Why NEUTRON needs interface phy-br-ex & int-br-ex? [closed]

2014-04-03 06:22:50

thuanqin

I am setting up a HAVANA environment and use NEUTRON VLAN for network. I'm really confused about why NEUTRON create phy-br-ex & int-br-ex on network node. Any one know what they are used for? Thanks.

Closed for the following reason the question is answered, right answer was accepted
2014-04-07 07:36:43

2 answers

2014-04-03 06:53:39

sateesh


br-ex is used to connect external network(Br - Bridging to external network) br-int is used to connect internal network ( For VM `s communication)

You have to Map br-ex to eth0/1 to access internet/access VM from outside)


ovs-vsctl add-br br-int

ovs-vsctl add-br br-ext ovs-vsctl add-port br-ext eth0/1

Regards Sateesh

Thanks sateesh. I understand the meaning of br-ex and br-int, but I don't understand the meaning of the veth pair 'phy-br-ex' and 'int-br-ex'.they connect br-ex and br-int, but I didn't see any network flow through them. Do you know what they are used for? Thanks. (Pls forgive my poor english :))

thuanqin ( 2014-04-03 07:08:08 -0500 )

You can find a picture that depict it from here: (

thuanqin ( 2014-04-03 07:09:58 -0500 )

Specifically slide 14. Comparison with the LinuxBridge model might also help you fully understand the architecture:

jtopjian ( 2014-04-03 09:08:20 -0500 )

2014-04-03 09:22:34

They are virtual ports.

phy-br-ex is the port attached to the vSwitch br-ex and phy-br-int is the port attached to the vSwitch br-int.

These are linked internally to allow traffic to flow from br-ex to br-int, or vice versa. The reason why you cannot see them is because these are taken to be the physical ports through where the traffic flows. Programs like tcpdump only allow you to capture traffic on a driver (eth0, for example).

Hope this helps.

Thank you mithilarun. I know they are virtual ports but I can't understand why they are needed. I think that the internal traffic flow can be sent to br-ex through NAT&router in virtual router namespace. So which type of traffic flow need these two ports? Or if they are deleted, what will happen?

thuanqin ( 2014-04-03 09:58:03 -0500 )

In my understand, a packet from VM will follow this sequence:VM-eth0 > qbrxxx > br-int in compute-node > br-eth1 in compute-node > eth1 in compute-node > br-eth1>br-int in net-node > qr-xxx in route namespace > NAT table > qg-XXX->eth0 in net-node > public network. So no traffic flow need phy-br-ex & int-br-ex. Is that right?

thuanqin ( 2014-04-03 10:02:32 -0500 )

I can find this 'While the integration bridge and the external bridge are connected by a veth pair (int-br-ex, phy-br-ex), this example uses layer 3 connectivity to route packets from the internal networks to the public network: no packets traverse that veth pair in this example.' in this guide: , which say that these two ports are not used. So in what situation will they be used? Thanks and please forgive my poor englist :).

thuanqin ( 2014-04-03 10:10:45 -0500 )

Hey! The flow of packets that you spoke about is for the internal network. There is a similar flow to lead to the external network. VM->qg-XXX->br-int->br-ex->ethX (where ethX is the port that connects to the internet). Note that br-int is also connected to br-eth1 which is your internal network. The veth pair int-br-ex--phy-br-ex connects br-int and br-ex.

mithilarun ( 2014-04-07 05:27:48 -0500 )

