ip known to the setup and drop all others.

One more thing how can I check ovs traffic flows for a VM I cannot get a proper documentation for that..

Thanks in advance

edit retag flag offensive close merge delete

Comments

I recommend https://assafmuller.com/category/open... and https://assafmuller.com/category/dvr/ to learn about traffic flows in Neutron and how to interpret commands like ovs-ofctl. These blogs are fairly old but probably still correct, or good enough for inspiration.

Bernd Bausch gravatar imageBernd Bausch ( 2018-08-06 04:29:39 -0600 )edit

By the way, on my Newton-based Packstack cloud, I created an instance with two NICs on the same network, set the correct IP address on eth1 and set the default route to eth1 as well. No problem communicating into the instance via floating IP, and out of the instance.

Bernd Bausch gravatar imageBernd Bausch ( 2018-08-06 04:55:20 -0600 )edit

So, there is no need to tweak OVS, disable port security or use allowed-address-pairs. It should work out of the box.

Bernd Bausch gravatar imageBernd Bausch ( 2018-08-06 04:56:51 -0600 )edit