Ask Your Question
1

vlan tagged external network in openstack

asked 2015-05-08 09:00:11 -0500

surya.n gravatar image

updated 2015-05-09 16:56:05 -0500

Antonio G. gravatar image

I created a vlan tagged external network in my mutli node devstack setup. DVR is enabled in the setup

surya@ControllerNode:~/devstack$ neutron net-show external
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| id                        | 3ab2109a-5654-4672-a19c-4fef996ee229 |
| name                      | external                             |
| provider:network_type     | vlan                                 |
| provider:physical_network | phy-ex                               |
| provider:segmentation_id  | 604                                  |
| router:external           | True                                 |
| shared                    | True                                 |
| status                    | ACTIVE                               |
| subnets                   | 9a65104b-8496-4b2d-9a92-7fdc2fa3cd97 |
| tenant_id                 | 33cc5eb298cd4c30953ba76b8eb3e961     |
+---------------------------+--------------------------------------+

But when I associate a floating IP to a vm running on compute node , I can see that there are no flows created on the br-ex bridge to translate the internal vlan to external vlan. When I create a vlan provider I can see the vlan translation flows on br-data to which my physnet is associated to. Why I was not able to see the vlan translation in case of external networks. Right now the external network created is behaving as a flat network. How can I achieve vlan tagging with the vlan tagged external network

Openstack version :Juno

edit retag flag offensive close merge delete

Comments

Could you please explain your issue a little further and include your configurations. Best regards

Tobias Urdin gravatar imageTobias Urdin ( 2015-05-10 15:07:15 -0500 )edit
add a comment

2 answers

Sort by » oldest newest most voted
0

answered 2015-11-25 04:08:38 -0500

dbaxps gravatar image

You wrote "Maybe adding tagged interface from system (for example: eth0.100) to br-ext is another solution".
Yes it is ,see https://visibilityspots.org/vlan-flat...

edit flag offensive delete link more
add a comment
0

answered 2015-07-24 01:04:08 -0500

piekarski-grzegorz gravatar image

I have same issue. At openvswitch to br-ext (in my case br-vlan) is added interface from router namespace which is not tagged. If I do:

ovs-vsctl set port ROUTER_PORT tag=TAG

And this SOLVED my problem. Maybe adding tagged interface from system (for example: eth0.100) to br-ext is another solution, but maybe openstack can support this natively? Or there is a mistake in my configuration?

neutron/plugin.ini (network node):

[ml2]
type_drivers = flat,gre,vlan
tenant_network_types = vlan,gre
mechanism_drivers = openvswitch
[ml2_type_flat]
[ml2_type_vlan]
network_vlan_ranges = external:200:200,external:126:126
[ml2_type_gre]
tunnel_id_ranges = 1:1000
[ml2_type_vxlan]
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 10.62.0.3
enable_tunneling = True
integration_bridge = br-int
tenant_network_type = vlan,gre
bridge_mappings = external:br-vlan
[agent]
tunnel_types = gre

ovs-vsctl show (network node, I manually added tag 126 to qg-17446b79-d4):

Bridge br-vlan
    Port br-vlan
        Interface br-vlan
            type: internal
    Port "eth2"
        Interface "eth2"
    Port phy-br-vlan
        Interface phy-br-vlan
            type: patch
            options: {peer=int-br-vlan}
    Port "qg-17446b79-d4"
        tag: 126
        Interface "qg-17446b79-d4"
            type: internal
Bridge br-int
    fail_mode: secure
    Port "tapf03e66d2-e7"
        tag: 1
        Interface "tapf03e66d2-e7"
            type: internal
    Port int-br-vlan
        Interface int-br-vlan
            type: patch
            options: {peer=phy-br-vlan}
    Port "tapc6c3761e-9d"
        tag: 2
        Interface "tapc6c3761e-9d"
            type: internal
    Port "qr-4ffaf886-99"
        tag: 1
        Interface "qr-4ffaf886-99"
            type: internal
    Port patch-tun
        Interface patch-tun
            type: patch
            options: {peer=patch-int}
    Port br-int
        Interface br-int
            type: internal
Bridge br-tun
    fail_mode: secure
    Port "gre-0a3e0001"
        Interface "gre-0a3e0001"
            type: gre
            options: {df_default="true", in_key=flow, local_ip="10.62.0.3", out_key=flow, remote_ip="10.62.0.1"}
    Port "gre-0a3e0002"
        Interface "gre-0a3e0002"
            type: gre
            options: {df_default="true", in_key=flow, local_ip="10.62.0.3", out_key=flow, remote_ip="10.62.0.2"}
    Port patch-int
        Interface patch-int
            type: patch
            options: {peer=patch-tun}
    Port br-tun
        Interface br-tun
            type: internal
ovs_version: "2.3.1"

net-list :

+--------------------------------------+-------------+------------------------------------------------------+
| id                                   | name        | subnets                                              |
+--------------------------------------+-------------+------------------------------------------------------+
| 4aa404d5-8767-4c95-98ec-f3e8fb965795 | internal    | 27342d1c-79c6-4552-9cff-f173f14d27b1 192.168.1.0/24  |
| 6274e5b8-2137-4c41-a643-d065d3bc6182 | net-vlan200 | e5a6728d-3620-4c3a-9754-650b5eba0480 10.103.200.0/24 |
| fa6681c4-7d74-4045-8a80-6eebbc4a3143 | net-vlan126 | 0ac9f075-0ab8-4838-9841-6b5e3825a9de 10.103.126.0/24 |
+--------------------------------------+-------------+------------------------------------------------------+

net-show (affected network):

+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| id                        | fa6681c4-7d74-4045-8a80-6eebbc4a3143 |
| mtu                       | 0                                    |
| name                      | net-vlan126                          |
| provider:network_type     | vlan                                 |
| provider:physical_network | external                             |
| provider:segmentation_id  | 126                                  |
| router:external           | True                                 |
| shared                    | True                                 |
| status                    | ACTIVE                               |
| subnets                   | 0ac9f075-0ab8-4838-9841-6b5e3825a9de |
| tenant_id                 | 05150a39bb4f47f2b347e26782cda0e0     |
+---------------------------+--------------------------------------+
edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2015-05-08 09:00:11 -0500

Seen: 5,880 times

Last updated: Nov 25 '15

Related questions

load balancer using iptable rules

Cant ping tennant network from network node

no service running at port 9697

Unable to establish connection to http://controller:9696/v2.0/extensions.json

neutron network with trunk port and VLANs?

Can I install OpenStack Networking (neutron)—Network layout with two NICs (network interface cards)?

Neutron node flooding the network

OpenStack on OpenStack deployment

Failed to create a vm with external network.

unable to create gateway for tenant router