Ask Your Question
0

br-ex setup issues with vlan tagged nic's

asked 2015-03-20 14:05:19 -0500

saleen1989 gravatar image

updated 2015-03-23 08:58:05 -0500

Have a Dell 2600 server with two network interfaces connected to my office network. Both interfaces require vlan tags for security reasons. 

eth0 -
    eth0.10 - vlan 10 10.120.10.0/24 10.120.10.130 GW 10.120.10.1
eth1 
   eth1.54 - vlan 54 10.120.54.0/24 GW 10.120.54.1

Rewording this question. I want to install a development all-in-one setup on this box. Both interfaces are available and can be hooked to the network if required. What is the recommended installation? And what steps would the vlan requirements change? I have tried several different sets of instructions that work correctly on my dual nic (non-vlan) box, but don't work with the vlan tags.

Centos 7 - tried with consistent interface naming on & off

stack.sh - git clone https://git.openstack.org/openstack-dev/devstack

packstack - 2.0.18
packstack --allinone 
https://www.rdoproject.org/Quickstart
packstack --allinone --provision-all-in-one-ovs-bridge=n
https://www.rdoproject.org/Neutron_with_existing_external_network

Randy

edit retag flag offensive close merge delete

Comments

If your Ethernet names have old style your OS is not CentOS 7. Could you, please, provide info:

What OS you have installed on the box ?
What is the Openstack version and type  of AIO installs which failed on VLAN tagged NICs and
succeded on usual ones ?
dbaxps gravatar imagedbaxps ( 2015-03-21 11:28:04 -0500 )edit
add a comment

1 answer

Sort by ยป oldest newest most voted
1

answered 2015-11-22 13:58:35 -0500

dbaxps gravatar image

updated 2016-05-06 03:20:37 -0500

UPDATE 12/14/2015
Final tested draft is here :-
AIO RDO Liberty && Two external networks VLAN provider setup
No switching to "enable_isolated_metadata=True"
END UPDATE
UPDATE 12/12/2015

Be aware of switching to enable_isolated_metadata = True

as well as 

neutron subnet-update --host-route destination=169.254.169.254/32,nexthop=10.120.10.151 vlan10
neutron subnet-update --host-route destination=169.254.169.254/32,nexthop=10.120.54.151 vlan54

are important for vlan external network provider
END UPDATE

Take a look at this post https://visibilityspots.org/vlan-flat...
Follow him with vlan external network provider , creating via external networks provider vlan10 ( segmentation_id=10), vlan54 ( segmentation_id=54) with corresponding subnets

# neutron net-create vlan10 --shared --provider:network_type vlan --provider:segmentation_id 10 --provider:physical_network vlan10 --router:external
# neutron subnet-create --name vlan10 --gateway 10.120.10.1 --allocation-pool start=10.120.10.150,end=10.120.10.200 vlan10 10.120.10.1/24

# neutron net-create vlan54 --shared --provider:network_type vlan --provider:segmentation_id 54 --provider:physical_network vlan54 --router:external
#neutron subnet-create --name vlan54 --gateway 10.120.54.1 --allocation-pool start=10.120.54.150,end=10.120.54.200 vlan54 10.120.10.1/24
*************************
openvswitch_agent.ini 
*************************
bridge_mappings vlan10:br-eth0,vlan54:br-eth1
********************
 ml2_conf.ini
********************
network_vlan_ranges = vlan10:10:10, vlan54:54:54

Persistent ifcfg-* supporting this external networks with tags 10, 54
To keep your networking up and running after a reboot you should configure you bridges natively on the all-in-one instance:

X=0,1
/etc/sysconfig/network-scripts/ifcfg-eth(X)

    DEVICE="eth(X)"
    ONBOOT=yes
    OVS_BRIDGE=br-eth(X)
    TYPE=OVSPort
    DEVICETYPE="ovs"

    /etc/sysconfig/network-scripts/ifcfg-br-eth(X)

    DEVICE=br-eth(X)
    BOOTPROTO=none
    ONBOOT=yes
    TYPE=OVSBridge
    DEVICETYPE="ovs"

Then create

/etc/sysconfig/network-scripts/ifcfg-br-eth0.10
/etc/sysconfig/network-scripts/ifcfg-br-eth1.54

Having 

******************
ifcfg-br-eth0.10
******************
BOOTPROTO="none"
DEVICE="br-eth0.10"
ONBOOT="yes"
IPADDR="10.120.10.10"
PREFIX="24"
GATEWAY="10.120.10.1"
VLAN=yes
NOZEROCONF=yes
USERCTL=no
******************
ifcfg-br-eth1.54
******************
BOOTPROTO="none"
DEVICE="br-eth1.54"
ONBOOT="yes"
IPADDR="10.120.54.54"
PREFIX="24"
GATEWAY="10.120.54.1"
VLAN=yes
NOZEROCONF=yes
USERCTL=no

Supporting 2 vlan external networks with one l3-agent is not a problem
http://funcptr.net/2014/09/29/neutron...

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

subscribe to rss feed

Stats

Asked: 2015-03-20 14:03:58 -0500

Seen: 2,322 times

Last updated: May 06 '16

Related questions

what is provider:physical_network?

Multiple Provider VLAN network with one physical interface

OpenStack Fuel 6.0 Community - problem with HA deployment (probably floating IP issue)

Do we effectively still have 4K VLAN limit with VXLAN?

convert netron external network from flat to vlan

Cannot reach floating IP from outside network

devstack: [Neutron] instances unreachables

why port tun automatically create after restarted

Can Neutron forward vlan tagged packets from an instance?

vlan translation in Quantum