Ask Your Question
0

troubleshooting br-ex

asked 2015-02-03 21:27:31 -0500

august gravatar image

Hi all,

Just did a juno build and have instances getting private IPs all ok.

I have 3 networks: admin, private, public. Public is 192.168.1.0/24 which is my home router network. Build is on VMware Fusion on OSX.

So, I created external network as per the guide:

neutron net-create ext-net --router:external True --provider:physical_network external --provider:network_type flat
neutron subnet-create ext-net --name ext-subnet --allocation-pool start=192.168.1.200,end=192.168.1.210 --disable-dhcp --gateway 192.168.1.1 192.168.1.0/24
neutron router-gateway-set demo-router ext-net

This has assigned 192.168.1.200 to network:router_gateway as i expected. It does list it as "DOWN" but that seems to happen a lot :-)

However, from my mac, which is on 192.168.1.5 i can't ping 192.168.1.200 or any assigned floats behind it.

If i look in the router's namespace I see:

ip netns exec qrouter-d024a2ac-4563-4f0a-9e54-562d83dc0586 ifconfig
<snip>
qg-46dadc95-a8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.200  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::f816:3eff:fe90:b83b  prefixlen 64  scopeid 0x20<link>
<snip>

i can even ssh to the float of an instance in there:

ip netns exec qrouter-d024a2ac-4563-4f0a-9e54-562d83dc0586 ssh cirros@192.168.1.201

and it works.

tcpdumping in the namespace doesn't show any packets coming in from my pings/ssh.

I used the "autodetect" interface assignment in fusion if that means anything. I believe it's just to get an IP from the outside network and not fusion's internal DHCP one. The latter failed as well.

So, I'm hoping a networking/ops/etc guru can give me more tips to troubleshoot to reveal the problem.

August

PS.

# ovs-vsctl show
4c7b8e80-7420-4fb5-9c01-9bd961bc68dc
    Bridge br-tun
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
        Port "vxlan-ac10470d"
            Interface "vxlan-ac10470d"
                type: vxlan
                options: {df_default="true", in_key=flow, local_ip="172.16.71.12", out_key=flow, remote_ip="172.16.71.13"}
        Port br-tun
            Interface br-tun
                type: internal
    Bridge br-ex
        Port "eno50332184"
            Interface "eno50332184"
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
    Bridge br-int
        fail_mode: secure
        Port "tapf7b8b245-11"
            tag: 1
            Interface "tapf7b8b245-11"
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port "qg-46dadc95-a8"
            tag: 4095
            Interface "qg-46dadc95-a8"
                type: internal
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port br-int
            Interface br-int
                type: internal
        Port "qr-d497c7e1-fb"
            tag: 1
            Interface "qr-d497c7e1-fb"
                type: internal
    ovs_version: "2.1.3"
edit retag flag offensive close merge delete

Comments

1

tag 4095 is not good. Try reconfiguring the network. I've hit this many times and reconfiguring usually resolves (may need to redo more than once).

mickt gravatar imagemickt ( 2015-02-04 03:23:15 -0500 )edit
1

does the ovs-agent know how to map ext-net to br-ex? have you bridge_mappings = ext-net:br-ex

darragh-oreilly gravatar imagedarragh-oreilly ( 2015-02-04 14:36:19 -0500 )edit

i'll get 4095 out and see. also .. plugin.ini:network_vlan_ranges =physnet-external plugins/openvswitch/ovs_neutron_plugin.ini:bridge_mappings=physnet-external:br-ex plugins/ml2/ml2_conf.ini:network_vlan_ranges =physnet-external which i think is right? i'll test some changes

august gravatar imageaugust ( 2015-02-04 18:23:23 -0500 )edit

1 answer

Sort by ยป oldest newest most voted
0

answered 2015-02-08 17:38:20 -0500

august gravatar image

i was providing the wrong mapped bridge. i have:

plugins/openvswitch/ovs_neutron_plugin.ini:bridge_mappings=physnet-external:br-ex

and was creating my external as

--provider:physical_network external

which should have been:

--provider:physical_network physnet-external

so darragh-oreilly you were right. this helped me understand as well: http://blog.oddbit.com/2014/05/28/mul...

interesting, i don't have a vlan 4095 tag. googling this has been fascinating mickt! this is something that i can now avoid getting caught out on in the future.

thanks both of you for the help!!!!!!

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

Stats

Asked: 2015-02-03 21:27:31 -0500

Seen: 2,877 times

Last updated: Feb 08 '15