Number of GRE tunnels in DVR

asked 2015-05-28

Nodir gravatar image

updated 2015-05-30 22:37:26 -0500


I have two node setup with DVR enabled with Juno and Neutron+OVS. One of them is a controller and the other is compute node. When I create one VM, I see there are two GRE tunnels created on the compute node1. I can also see that outgoing traffic from VMs (with vlan_vid=1) is being sent to both GRE tunnels set_tunnel:0x1,output:3,output:2. Is it expected?

Here is the output from my compute node

$ sudo ovs-ofctl dump-flows br-tun
NXST_FLOW reply (xid=0x4):
 cookie=0x0, duration=6424.156s, table=3, n_packets=7, n_bytes=1698, idle_age=6231, priority=1,tun_id=0x1 actions=mod_vlan_vid:1,resubmit(,10)
 cookie=0x0, duration=6424.251s, table=22, n_packets=60, n_bytes=4236, idle_age=6179, dl_vlan=1 actions=strip_vlan,set_tunnel:0x1,output:3,output:2

$ sudo ovs-ofctl show br-tun
OFPT_FEATURES_REPLY (xid=0x2): dpid:00008ec83b81c549
n_tables:254, n_buffers:256
 1(patch-int): addr:b2:37:03:bd:0a:13
     config:     0
     state:      0
     speed: 0 Mbps now, 0 Mbps max
 2(gre-0a0a0301): addr:5a:80:9e:17:d2:91
     config:     0
     state:      0
     speed: 0 Mbps now, 0 Mbps max
 3(gre-0a0a0302): addr:b6:e0:c1:cc:1e:23
     config:     0
     state:      0
     speed: 0 Mbps now, 0 Mbps max
 LOCAL(br-tun): addr:8e:c8:3b:81:c5:49
     config:     0
     state:      0
     speed: 0 Mbps now, 0 Mbps max
OFPT_GET_CONFIG_REPLY (xid=0x4): frags=normal miss_send_len=0

When I read OpenStack community recommended tutorials (by (Kimizhang) and (RDO)), it seems to be wrong, i.e., there should be only one GRE tunnel per VLAN. Also, is there a way to find the other end of the GRE tunnels? I can't tell where does these tunnels gre-0a0a0301 and gre-0a0a0302 connect to.



Later addition: I've figured out a way to debug GRE tunnels. Use following command to get IP address endpoints of the tunnels. Run it in each host machine.

user@host:~$ sudo ovs-vsctl show
Bridge br-tun
   Port "gre-0a0a0301"
       Interface "gre-0a0a0301"
           type: gre
           options: {df_default="true", in_key=flow, local_ip="", out_key=flow, remote_ip=""}
   Port br-tun
       Interface br-tun
           type: internal
   Port "gre-0a0a0302"
       Interface "gre-0a0a0302"
           type: gre
           options: {df_default="true", in_key=flow, local_ip="", out_key=flow, remote_ip=""}
   Port patch-int
       Interface patch-int
           type: patch
           options: {peer=patch-tun}
3 answers

answered 2015-05-29

dbaxps gravatar image

updated 2015-05-29 04:00:57 -0500

It's not expected just one GRE tunnel should be enough. See details ( similar configuration to yours ) here
Creating VM shouldn't create GRE tunnel, GRE tunnels are setup during original system deployment.
GRE tunnels are created per each Compute Node connected to Controller&&Network Node ( your config ).

answered 2015-05-31

updated 2015-05-31 02:14:07 -0500


please do check that have you given management IP and Tunnel IP as in a single network. ovs-vsctl show command can put some better light on the OVS_Bridge.

And tunneling is done only during initial configuration. dont bother about tunneling during instance creation as it is an internal process.

check this link, hope this may help you

answered 2015-05-30

paullaurence gravatar image

I'm just wondering if this is the effect of using only one compute node? the guide for DVR suggests a minimum of two compute nodes.

No, it is not because of number of compute nodes. It is because of neutron service running on another machine. I moved neutron service from controller to another machine, such that there is 1 compute node, 1 controller node (without neutron) and 1 machine with only neutron service.

Nodir ( 2015-05-30 ):

Asked: 2015-05-28 22:53:02 -0500

Seen: 598 times

