Ask Your Question
0

VM traffic not properly handled on Network node

asked 2015-06-14 07:35:00 -0500

Dominik Rappaport gravatar image

updated 2015-06-14 08:43:56 -0500

Hi Everyone, I’ve run into a common situation that my VM instances don’t get an IP address assigned. I use

Ubuntu 14.04.1 OpenStack Juno OpenVSwitch GRE tunneling

I’ve followed the getting started instructions at http://docs.openstack.org/juno/install-guide/install/apt/content/neutron-network-node.html (http://docs.openstack.org/juno/instal...).

I can set that:

  1. Traffic (DHCP request) is encapsulated into GRE on the compute node (verified by TCPdump)
  2. GRE traffic is received on the network node (verified by TCPdump)
  3. DHCP traffic isn’t visible in br-tun or br-int (verified by creating two snooper interfaces as described at http://docs.openstack.org/openstack-ops/content/network_troubleshooting.html (http://docs.openstack.org/openstack-o...) and attaching them to br-tun and br-int respectively)

The configuration looks right:

Proper configuration in /etc/sysctl.conf

net.ipv4.ip_forward=1
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0

vSwitch configuration:

root@network:~# ovs-vsctl show
db4118a3-d0e8-47ee-8d95-ef174c6b95d5
    Bridge br-ex
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
        Port "eth2"
            Interface "eth2"
        Port "qg-c38a9aa2-73"
            Interface "qg-c38a9aa2-73"
                type: internal
    Bridge br-tun
        fail_mode: secure
        Port "snooper1"
            Interface "snooper1"
        Port "gre-0a0000c1"
            Interface "gre-0a0000c1"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.0.192", out_key=flow, remote_ip="10.0.0.193"}
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge br-int
        fail_mode: secure
        Port br-int
            Interface br-int
                type: internal
        Port "snooper0"
            Interface "snooper0"
        Port "tap752ac585-ff"
            tag: 4095
            Interface "tap752ac585-ff"
                type: internal
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port "qr-495aff55-b0"
            tag: 4095
            Interface "qr-495aff55-b0"
                type: internal
    ovs_version: "2.0.2"

Segmentation ID is 1:

root@controller:~# neutron net-show --fields provider:segmentation_id demo-net
+--------------------------+-------+
| Field                    | Value |
+--------------------------+-------+
| provider:segmentation_id | 1     |
+--------------------------+-------+

However, I don’t see flows matching ID 0x1:

root@network:~# ovs-ofctl dump-flows br-tun|grep 0x1

root@network:~# ovs-ofctl dump-flows br-tun
NXST_FLOW reply (xid=0x4):
 cookie=0x0, duration=2763.059s, table=0, n_packets=11, n_bytes=834, idle_age=2758, priority=1,in_port=1 actions=resubmit(,2)
 cookie=0x0, duration=2759.565s, table=0, n_packets=26, n_bytes=4060, idle_age=15, priority=1,in_port=2 actions=resubmit(,3)
 cookie=0x0, duration=2762.842s, table=0, n_packets=6, n_bytes=480, idle_age=2755, priority=0 actions=drop
 cookie=0x0, duration=2762.628s, table=2, n_packets=0, n_bytes=0, idle_age=2762, priority=0,dl_dst=00:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,20)
 cookie=0x0, duration=2762.414s, table=2, n_packets=11, n_bytes=834, idle_age=2758, priority=0,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,22)
 cookie=0x0, duration=2762.193s, table=3, n_packets=26, n_bytes=4060, idle_age=15, priority=0 actions=drop
 cookie=0x0, duration=2761.975s, table=4, n_packets=0, n_bytes=0, idle_age=2761, priority=0 actions=drop
 cookie=0x0, duration=2761.756s, table=10, n_packets=0, n_bytes=0, idle_age=2761, priority=1 actions=learn(table=20,hard_timeout=300,priority=1 ...
(more)
edit retag flag offensive close merge delete

1 answer

Sort by » oldest newest most voted
0

answered 2015-06-14 11:14:52 -0500

Ranjit gravatar image

updated 2015-06-14 11:16:26 -0500

Two important port in br-int 1. dhcp porttap752ac585-ff 2. router port qr-495aff55-b0 are having dead vlan tag. I think this is causing the problem.

 Port "tap752ac585-ff"
            tag: 4095
            Interface "tap752ac585-ff"
                type: internal

 Port "qr-495aff55-b0"
            tag: 4095
            Interface "qr-495aff55-b0"
                type: internal

Delete all the neutron network and re-create.

edit flag offensive delete link more

Comments

Hey, that did the trick! Thanks a lot. Just curious what went wrong when I created the networks the first time...

Dominik Rappaport gravatar imageDominik Rappaport ( 2015-06-14 12:03:08 -0500 )edit

those two port are not properly bounded with neutron network , that why neutron is assigning dead van tag to those.

Before running any neutron commands, make sure that all agents are up and running.

Ranjit gravatar imageRanjit ( 2015-06-15 02:08:43 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-06-14 07:35:00 -0500

Seen: 278 times

Last updated: Jun 14 '15