Ask Your Question
0

Why would an OVS bridge not forward ARP

asked 2012-09-20 23:07:13 -0500

sunil-srivastava gravatar image

Bridge "br-eth0" Port "br-eth0" Interface "br-eth0" type: internal Port "eth0" Interface "eth0" Port "phy-br-eth0" Interface "phy-br-eth0" Bridge br-int Port "tap55d1e5e8-ab" tag: 1 Interface "tap55d1e5e8-ab" type: internal Port "qr-4b50a17d-3c" tag: 1 Interface "qr-4b50a17d-3c" type: internal Port "int-br-eth0" Interface "int-br-eth0" Port "tape8d6e0a5-52" tag: 1 Interface "tape8d6e0a5-52" Port "tap6176588e-48" tag: 1 Interface "tap6176588e-48" Port br-int Interface br-int type: internal

I can see ARP packets sent from int-br-eth0 to phy-br-eth0 but not to upstream eth0.

So we cannot ping from one VM (or DHCP NetNS) on one machine to another VM on another machine.

I see the ping triggering ARPs. The Tx counter of int-br-eth0 and Rx counter of phy-br-eth0 were also corelated with ping.

edit retag flag offensive close merge delete

25 answers

Sort by ยป oldest newest most voted
0

answered 2012-09-26 21:55:55 -0500

sunil-srivastava gravatar image

Thanks Eoghan, that solved my question.

edit flag offensive delete link more
1

answered 2012-09-21 16:35:11 -0500

eoghank gravatar image

Original question is answered.

edit flag offensive delete link more
0

answered 2012-09-21 16:11:23 -0500

gongysh gravatar image

And if your original question is answered, we should close this question. If we have new ones, we should open new one. Different questions in one thread is not helpful for others to query.

edit flag offensive delete link more
0

answered 2012-09-21 16:09:31 -0500

gongysh gravatar image

Yes. But to enable the networks on multi-nodes to connect together, u need corresponding actual physical net which runs on the given VLAN id. For example, If your virtual network has | provider:segmentation_id = 1, u will have to enable your hardware switch to allow Vlan 1 to pass.

edit flag offensive delete link more
0

answered 2012-09-21 15:46:51 -0500

eoghank gravatar image

I had these in the localrc before I ran stack.sh

ENABLE_TENANT_VLAN=True TENANT_VLAN_RANGE=1:1000 PHYSICAL_NETWORK=eth0

And nova.conf had vlan_interface=eth0

ovs_quantum_plugin.ini had these flags set:

bridge_mappings = eth0:br-eth0 tenant_network_type = vlan network_vlan_ranges = eth0:1:1000

Should this be sufficient for the networks to run as VLAN type?

edit flag offensive delete link more
0

answered 2012-09-21 14:49:49 -0500

gongysh gravatar image

both of your networks are local type: stack@esg-dell-c4-s11:~/gitstack/devstack$ quantum net-show net1 +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | True | | id | fa8f9c5e-e41a-4f80-955c-94b3a45b9dcb | | name | net1 | | provider:network_type | local |

the flow is to drop by default. if we have Vms on the network with Vlan network_type, the port will be opened.

edit flag offensive delete link more
0

answered 2012-09-21 13:58:25 -0500

eoghank gravatar image

Following on from Yong's suggestion about flow control rules I checked the rules on br-int and br-eth0 on both nodes. The example below is from br-int on the controller and port 20 was set to drop by default. This was the same for br-int on the other node, and for br-eth0 on both nodes.

sudo ovs-ofctl show br-int OFPT_FEATURES_REPLY (xid=0x1): ver:0x1, dpid:00005aa5a97a1541 n_tables:255, n_buffers:256 features: capabilities:0xc7, actions:0xfff 2(tap55d1e5e8-ab): addr:0b:02:00:00:00:00 config: PORT_DOWN state: LINK_DOWN 18(tape8d6e0a5-52): addr:b6:a6:52:18:de:00 config: 0 state: 0 current: 10MB-FD COPPER 19(tap6176588e-48): addr:7e:b5:44:0c:fa:0d config: 0 state: 0 current: 10MB-FD COPPER 20(int-br-eth0): addr:6a:36:6c:2e:3a:76 config: 0 state: 0 current: 10GB-FD COPPER

$sudo ovs-ofctl dump-flows br-int NXST_FLOW reply (xid=0x4): cookie=0x0, duration=75826.521s, table=0, n_packets=810503, n_bytes=104709261, priority=2,in_port=20 actions=drop cookie=0x0, duration=75826.959s, table=0, n_packets=50413, n_bytes=9135002, priority=1 actions=NORMAL

Once I opened these up for both br-int and br-eth0 on both sides I could ping instances from either side so this is now working.

Is there any reason why these ports would be set to drop by default?

Thanks Eoghan

edit flag offensive delete link more
0

answered 2012-09-21 07:51:00 -0500

gongysh gravatar image

Seen from Floor #11, you are using local mode where the traffic will not go out from the machine. U can try multiple Vms on the same machine, they should can ping each other.

edit flag offensive delete link more
0

answered 2012-09-21 07:03:31 -0500

sunil-srivastava gravatar image

Sorry, I need to go. Someone from EMC would follow up.

edit flag offensive delete link more
0

answered 2012-09-21 07:03:28 -0500

sunil-srivastava gravatar image

Sorry, I need to go. Someone from EMC would follow up.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2012-09-20 23:07:13 -0500

Seen: 1,837 times

Last updated: Sep 26 '12