Problem with accesing external network GW

asked 2018-12-07 11:56:34 -0600

marek gravatar image

W have a bare metal server with CentOS Linux release 7.6.1810. We installed the RDO packstack Rocky release. We followed the "https://www.rdoproject.org/networking/neutron-with-existing-external-network/ (Neutron with existing external network)" guide during our setup. Unfortunately, we are facing some issues with connectivity inside our environment - VM's are not able to see default GW in external network.

We have created the following setup:

                   OpenStack - .1
                +-------------------------+
  GW - .254     |                         |
   +----+       |                         |
   |    +-------+ OVS:       vRouter      |
   |    |      ++ br-ex      ex gw - .12  |
   +----+       | + enp6s0                |
        |       |            VM Float. IP |
        |       |            .14          |
        |       |                         |
        |       +-------------------------+
        |
        |       +----+
        |       |    |
        +-------+    |
                +----+
                host - .3

From OpensStack vRouter namespace we are able to ping all hosts in the network, except default GW (.254). From host .3 we are able to ping all IP, including VMs in our private networks with assigned floating IPs. When we tried to sniff ARP packages, we are able to see ARP from GW comming to enp6s0 but unfortunarelly nothing was received in the vRouter site.

Here is sample output from enp6s0 interface. First succesful one:

13:11:35.492414 fa:16:3e:b3:0d:f1 > 00:25:b5:20:a0:11, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 172.17.88.3 tell 172.17.88.12, length 28
13:11:35.492608 00:25:b5:20:a0:11 > fa:16:3e:b3:0d:f1, ethertype 802.1Q (0x8100), length 60: vlan 0, p 0, ethertype ARP, Ethernet (len 6), IPv4 (len 4), Reply 172.17.88.3 is-at 00:25:b5:20:a0:11, length 42

Next ARP requests from GW:

13:12:18.628168 fa:16:3e:b3:0d:f1 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 172.17.88.254 tell 172.17.88.12, length 28
13:12:18.629358 00:00:0c:9f:f8:f0 > fa:16:3e:b3:0d:f1, ethertype 802.1Q (0x8100), length 60: vlan 0, p 6, ethertype ARP, Ethernet (len 6), IPv4 (len 4), Reply 172.17.88.254 is-at 00:00:0c:9f:f8:f0, length 42

13:12:19.628353 fa:16:3e:b3:0d:f1 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 172.17.88.254 tell 172.17.88.12, length 28
13:12:19.630608 00:00:0c:9f:f8:f0 > fa:16:3e:b3:0d:f1, ethertype 802.1Q (0x8100), length 60: vlan 0, p 6, ethertype ARP, Ethernet (len 6), IPv4 (len 4), Reply 172.17.88.254 is-at 00:00:0c:9f:f8:f0, length 42

External gateway on vRouter output:

ip netns exec qrouter-8b252334-f03f-4de5-beda-34097e299df5 tcpdump -nni qg-1967f4b6-76 -e arp -vv

tcpdump: listening on qg-1967f4b6-76, link-type EN10MB (Ethernet), capture size 262144 bytes
12:33:51.956362 fa:16:3e:b3:0d:f1 > 00:25:b5:20:a0:11, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 172.17.88.3 tell 172.17.88.12, length 28
12:33:51.956886 00:25 ...
(more)
edit retag flag offensive close merge delete