Ask Your Question
0

br-ex setup issues with vlan tagged nic's

asked 2015-03-20 14:05:19 -0600

saleen1989 gravatar image

updated 2015-03-23 08:58:05 -0600

Have a Dell 2600 server with two network interfaces connected to my office network. Both interfaces require vlan tags for security reasons. 

eth0 -
    eth0.10 - vlan 10 10.120.10.0/24 10.120.10.130 GW 10.120.10.1
eth1 
   eth1.54 - vlan 54 10.120.54.0/24 GW 10.120.54.1

Rewording this question. I want to install a development all-in-one setup on this box. Both interfaces are available and can be hooked to the network if required. What is the recommended installation? And what steps would the vlan requirements change? I have tried several different sets of instructions that work correctly on my dual nic (non-vlan) box, but don't work with the vlan tags.

Centos 7 - tried with consistent interface naming on & off

stack.sh - git clone https://git.openstack.org/openstack-dev/devstack

packstack - 2.0.18
packstack --allinone 
https://www.rdoproject.org/Quickstart
packstack --allinone --provision-all-in-one-ovs-bridge=n
https://www.rdoproject.org/Neutron_with_existing_external_network

Randy

edit retag flag offensive close merge delete

Comments

If your Ethernet names have old style your OS is not CentOS 7. Could you, please, provide info:

What OS you have installed on the box ?
What is the Openstack version and type  of AIO installs which failed on VLAN tagged NICs and
succeded on usual ones ?
dbaxps gravatar imagedbaxps ( 2015-03-21 11:28:04 -0600 )edit
add a comment

1 answer

Sort by ยป oldest newest most voted
1

answered 2015-11-22 13:58:35 -0600

dbaxps gravatar image

updated 2016-05-06 03:20:37 -0600

UPDATE 12/14/2015
Final tested draft is here :-
AIO RDO Liberty && Two external networks VLAN provider setup
No switching to "enable_isolated_metadata=True"
END UPDATE
UPDATE 12/12/2015

Be aware of switching to enable_isolated_metadata = True

as well as 

neutron subnet-update --host-route destination=169.254.169.254/32,nexthop=10.120.10.151 vlan10
neutron subnet-update --host-route destination=169.254.169.254/32,nexthop=10.120.54.151 vlan54

are important for vlan external network provider
END UPDATE

Take a look at this post https://visibilityspots.org/vlan-flat...
Follow him with vlan external network provider , creating via external networks provider vlan10 ( segmentation_id=10), vlan54 ( segmentation_id=54) with corresponding subnets

# neutron net-create vlan10 --shared --provider:network_type vlan --provider:segmentation_id 10 --provider:physical_network vlan10 --router:external
# neutron subnet-create --name vlan10 --gateway 10.120.10.1 --allocation-pool start=10.120.10.150,end=10.120.10.200 vlan10 10.120.10.1/24

# neutron net-create vlan54 --shared --provider:network_type vlan --provider:segmentation_id 54 --provider:physical_network vlan54 --router:external
#neutron subnet-create --name vlan54 --gateway 10.120.54.1 --allocation-pool start=10.120.54.150,end=10.120.54.200 vlan54 10.120.10.1/24
*************************
openvswitch_agent.ini 
*************************
bridge_mappings vlan10:br-eth0,vlan54:br-eth1
********************
 ml2_conf.ini
********************
network_vlan_ranges = vlan10:10:10, vlan54:54:54

Persistent ifcfg-* supporting this external networks with tags 10, 54
To keep your networking up and running after a reboot you should configure you bridges natively on the all-in-one instance:

X=0,1
/etc/sysconfig/network-scripts/ifcfg-eth(X)

    DEVICE="eth(X)"
    ONBOOT=yes
    OVS_BRIDGE=br-eth(X)
    TYPE=OVSPort
    DEVICETYPE="ovs"

    /etc/sysconfig/network-scripts/ifcfg-br-eth(X)

    DEVICE=br-eth(X)
    BOOTPROTO=none
    ONBOOT=yes
    TYPE=OVSBridge
    DEVICETYPE="ovs"

Then create

/etc/sysconfig/network-scripts/ifcfg-br-eth0.10
/etc/sysconfig/network-scripts/ifcfg-br-eth1.54

Having 

******************
ifcfg-br-eth0.10
******************
BOOTPROTO="none"
DEVICE="br-eth0.10"
ONBOOT="yes"
IPADDR="10.120.10.10"
PREFIX="24"
GATEWAY="10.120.10.1"
VLAN=yes
NOZEROCONF=yes
USERCTL=no
******************
ifcfg-br-eth1.54
******************
BOOTPROTO="none"
DEVICE="br-eth1.54"
ONBOOT="yes"
IPADDR="10.120.54.54"
PREFIX="24"
GATEWAY="10.120.54.1"
VLAN=yes
NOZEROCONF=yes
USERCTL=no

Supporting 2 vlan external networks with one l3-agent is not a problem
http://funcptr.net/2014/09/29/neutron...

edit flag offensive delete link more
add a comment

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

subscribe to rss feed

Stats

Asked: 2015-03-20 14:03:58 -0600

Seen: 2,396 times

Last updated: May 06 '16

Related questions

br-ex configuration & external network

Suppose I have my floating IP tagged(VLAN tagging). If someone from external network wants to access my instances then can they ssh it as they wont have the knowledge of vlan ids of my instances?

Does neutron (br-int) accepts nova instances sending vlan tagged traffic ?

Trouble shooting for two VM ping issue.

neutron ml2, openvswitch and VLAN configuration [closed]

Host to VM ping with openstack juno with SR-IOV port having VLAN networking

RDO vlan(ed) network over internal network adapter doesn't work

VLAN configuration in Neutron

floating ip allocation and multiple external networks [closed]

Devstack single node provider network possible?