Ask Your Question
0

Router External Gateway DOWN

asked 2013-07-18 16:08:26 -0500

philip-smith-r gravatar image

Hi All,

I have checked the other questions: 219937 212848 216209

I have 'similar' issues, the main one would be:

ovs-ofctl show br-ex OFPT_FEATURES_REPLY (xid=0x1): ver:0x1, dpid:00000017a4774836 n_tables:255, n_buffers:256 features: capabilities:0xc7, actions:0xfff 1(eth1): addr:00:17:a4:77:48:36 config: 0 state: 0 current: FIBER AUTO_NEG advertised: 1GB-FD 10GB-FD FIBER AUTO_NEG AUTO_PAUSE AUTO_PAUSE_ASYM supported: 1GB-FD 10GB-FD FIBER AUTO_NEG AUTO_PAUSE AUTO_PAUSE_ASYM 2(qg-331c3226-a4): addr:f7:be:ff:7f:00:00 config: PORT_DOWN state: LINK_DOWN 3(phy-br-ex): addr:d6:ce:c6:5a:ad:4e config: 0 state: 0 current: 10GB-FD COPPER 4(tap664558c8-d4): addr:5e:c3:fb:85:e6:8d config: 0 state: 0 current: 10GB-FD COPPER LOCAL(br-ex): addr:00:17:a4:77:48:36 config: 0 state: 0 OFPT_GET_CONFIG_REPLY (xid=0x3): frags=normal miss_send_len=0

ovs-dpctl show br-ex system@br-ex: lookups: hit:11281 missed:3237 lost:2 flows: 10 port 0: br-ex (internal) port 1: eth1 Jul 18 16:58:12|00001|netdev_linux|WARN|/sys/class/net/qg-331c3226-a4/carrier: open failed: No such file or directory port 2: qg-331c3226-a4 (internal) port 3: phy-br-ex port 4: tap664558c8-d4

However that is where it stops, please see the rest of my symptoms and hopefully find where I have configured it incorrectly...

I'm using Quantum with VLANs, the external interface (eth1) is running in promiscuous mode with no IP set, if I trash the router and add a port from the shared 'public' network, the interface comes up and I can ping the gateway (or other hosts on that network).

Whereas if I set this network as a gateway of the router, the correct IPs are assigned however the router interface stays down and I cannot send icmp/packets.

I've set debugging and can't find anything obvious, I'm not sure where else to look, my config looks like this:

auto eth1 iface eth1 inet manual up ifconfig $IFACE 0.0.0.0 up up ifconfig $IFACE promisc down ifconfig $IFACE down

Bridge br-ex Port "eth1" Interface "eth1" Port "qg-331c3226-a4" Interface "qg-331c3226-a4" type: internal Port br-ex Interface br-ex type: internal Port phy-br-ex Interface phy-br-ex

ip netns qrouter-1834e44d-6579-4871-88de-60291d30a8ac

ip netns exec qrouter-1834e44d-6579-4871-88de-60291d30a8ac ip link 13: qr-f0c2c33f-8a: <broadcast,multicast,up,lower_up> mtu 1500 qdisc noqueue state UNKNOWN link/ether fa:16:3e:7d:b6:d7 brd ff:ff:ff:ff:ff:ff 15: qg-331c3226-a4: <broadcast,multicast,up,lower_up> mtu 1500 qdisc noqueue state UNKNOWN link/ether fa:16:3e:dc:85:15 brd ff:ff:ff:ff:ff:ff 23: lo: <loopback,up,lower_up> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

ip netns exec qrouter-1834e44d-6579-4871-88de-60291d30a8ac netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 10.23.252.254 0.0.0.0 UG 0 0 0 qg-331c3226-a4 10.23.252.128 0.0.0.0 255.255.255.128 U 0 0 0 qg-331c3226-a4 10.28.253.0 0.0.0 ... (more)

edit retag flag offensive close merge delete
add a comment

4 answers

Sort by ยป oldest newest most voted
0

answered 2013-07-19 10:39:37 -0500

philip-smith-r gravatar image

The admin states are always up. As I say, the configuration of the HP Flex10 is correct and if I set the router up with an interface in that VLAN instead of a Gateway, it comes up and I can send packets/icmp etc. The security groups obviously allow ICMP so it's not that.

We set up the eth1 interface as trunked and allow it to use 2999 as you can see from the output here: | admin_state_up | True | | id | ac647f56-5531-4f19-823d-16ca8bdcf842 | | name | public_network | | provider:network_type | vlan | | provider:physical_network | physnet1 | | provider:segmentation_id | 2999 | | router:external | True | | shared | True | | status | ACTIVE |

I hope so too, as per the questions/bugs I have referenced above, I haven't seen anything that solves this yet and I'm quite open to this being my own configuration issue, so I just need guidance on correcting it, or if it is not a configuration issue and it turns out to be a bug, I need a fix.

I'm hoping to do a POC demonstration to my company next week - fingers crosse! :)

Phil

edit flag offensive delete link more
add a comment
0

answered 2013-07-19 16:17:07 -0500

philip-smith-r gravatar image

One thing I have noticed in the example here: http://docs.openstack.org/trunk/openstack-network/admin/content/under_the_hood_openvswitch.html#d6e1190 (http://docs.openstack.org/trunk/opens...)

The external/public facing network is flat, whereas we're using a VLAN interface, will this matter?

edit flag offensive delete link more
add a comment
0

answered 2013-07-19 10:14:28 -0500

aji-zqfan gravatar image

i'm using ovs in gre mode, and i got same problem as you said: ovs-dpctl show br-ex: carrier: open failed: No such file or directory quantum port-show $wlan_port_id: status=down

however, i can ping outside via the wlan port from internal network port, i think it is because whether the port's is alive depends on admin_state_up, not status

hope someone can figure out where your problem

good luck

edit flag offensive delete link more
add a comment
0

answered 2013-07-23 07:17:03 -0500

philip-smith-r gravatar image

Ok so.. I guess I found the issue to be my configuration, however I would still like to explore the possibility of using VLANmode on the public facing interface.

I have managed to get this working now by setting my eth1 (originally using VLANs) to flat network, which means my switch is configured as an access port on vlan 2999 and the eth0 interface (patched via HP Flex) connected directly to it.

I removed the phsynet1:br-eth1 entry from OVS ini file and then used the command:

quantum net-create --tenant-id $tenant public_network --provider:network_type local --router:external=True

I'm not sure how, but this attached itself to eth1 (eth0 is configured with an IP as the physical management network and eth2 is promisq and has no IP but is assigned to physnet2:vlan X:X etc)

I have had issues around deleting networks/routers/ports, but have found that if you remove all of the networks/tenants/subnets/interfaces/ports etc etc and start again it tends to work.

I now have a fully working VLAN backend, provider router with a flat public interface. Floating IP is also working nicely.

edit flag offensive delete link more
add a comment

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2013-07-18 16:08:26 -0500

Seen: 667 times

Last updated: Jul 23 '13

Related questions

Possible delay in Quantum GRE and flows

quantum net-list Connection refused

floating ip and namespace issue

Neutron uses wrong os-auth-url

Using in-house IPAM with OpenStack

No files in /var/lib/nova/instances

Keystone did not start

set bucket acl in nova-objectstore

Is RYU still supported in OpenStack?

Instance Internet connection problems