Ask Your Question
0

openvswitch and br-ex

asked 2015-04-02 08:10:19 -0500

danno gravatar image

updated 2015-04-02 08:27:43 -0500

dbaxps gravatar image

Hi,

I’m using openvswitch and create the br-ex bridge for external access.

I added physical port eth1 to br-ex:

localadmin@qa4:~/devstack$ sudo ovs-vsctl show
4b5380e3-d619-470b-be99-deda868283c9
    Bridge br-ex
        Port br-ex
            Interface br-ex
                type: internal
        Port "eth1"
            Interface "eth1"
        Port "qg-c4bb44ec-94"
            Interface "qg-c4bb44ec-94"
                type: internal

Config in /etc/network/interfaces as follows:

auto eth1
iface eth1 inet manual
        up ifconfig $IFACE 0.0.0.0 up
        up ip link set $IFACE promisc on
        down ip link set $IFACE promisc off
        down ifconfig $IFACE down 

auto br-ex
iface br-ex inet static
address 172.29.173.4
netmask
255.255.255.192
gateway 172.29.173.1
dns-nameservers 172.29.74.154

Network node host IP is 172.29.172.161/25 at eth0 and routing table as follows:

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         172.29.172.129  0.0.0.0         UG        0 0          0 eth0
10.0.0.0        172.29.173.5    255.255.255.0   UG        0 0          0 br-ex
172.29.172.128  0.0.0.0         255.255.255.128 U         0 0          0 eth0
172.29.173.0    0.0.0.0         255.255.255.224 U         0 0          0 br-ex
172.29.173.0    0.0.0.0         255.255.255.192 U         0 0          0 br-ex
192.168.122.0   0.0.0.0         255.255.255.0   U         0 0          0 virbr0

There is one VM with tenant address 10.0.0.2 and floating IP 172.29.173.15:

localadmin@qa4:~/devstack$ nova list
+--------------------------------------+------+--------+------------+-------------+---------------------------------+
| ID                                   | Name | Status | Task State | Power State | Networks                        |
+--------------------------------------+------+--------+------------+-------------+---------------------------------+
| e721103e-763a-4a6c-8b3d-294c1cb55726 | vm1  | ACTIVE | -          | Running     | private=10.0.0.2, 172.29.173.15 |
+--------------------------------------+------+--------+------------+-------------+————————————————+

From the Network host, I can ping the VM tenant address, router and DHCP interfaces:

localadmin@qa4:~/devstack$ ping 10.0.0.2 -c 3
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
64 bytes from 10.0.0.2: icmp_seq=1 ttl=63 time=3.79 ms
64 bytes from 10.0.0.2: icmp_seq=2 ttl=63 time=0.704 ms
64 bytes from 10.0.0.2: icmp_seq=3 ttl=63 time=0.565 ms

--- 10.0.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 0.565/1.688/3.796/1.491 ms
localadmin@qa4:~/devstack$ ping 10.0.0.1 -c 3
PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.
64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=0.140 ms
64 bytes from 10.0.0.1: icmp_seq=2 ttl=64 time=0.064 ms
64 bytes from 10.0.0.1: icmp_seq=3 ttl=64 time=0.068 ms

--- 10.0.0.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.064/0.090/0.140/0.036 ms
localadmin@qa4 ...
(more)
edit retag flag offensive close merge delete

1 answer

Sort by » oldest newest most voted
0

answered 2015-04-02 13:53:23 -0500

Ranjit gravatar image
1. Can I ping the VM tenant from the Network host? Or do I need to be in the linux namespace?
    NO. you should use linux namespace. But you are using work around by putting the below routing rule which is causing you to access the VM tenant network without namespace.
10.0.0.0        172.29.173.5    255.255.255.0   UG        0 0          0 br-ex

2.  Do I need to add a physical port to br-ex?
YES.  you should add the port to br-ex. but as reported by you,  floating ip is not accessbile. 
Again looks like some routing problem. Why you have two entry like below.

172.29.173.0    0.0.0.0         255.255.255.224 U         0 0          0 br-ex
172.29.173.0    0.0.0.0         255.255.255.192 U         0 0          0 br-ex
edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-04-02 08:10:19 -0500

Seen: 1,253 times

Last updated: Apr 02 '15