Ask Your Question

troubleshooting br-ex

asked 2015-02-03 21:27:31 -0500

august gravatar image

Hi all,

Just did a juno build and have instances getting private IPs all ok.

I have 3 networks: admin, private, public. Public is which is my home router network. Build is on VMware Fusion on OSX.

So, I created external network as per the guide:

neutron net-create ext-net --router:external True --provider:physical_network external --provider:network_type flat
neutron subnet-create ext-net --name ext-subnet --allocation-pool start=,end= --disable-dhcp --gateway
neutron router-gateway-set demo-router ext-net

This has assigned to network:router_gateway as i expected. It does list it as "DOWN" but that seems to happen a lot :-)

However, from my mac, which is on i can't ping or any assigned floats behind it.

If i look in the router's namespace I see:

ip netns exec qrouter-d024a2ac-4563-4f0a-9e54-562d83dc0586 ifconfig
qg-46dadc95-a8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet  netmask  broadcast
        inet6 fe80::f816:3eff:fe90:b83b  prefixlen 64  scopeid 0x20<link>

i can even ssh to the float of an instance in there:

ip netns exec qrouter-d024a2ac-4563-4f0a-9e54-562d83dc0586 ssh cirros@

and it works.

tcpdumping in the namespace doesn't show any packets coming in from my pings/ssh.

I used the "autodetect" interface assignment in fusion if that means anything. I believe it's just to get an IP from the outside network and not fusion's internal DHCP one. The latter failed as well.

So, I'm hoping a networking/ops/etc guru can give me more tips to troubleshoot to reveal the problem.



# ovs-vsctl show
    Bridge br-tun
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
        Port "vxlan-ac10470d"
            Interface "vxlan-ac10470d"
                type: vxlan
                options: {df_default="true", in_key=flow, local_ip="", out_key=flow, remote_ip=""}
        Port br-tun
            Interface br-tun
                type: internal
    Bridge br-ex
        Port "eno50332184"
            Interface "eno50332184"
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
    Bridge br-int
        fail_mode: secure
        Port "tapf7b8b245-11"
            tag: 1
            Interface "tapf7b8b245-11"
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port "qg-46dadc95-a8"
            tag: 4095
            Interface "qg-46dadc95-a8"
                type: internal
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port br-int
            Interface br-int
                type: internal
        Port "qr-d497c7e1-fb"
            tag: 1
            Interface "qr-d497c7e1-fb"
                type: internal
    ovs_version: "2.1.3"
edit retag flag offensive close merge delete



tag 4095 is not good. Try reconfiguring the network. I've hit this many times and reconfiguring usually resolves (may need to redo more than once).

mickt gravatar imagemickt ( 2015-02-04 03:23:15 -0500 )edit

does the ovs-agent know how to map ext-net to br-ex? have you bridge_mappings = ext-net:br-ex

darragh-oreilly gravatar imagedarragh-oreilly ( 2015-02-04 14:36:19 -0500 )edit

i'll get 4095 out and see. also .. plugin.ini:network_vlan_ranges =physnet-external plugins/openvswitch/ovs_neutron_plugin.ini:bridge_mappings=physnet-external:br-ex plugins/ml2/ml2_conf.ini:network_vlan_ranges =physnet-external which i think is right? i'll test some changes

august gravatar imageaugust ( 2015-02-04 18:23:23 -0500 )edit

1 answer

Sort by ยป oldest newest most voted

answered 2015-02-08 17:38:20 -0500

august gravatar image

i was providing the wrong mapped bridge. i have:


and was creating my external as

--provider:physical_network external

which should have been:

--provider:physical_network physnet-external

so darragh-oreilly you were right. this helped me understand as well:

interesting, i don't have a vlan 4095 tag. googling this has been fascinating mickt! this is something that i can now avoid getting caught out on in the future.

thanks both of you for the help!!!!!!

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools



Asked: 2015-02-03 21:27:31 -0500

Seen: 3,720 times

Last updated: Feb 08 '15