Openvswitch VLAN tagged external uplink
Hello,
We have a OpenStack environment with 4 compute nodes and 2 network nodes. All of them is running CentOS with OpenStack Juno.
We use GRE for tunnels with tenant networks (tenant_network_types=gre). What we want to do is have VLAN tagged uplinks for our external network (that goes up to our external production routers).
This is what I currently have, but I have some questions because it's not working correctly. The VLAN we want to use for external uplink is 2652. Bond1 is the CentOS bond of physical 10gbit interface p2p1 and p2p2.
/etc/neutron/plugin.ini
[ml2]
type_drivers = vlan,gre,flat
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_vlan]
network_vlan_ranges = external:2652:2654
[ovs]
local_ip = 192.168.108.52
enable_tunneling = True
network_vlan_ranges = external:2652:2654
bridge_mappings = external:br-ex
l3_agent.ini
[DEFAULT]
debug = False
verbose = True
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
external_network_bridge = br-ex
router_delete_namespaces = True
agent_mode = legacy
br-ex
Bridge br-ex
Port patch-to-br-uplink
Interface patch-to-br-uplink
type: patch
options: {peer=patch-to-br-ex}
Port phy-br-ex
Interface phy-br-ex
type: patch
options: {peer=int-br-ex}
Port "qg-e104cb7c-e2"
Interface "qg-e104cb7c-e2"
type: internal
Port br-ex
Interface br-ex
type: internal
br-uplink
Bridge br-uplink
Port patch-to-br-ex
Interface patch-to-br-ex
type: patch
options: {peer=patch-to-br-uplink}
Port "bond1"
trunks: [2652]
Interface "bond1"
Port br-uplink
Interface br-uplink
type: internal
Created with commands like this:
ovs-vsctl add-br br-ex
ovs-vsctl add-br br-uplink
ovs-vsctl add-port br-uplink bond1
ovs-vsctl set port bond1 vlan_mode=trunk trunk=2652
ovs-vsctl add-port br-ex patch-to-br-uplink
ovs-vsctl add-port br-uplink patch-to-br-ex
ovs-vsctrl set interface patch-to-br-uplink type=patch options:peer=patch-to-br-ex
ovs-vsctl set interface patch-to-br-ex type=patch options:peer=patch-to-br-uplink
Do I need to set the VLAN on the patch ports or will they be trunks automatically?
To create the network in OpenStack I did the following, edit ml2 config on controller node and run command
[ml2]
type_drivers = flat,vlan,gre
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_vlan]
network_vlan_ranges = external:2652:2654
Creating the network
neutron net-create public --router:external True --provider:physical_network external --provider:network_type vlan --provider:segmentation_id 2652 --shared
net-show
[root@controller ~]# neutron net-show public
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | 9fc39c41-57eb-48d6-9240-340f7771d746 |
| name | public |
| provider:network_type | vlan |
| provider:physical_network | external |
| provider:segmentation_id | 2652 |
| router:external | True |
| shared | True |
| status | ACTIVE |
| subnets | fe11ce91-4360-4be9-9648-ba8750481c83 |
| tenant_id | e7b79b45a67e4dc1908a459e98da6afb |
+---------------------------+--------------------------------------+
What am I missing? Do I need to make the patch ports between br-uplink and br-ex to trunks with VLAN 2652? Why is the gateway for my router in br-ex not tagged with VLAN 2652, should it not be? (see below)
Bridge br-ex
Port "qg-e104cb7c-e2"
Interface "qg-e104cb7c-e2"
type: internal
Thanks for any help. Best regards
