Ask Your Question
0

br-ex setup issues with vlan tagged nic's

asked 2015-03-20 14:05:19 -0500

saleen1989 gravatar image

updated 2015-03-23 08:58:05 -0500

Have a Dell 2600 server with two network interfaces connected to my office network. Both interfaces require vlan tags for security reasons. 

eth0 -
    eth0.10 - vlan 10 10.120.10.0/24 10.120.10.130 GW 10.120.10.1
eth1 
   eth1.54 - vlan 54 10.120.54.0/24 GW 10.120.54.1

Rewording this question. I want to install a development all-in-one setup on this box. Both interfaces are available and can be hooked to the network if required. What is the recommended installation? And what steps would the vlan requirements change? I have tried several different sets of instructions that work correctly on my dual nic (non-vlan) box, but don't work with the vlan tags.

Centos 7 - tried with consistent interface naming on & off

stack.sh - git clone https://git.openstack.org/openstack-dev/devstack

packstack - 2.0.18
packstack --allinone 
https://www.rdoproject.org/Quickstart
packstack --allinone --provision-all-in-one-ovs-bridge=n
https://www.rdoproject.org/Neutron_with_existing_external_network

Randy

edit retag flag offensive close merge delete

Comments

If your Ethernet names have old style your OS is not CentOS 7. Could you, please, provide info:

What OS you have installed on the box ?
What is the Openstack version and type  of AIO installs which failed on VLAN tagged NICs and
succeded on usual ones ?
dbaxps gravatar imagedbaxps ( 2015-03-21 11:28:04 -0500 )edit
add a comment

1 answer

Sort by ยป oldest newest most voted
1

answered 2015-11-22 13:58:35 -0500

dbaxps gravatar image

updated 2016-05-06 03:20:37 -0500

UPDATE 12/14/2015
Final tested draft is here :-
AIO RDO Liberty && Two external networks VLAN provider setup
No switching to "enable_isolated_metadata=True"
END UPDATE
UPDATE 12/12/2015

Be aware of switching to enable_isolated_metadata = True

as well as 

neutron subnet-update --host-route destination=169.254.169.254/32,nexthop=10.120.10.151 vlan10
neutron subnet-update --host-route destination=169.254.169.254/32,nexthop=10.120.54.151 vlan54

are important for vlan external network provider
END UPDATE

Take a look at this post https://visibilityspots.org/vlan-flat...
Follow him with vlan external network provider , creating via external networks provider vlan10 ( segmentation_id=10), vlan54 ( segmentation_id=54) with corresponding subnets

# neutron net-create vlan10 --shared --provider:network_type vlan --provider:segmentation_id 10 --provider:physical_network vlan10 --router:external
# neutron subnet-create --name vlan10 --gateway 10.120.10.1 --allocation-pool start=10.120.10.150,end=10.120.10.200 vlan10 10.120.10.1/24

# neutron net-create vlan54 --shared --provider:network_type vlan --provider:segmentation_id 54 --provider:physical_network vlan54 --router:external
#neutron subnet-create --name vlan54 --gateway 10.120.54.1 --allocation-pool start=10.120.54.150,end=10.120.54.200 vlan54 10.120.10.1/24
*************************
openvswitch_agent.ini 
*************************
bridge_mappings vlan10:br-eth0,vlan54:br-eth1
********************
 ml2_conf.ini
********************
network_vlan_ranges = vlan10:10:10, vlan54:54:54

Persistent ifcfg-* supporting this external networks with tags 10, 54
To keep your networking up and running after a reboot you should configure you bridges natively on the all-in-one instance:

X=0,1
/etc/sysconfig/network-scripts/ifcfg-eth(X)

    DEVICE="eth(X)"
    ONBOOT=yes
    OVS_BRIDGE=br-eth(X)
    TYPE=OVSPort
    DEVICETYPE="ovs"

    /etc/sysconfig/network-scripts/ifcfg-br-eth(X)

    DEVICE=br-eth(X)
    BOOTPROTO=none
    ONBOOT=yes
    TYPE=OVSBridge
    DEVICETYPE="ovs"

Then create

/etc/sysconfig/network-scripts/ifcfg-br-eth0.10
/etc/sysconfig/network-scripts/ifcfg-br-eth1.54

Having 

******************
ifcfg-br-eth0.10
******************
BOOTPROTO="none"
DEVICE="br-eth0.10"
ONBOOT="yes"
IPADDR="10.120.10.10"
PREFIX="24"
GATEWAY="10.120.10.1"
VLAN=yes
NOZEROCONF=yes
USERCTL=no
******************
ifcfg-br-eth1.54
******************
BOOTPROTO="none"
DEVICE="br-eth1.54"
ONBOOT="yes"
IPADDR="10.120.54.54"
PREFIX="24"
GATEWAY="10.120.54.1"
VLAN=yes
NOZEROCONF=yes
USERCTL=no

Supporting 2 vlan external networks with one l3-agent is not a problem
http://funcptr.net/2014/09/29/neutron...

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

subscribe to rss feed

Stats

Asked: 2015-03-20 14:03:58 -0500

Seen: 2,187 times

Last updated: May 06 '16

Related questions

Can Neutron tag OpenVSwitch ports on dom0 in XenServer?

Is it possible to move a port from one bridge to another? [closed]

does ironic support multi-vlans with pxe and tenant physical vlans

Instance HTTP issues

No br-int for compute node

should bridges(br-int,tun,ex) UP ?

Network Segmentation-ID doesn't match with Port Tags [closed]

Why do not need set promiscuous mode of data nic in OpenStack vlan?

Can same physnet be used for flat and vlan networking at the same time for 2 different VMs?

What is the difference between tenant_network_types and tunnel_type?