What network configuration is required for a provider network?

asked 2019-09-24 15:37:02 -0500

dabovard gravatar image

Hello, I am very new to OS and and am stumbling my way through getting a functioning architecture.

I have gotten to the point where I am setting up my external provider network for remote access to VM's. I have been referencing these guides to gain an understanding and set it up:

https://docs.openstack.org/neutron/latest/admin/deploy-lb-selfservice.html#network-traffic-flow (https://docs.openstack.org/neutron/la...) https://docs.openstack.org/kilo/networking-guide/deploy_scenario4b.html (https://docs.openstack.org/kilo/netwo...)

I am a bit confused as to what network configuration is required of the OpenStack administrator when setting up the provider network. I am using linuxbridge as my layer-2 agent, and have connectivity all the way up to the external gateway, but still have no internet access. I have a very strong feeling it is because of how I have configured the provider network interface eth1 or how I am supplying the connection. I have internet access through eth0 (management interface) which is connected to virbr0, but I was told I need internet access through eth1 (provider interface) which makes complete sense.

I will give my understanding of whats going on, please correct me if I am wrong. (I am just a student trying to learn right now)

I was very confused at first as to why eth1 was not supposed to have an IP or any layer-3 functionality, but from reading around it seems that the provider interface is meant to be connected to VLAN's which provide layer 2 access for the VM's. One of the users here on ask openstack gave me some insight and told me that eth1 is supposed to be hooked up to a bridge which is connected to a router (internal to Openstack or physical?) interface where all of the VM and virtual router information is stored.

As an administrator, what type of connection is meant to be supplied to the provider interface eth1? Everywhere I look seems to mention a network bridge, VLAN, or some combination of the two. In other words, what type of network configuration is required to link the physical Ethernet connection on my PC to the provider network interface input on the hypervisor (in my case virt-manager). (It must be layer-2 connectivity, correct??)

Thanks for any help or further resources. Sorry if my question is dumb, doing my best as a student to understand OS.

If traffic to and from the internet flows through eth1, eth1 must be on a network from which the internet is reachable. It can be a VLAN or a "normal" network or something else.

Since eth0 is connected to the internet, just create a similar connection for eth1, e.g. on the same network as eth0.

Bernd Bausch gravatar imageBernd Bausch ( 2019-09-24 22:39:09 -0500 )edit

Hello Bernd, thanks for the input! I have avery similar connection for eth1, virbr1, and my OS nodes can ping the internet when an IP is assigned. When an IP is assigned to eth1 the VM's on the external network in OS get assigned an IP on the virbr1 subnet space. They can't ping anything though...

dabovard gravatar imagedabovard ( 2019-09-25 17:11:33 -0500 )edit

When i follow the tutorial and don't assign an IP, I have the same problem as stated above. VM's on the self service subnet can ping to everything in the cloud except the VM's on the provider external network in OS. VM's in the self service subnet can also ping to the external gateway, no internet

dabovard gravatar imagedabovard ( 2019-09-25 17:21:35 -0500 )edit