Need help setting up neutron networking

asked 2014-11-13 12:40:20 -0600

patrickt33 gravatar image

updated 2014-11-14 09:01:07 -0600

So, here's the goal. A 10 node cluster, each node will have a physical IP on The virtual machines should receive private IPs of Then I'll want a floating IP pool of

I had this working (mostly) in Essex with nova, but I'm having a really difficult time translating this to Juno neutron. I feel like I'm setting up the networks properly, but the DHCP is not giving out private IPs to the instances, and floating IPs never get assigned to a virtual interface on the host (but are assigned in the dashboard), and so the virtual machines are not accessible from the outside.

I've been installing using packstack --allinone and setting up my interface using the instructions for "Neutron with existing external network". I've also removed the default networking info that packstack installs that's not valid in my network (as referenced by this question in these forums: ). Below are the commands I've used to install the instance and create the networking. I'm completely stumped here, I don't understand why this isn't working. There are no errors in dhcp-agent.log, or in server.log.


packstack --allinone --provision-all-in-one-ovs-bridge=n
vi /etc/sysconfig/network-scripts/ifcfg-br-ex
vi /etc/sysconfig/network-scripts/ifcfg-eth0 
vi /etc/neutron/plugin
vi /etc/neutron/plugin.ini 
service network restart

Delete default networking

source ~/keystonerc_admin 
neutron router-gateway-clear router1
neutron subnet-delete public_subnet
neutron net-delete public
neutron router-interface-delete router1 private_subnet
neutron subnet-delete private_subnet
neutron net-delete private
neutron router-delete router1

Create private net

neutron router-create router1
neutron net-create private
neutron subnet-create --name private_subnet private --allocation-pool start=,end=
neutron net-create private
neutron router-interface-add router1 private_subnet

Create public/floating net

neutron net-create public --router:external=True
neutron subnet-create public --name public_subnet --enable_dhcp=False --allocation-pool start=,end= --gateway=
neutron router-gateway-set router1 public

Interface info

br-ex: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet  netmask  broadcast
        inet6 fe80::862b:2bff:fe78:316c  prefixlen 64  scopeid 0x20<link>
        ether 84:2b:2b:78:31:6c  txqueuelen 0  (Ethernet)
        RX packets 213075  bytes 355561184 (339.0 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 169728  bytes 26477107 (25.2 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

br-int: flags=4098<BROADCAST,MULTICAST>  mtu 1500
        ether 86:61:3a:5a:a8:4a  txqueuelen 0  (Ethernet)
        RX packets 506  bytes 85706 (83.6 KiB)
        RX errors 0  dropped 15  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

br-tun: flags=4098<BROADCAST,MULTICAST>  mtu 1500
        ether 62:d4:03:21:b2:4f  txqueuelen ...
edit retag flag offensive close merge delete


Please, post ls -l /etc/neutron && /etc/neutron/plugins/ml2/ml2_conf.ini as update 1 to your question

dbaxps gravatar imagedbaxps ( 2014-11-13 13:06:43 -0600 )edit

Please , post

$ neutron net-lst
$ neutron router-list
$ neutron agent-list
$ ip netns
as update 2 to your question.
dbaxps gravatar imagedbaxps ( 2014-11-13 13:09:00 -0600 )edit

Ok, I updated the question with those updates, thanks in advance.

patrickt33 gravatar imagepatrickt33 ( 2014-11-13 13:12:29 -0600 )edit

Creating private subnet you skipped DNS Server.

dbaxps gravatar imagedbaxps ( 2014-11-13 13:12:37 -0600 )edit

Maybe I skipped it and then added one in the dashboard, but I think there is an agent for that net:

(neutron) dhcp-agent-list-hosting-net private
fe811731-24b2-4bbf-a180-51c9dfd7d6a4 | os-storage-1 | True           | :-)

Is that what you're looking for? Also shows up in the agent list

patrickt33 gravatar imagepatrickt33 ( 2014-11-13 13:17:42 -0600 )edit

2 answers

Sort by ยป oldest newest most voted

answered 2014-11-14 20:49:25 -0600

samfrid gravatar image

Switching to eth0 and eth1 using GRUB_CMDLINE_LINUX line append "net.ifnames=0 biosdevname=0" doesn't bind eth0 and eth1 to MAC ADDRESSES of physical network adapters, on next reboot they might be replaced, what is unacceptable for Juno ( for Openstack in general).

If you have multiple interfaces on CentOS 7 and want to control naming of each device rather than letting the kernel do in its own way, /etc/udev/rules.d/60-net.rules seems necessary to override /usr/lib/udev/rules.d/60-net.rules like the following.

SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:c0:f0:4c:f5:78", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"

SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="60:a4:4c:b5:26:48", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"

I would guess that attempt to install Juno on CentOS 7 with old style Ethernet names could make sense only with udev rules approach.

edit flag offensive delete link more


I've had some problems with interface renaming. What happens is that if your interfaces are detected as "ethX" and you try to rename or reorder through 60-net.rules it doesn't work unless you use totally different names. For instance, I renamed all my interfaces using "emX" and finally worked :)

silenci gravatar imagesilenci ( 2014-11-15 09:09:38 -0600 )edit

I kinda hate marking this as the answer, since dbaxps did so much troubleshooting with me, but this is the root of it. After reinstalling with the native interface names, I have it working. Now, to add another node...

patrickt33 gravatar imagepatrickt33 ( 2014-11-17 12:12:05 -0600 )edit

Two days ago it was 2014.2-5.el7.centos. View

dbaxps gravatar imagedbaxps ( 2014-11-17 12:32:25 -0600 )edit

I'm not even sure I understand your comment? What was two days ago?

patrickt33 gravatar imagepatrickt33 ( 2014-11-17 12:44:55 -0600 )edit

openstack-neutron-2014.2-5.el7.centos.noarch had a bug
Supposed to be fixed openstack-neutron-2014.2-9.el7.centos.noarch.
You were lucky enough to skip 11/15/2014&&11/16/2014
Your were installing fixed version of neutron.

dbaxps gravatar imagedbaxps ( 2014-11-17 13:12:00 -0600 )edit

answered 2014-11-15 09:25:57 -0600

dbaxps gravatar image

updated 2014-11-16 23:18:08 -0600


Feedback from Alan Pevec
Date: Sat, 15 Nov 2014 22:10:29
Simplest fix suggested in bugzilla record

# chmod o+rx /var/lib/neutron
# chmod o+rx /var/log/neutron

Another way to fix a problem is restart dnsmasq as root. It's a bit more complicated but came to my mind first
I was afraid to change permissions on /var/lib/neutron before read bug fix in bugzilla
For particular private network killed (-9) corresponding dnsmasq ( running as nobody) and restarted it as root :-

[root@juno1 neutron]# ip net  exec qdhcp-fa268d8c-f82f-4206-b320-6aabeee19923 dnsmasq --user=root  --no-hosts --no-resolv --strict-order --bind-interfaces --interface=tapba3a2dd7-73 --except-interface=lo --pid-file=/var/lib/neutron/dhcp/fa268d8c-f82f-4206-b320-6aabeee19923/pid --dhcp-hostsfile=/var/lib/neutron/dhcp/fa268d8c-f82f-4206-b320-6aabeee19923/host --addn-hosts=/var/lib/neutron/dhcp/fa268d8c-f82f-4206-b320-6aabeee19923/addn_hosts --dhcp-optsfile=/var/lib/neutron/dhcp/fa268d8c-f82f-4206-b320-6aabeee19923/opts --leasefile-ro --dhcp-range=set:tag0,,static,86400s --dhcp-lease-max=256 --conf-file=/etc/neutron/dnsmasq.conf --domain=openstacklocal

Two private subnets running at a time

root     10722     1  0 19:58 ?        00:00:00 dnsmasq --user=root --no-hosts --no-resolv --strict-order --bind-interfaces --interface=tap7a12f9b0-a4 --except-interface=lo --pid-file=/var/lib/neutron/dhcp/45577666-657d-4f75-a3ab-9bc232f15203/pid --dhcp-hostsfile=/var/lib/neutron/dhcp/45577666-657d-4f75-a3ab-9bc232f15203/host --addn-hosts=/var/lib/neutron/dhcp/45577666-657d-4f75-a3ab-9bc232f15203/addn_hosts --dhcp-optsfile=/var/lib/neutron/dhcp/45577666-657d-4f75-a3ab-9bc232f15203/opts --leasefile-ro --dhcp-range=set:tag0,,static,86400s --dhcp-lease-max=256 --conf-file=/etc/neutron/dnsmasq.conf --domain=openstacklocal
root     14705     1  0 22:44 ?        00:00:00 dnsmasq --user=root --no-hosts --no-resolv --strict-order --bind-interfaces --interface=tapba3a2dd7-73 --except-interface=lo --pid-file=/var/lib/neutron/dhcp/fa268d8c-f82f-4206-b320-6aabeee19923/pid --dhcp-hostsfile=/var/lib/neutron/dhcp/fa268d8c-f82f-4206-b320-6aabeee19923/host --addn-hosts=/var/lib/neutron/dhcp/fa268d8c-f82f-4206-b320-6aabeee19923/addn_hosts --dhcp-optsfile=/var/lib/neutron/dhcp/fa268d8c-f82f-4206-b320-6aabeee19923/opts --leasefile-ro --dhcp-range=set:tag0,,static,86400s --dhcp-lease-max=256 --conf-file=/etc/neutron/dnsmasq.conf --domain=openstackloca

Fragment /var/log/neutron/dnsmasq.log

Nov 15 23:07:41 dnsmasq-dhcp[10722]: 4185608062 available DHCP subnet:
Nov 15 23:07:41 dnsmasq-dhcp[10722]: 4185608062 client provides name: ubuntursx1511
Nov 15 23:07:41 dnsmasq-dhcp[10722]: 4185608062 DHCPREQUEST(tap7a12f9b0-a4) fa:16:3e:dd:4e:86
Nov 15 23:07:41 dnsmasq-dhcp[10722]: 4185608062 tags: tag0, known, tap7a12f9b0-a4
Nov 15 23:07:41 dnsmasq-dhcp[10722]: 4185608062 DHCPACK(tap7a12f9b0-a4) fa:16:3e:dd:4e:86 host-50-0-0-33
Nov 15 23:07:41 dnsmasq-dhcp[10722]: 4185608062 requested options: 1:netmask, 28:broadcast, 2:time-offset, 3:router,
Nov 15 23:07:41 dnsmasq-dhcp[10722]: 4185608062 requested options: 15:domain-name, 6:dns-server, 119:domain-search,
Nov 15 23:07:41 dnsmasq-dhcp[10722]: 4185608062 requested options: 12:hostname, 44:netbios-ns, 47:netbios-scope,
Nov 15 23:07:41 dnsmasq-dhcp[10722]: 4185608062 requested options: 26:mtu, 121:classless-static-route, 42:ntp-server
Nov 15 23:07:41 dnsmasq-dhcp[10722]: 4185608062 next server:
Nov 15 23:07:41 dnsmasq-dhcp[10722]: 4185608062 sent size:  1 option: 53 message-type  5
Nov 15 23:07:41 ...
edit flag offensive delete link more


Is it possible that my problem here is related with the same issue you're explaining in this thread? My two VMs are CentOS 7 too.

GLaupre gravatar imageGLaupre ( 2014-11-15 15:17:30 -0600 )edit
dbaxps gravatar imagedbaxps ( 2014-11-16 00:39:01 -0600 )edit


When you change the dnsmasq in the DHCP, the interface=tapba3a2dd7-73 correspond to interface in the br-int of the compute node? I am not sure to understand that.

GLaupre gravatar imageGLaupre ( 2014-11-16 17:46:31 -0600 )edit

tapba3a2dd7-73 is attached to br-int on Network Node. If you run :-

ip  netns exec qdhcp-fa268d8c-f82f-4206-b320-6aabeee19923 ifconfig

It will show you tapba3a2dd7-73

dbaxps gravatar imagedbaxps ( 2014-11-16 23:09:19 -0600 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools



Asked: 2014-11-13 12:40:20 -0600

Seen: 1,906 times

Last updated: Nov 16 '14