troubleshooting br-ex

asked 2015-02-03 21:27:31 -0600

august gravatar image

Hi all,

Just did a juno build and have instances getting private IPs all ok.

I have 3 networks: admin, private, public. Public is 192.168.1.0/24 which is my home router network. Build is on VMware Fusion on OSX.

So, I created external network as per the guide:

neutron net-create ext-net --router:external True --provider:physical_network external --provider:network_type flat
neutron subnet-create ext-net --name ext-subnet --allocation-pool start=192.168.1.200,end=192.168.1.210 --disable-dhcp --gateway 192.168.1.1 192.168.1.0/24
neutron router-gateway-set demo-router ext-net

This has assigned 192.168.1.200 to network:router_gateway as i expected. It does list it as "DOWN" but that seems to happen a lot :-)

However, from my mac, which is on 192.168.1.5 i can't ping 192.168.1.200 or any assigned floats behind it.

If i look in the router's namespace I see:

ip netns exec qrouter-d024a2ac-4563-4f0a-9e54-562d83dc0586 ifconfig
<snip>
qg-46dadc95-a8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.200  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::f816:3eff:fe90:b83b  prefixlen 64  scopeid 0x20<link>
<snip>

i can even ssh to the float of an instance in there:

ip netns exec qrouter-d024a2ac-4563-4f0a-9e54-562d83dc0586 ssh cirros@192.168.1.201

and it works.

tcpdumping in the namespace doesn't show any packets coming in from my pings/ssh.

I used the "autodetect" interface assignment in fusion if that means anything. I believe it's just to get an IP from the outside network and not fusion's internal DHCP one. The latter failed as well.

So, I'm hoping a networking/ops/etc guru can give me more tips to troubleshoot to reveal the problem.

August

PS.

# ovs-vsctl show
4c7b8e80-7420-4fb5-9c01-9bd961bc68dc
    Bridge br-tun
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
        Port "vxlan-ac10470d"
            Interface "vxlan-ac10470d"
                type: vxlan
                options: {df_default="true", in_key=flow, local_ip="172.16.71.12", out_key=flow, remote_ip="172.16.71.13"}
        Port br-tun
            Interface br-tun
                type: internal
    Bridge br-ex
        Port "eno50332184"
            Interface "eno50332184"
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
    Bridge br-int
        fail_mode: secure
        Port "tapf7b8b245-11"
            tag: 1
            Interface "tapf7b8b245-11"
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port "qg-46dadc95-a8"
            tag: 4095
            Interface "qg-46dadc95-a8"
                type: internal
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port br-int
            Interface br-int
                type: internal
        Port "qr-d497c7e1-fb"
            tag: 1
            Interface "qr-d497c7e1-fb"
                type: internal
    ovs_version: "2.1.3"
edit retag flag offensive close merge delete

Comments

1

tag 4095 is not good. Try reconfiguring the network. I've hit this many times and reconfiguring usually resolves (may need to redo more than once).

mickt gravatar imagemickt ( 2015-02-04 03:23:15 -0600 )edit
1

does the ovs-agent know how to map ext-net to br-ex? have you bridge_mappings = ext-net:br-ex

darragh-oreilly gravatar imagedarragh-oreilly ( 2015-02-04 14:36:19 -0600 )edit

i'll get 4095 out and see. also .. plugin.ini:network_vlan_ranges =physnet-external plugins/openvswitch/ovs_neutron_plugin.ini:bridge_mappings=physnet-external:br-ex plugins/ml2/ml2_conf.ini:network_vlan_ranges =physnet-external which i think is right? i'll test some changes

august gravatar imageaugust ( 2015-02-04 18:23:23 -0600 )edit

1 answer

Sort by ยป oldest newest most voted
0

answered 2015-02-08 17:38:20 -0600

august gravatar image

i was providing the wrong mapped bridge. i have:

plugins/openvswitch/ovs_neutron_plugin.ini:bridge_mappings=physnet-external:br-ex

and was creating my external as

--provider:physical_network external

which should have been:

--provider:physical_network physnet-external

so darragh-oreilly you were right. this helped me understand as well: http://blog.oddbit.com/2014/05/28/mul...

interesting, i don't have a vlan 4095 tag. googling this has been fascinating mickt! this is something that i can now avoid getting caught out on in the future.

thanks both of you for the help!!!!!!

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

Stats

Asked: 2015-02-03 21:27:31 -0600

Seen: 3,600 times

Last updated: Feb 08 '15