Ask Your Question
0

router gateway port binding_fail and DOWN [closed]

asked 2015-08-24 10:35:21 -0600

twskay gravatar image

updated 2015-08-31 09:46:59 -0600

OS: ubuntu 14.03LTS openstack version: juno network type: vxlan

port-id = 4432fc7e-793e-47c2-8f74-d1bde3549ec3 this port is connecting between public(external network) and private network.

problem one: I found port's status is DOWN and binding:vif_type is binding_fail.

I look for neutron-server.log. but,I don't find any errror message. what is the problem caused ?

problem two:

I can not ping 8.8.8.8

the solution is in update 11 field.

info:

neutron port-show 4432fc7e-793e-47c2-8f74-d1bde3549ec3

| Field                 | Value                                                           |         
+-----------------------+-------------------------------------------------------------------------+
| admin_state_up        | True                                                               
| allowed_address_pairs |                                                                    
| binding:host_id       | openstack1                                                       
| binding:profile       | {}                                                                    
| binding:vif_details   | {}                                                                    
| binding:vif_type      | binding_failed                                
| device_id             | 620bb1bc-c694-41e2-90bf-4be282921dd4         
| device_owner          | network:router_gateway                         
| extra_dhcp_opts       |                                           
| fixed_ips             | {"subnet_id": "83516ff4-890a-4df7-9e32-6c66b971135f", "ip_address": "203.64.91.204"} |
| id                    | 4432fc7e-793e-47c2-8f74-d1bde3549ec3                 
| mac_address           | fa:16:3e:2d:dd:49                                   
| name                  |                                                                 
| network_id            | 66d58f14-ae21-463b-a889-cce33d23a1b0        
| security_groups       |                                                           
| status                | DOWN                                                     
| tenant_id             |                                                    
+-----------------------+---------------------------------------------------------+

Please,help me. I am confused for a long time. Add

UPDATE1 : CLI for creating external network and router gateway.

admin:

 neutron net-create ext-net --router:external True 
 neutron subnet-create ext-net --name ext-subnet --allocation-pool start=xxx.64.91.200,end=xxx.64.91.220 --gateway xxx.64.91.126 xxx.64.91.0/24

demo:

neutron net-create cemoNet
neutron subnet-create cemoNet --name cemoSubnet 10.0.92.0/24
neutron router-create cemoRouter
neutron router-interface-add cemoRouter cemoSubnet
neutron router-gateway-set cemoRouter ext-net

UPDATE 2 : Create OVS bridge br-ex and OVS port on Network Node

ovs-vsctl show

  Bridge br-ex
    Port br-ex
        Interface br-ex
            type: internal
    Port "eth0"
        Interface "eth0"
    Port "tapf7a7ed91-64"
        Interface "tapf7a7ed91-64"
Bridge br-tun
    fail_mode: secure
    Port "vxlan-0a000103"
        Interface "vxlan-0a000103"
            type: vxlan
            options: {df_default="true", in_key=flow, local_ip="10.0.1.2", out_key=flow, remote_ip="10.0.1.3"}
    Port patch-int
        Interface patch-int
            type: patch
            options: {peer=patch-tun}
    Port br-tun
        Interface br-tun
            type: internal
Bridge br-int
    fail_mode: secure
    Port "tapb08604a6-7e"
        tag: 1
        Interface "tapb08604a6-7e"
    Port br-int
        Interface br-int
            type: internal
    Port patch-tun
        Interface patch-tun
            type: patch
            options: {peer=patch-int}
ovs_version: "2.0.2"

UPDATE 3 : Creating security rules.

nova secgroup-list-rules global_http

 +-------------+-----------+---------+-----------+--------------+
 | IP Protocol | From Port | To Port | IP Range  | Source Group |
 +-------------+-----------+---------+-----------+--------------+
 | tcp         | 80        | 80      | 0.0.0.0/0 |              |
 | tcp         | 443       | 443     | 0.0.0.0/0 |              |
 +-------------+-----------+---------+-----------+--------------+

[update 4]

nova secgroup-list-rules default

ps: my instance have dufault and global_http.

+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range  | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp        | -1        | -1      | 0.0.0.0/0 |              |
|             |           |         |           | default      |
|             |           |         |           | default      |
| tcp         | 22        | 22      | 0.0.0.0/0 |              |
+-------------+-----------+---------+-----------+--------------+

ifconfig

br-ex     Link encap:Ethernet  HWaddr 20:cf:30:5a:c6:6c
      inet addr:xxx.64.91.55  Bcast:xxx.64.91.127  Mask:255.255.255.128
      inet6 addr: fe80::9070:9dff:fed7:f842/64 Scope:Link
      UP BROADCAST RUNNING  MTU:1500  Metric:1
      RX packets:8222832 errors:0 dropped:39723 overruns:0 frame:0
      TX packets:906114 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:1000716448 (1.0 GB)  TX bytes:498762330 (498.7 MB)

br-int    Link encap:Ethernet  HWaddr 5e:07:dd:f0:34:41
      inet6 addr: fe80::ec57:aeff:fea5:3070/64 Scope:Link
      UP BROADCAST RUNNING  MTU:1500  Metric:1
      RX packets:2862 errors:0 dropped:0 overruns:0 frame:0
      TX packets:8 errors ...
(more)
edit retag flag offensive reopen merge delete

Closed for the following reason the question is answered, right answer was accepted by twskay
close date 2015-08-31 03:50:37.022623

Comments

Which device has IP xxx.64.91.126 ?

dbaxps gravatar imagedbaxps ( 2015-08-28 01:23:16 -0600 )edit

IP xxx.64.91.126 is ext-net gateway and network node's gateway.

twskay gravatar imagetwskay ( 2015-08-28 03:25:18 -0600 )edit

I don't understand why I can ping router gateway but can't ping 8.8.8.8

twskay gravatar imagetwskay ( 2015-08-28 07:56:47 -0600 )edit

1 answer

Sort by ยป oldest newest most voted
1

answered 2015-08-24 12:07:17 -0600

dbaxps gravatar image

updated 2015-08-29 12:27:27 -0600

UPDATE 2 08/29/2015
See https://ask.openstack.org/en/question...
Replace with your IPs

auto br-ex
 iface br-ex inet static
 address 192.168.1.(XX)
 netmask 255.255.255.0
 gateway 192.168.1.1
 dns-nameservers 8.8.8.8

# The external network interface
auto eth0
iface eth0  inet manual
        up ip link set dev $IFACE up
        down ip link set dev $IFACE down

END UPDATE

UPDATE 1
Set up security rools

$. keystonerc_demo
$ neutron security-group-rule-create --protocol icmp \
  --direction ingress --remote-ip-prefix 0.0.0.0/0 default
$ neutron security-group-rule-create --protocol tcp \
  --port-range-min 22 --port-range-max 22 \
  --direction ingress --remote-ip-prefix 0.0.0.0/0 default

END UPDATE
image description Port Down for owner : network:router_gateway is normal ( it's working port )
Shapshot from working Network Node (Kilo)

    [root@ip-192-169-142-147 ~(keystone_admin)]# neutron router-list
    +--------------------------------------+------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+
    | id                                   | name       | external_gateway_info                                                                                                                                                                    | distributed | ha    |
    +--------------------------------------+------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+
    | 75ba0f05-3e92-4c37-a21a-0ee2f799caff | RouterDemo | {"network_id": "2471ca6a-175e-4b60-b4c8-b83eeb188801", "enable_snat": true, "external_fixed_ips": [{"subnet_id": "ca6b7767-f302-443d-a14d-2753f71d9112", "ip_address": "172.24.4.227"}]} | False       | False |
    +--------------------------------------+------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+
 [root@ip-192-169-142-147 ~(keystone_admin)]# neutron router-port-list RouterDemo
    +--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
    | id                                   | name | mac_address       | fixed_ips                                                                           |
    +--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
    | 0fa52704-1d73-4400-b89a-e1cc9137cdf2 |      | fa:16:3e:53:62:6a | {"subnet_id": "ca6b7767-f302-443d-a14d-2753f71d9112", "ip_address": "172.24.4.227"} |
    | 86a4b5cc-5036-43db-b0c4-ea69db4cee41 |      | fa:16:3e:81:40:a6 | {"subnet_id": "1062b25e-73a5-44b6-a921-3903c98e5d9c", "ip_address": "50.0.0.1"}     |
    +--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
 [root@ip-192-169-142-147 ~(keystone_admin)]# neutron port-show  0fa52704-1d73-4400-b89a-e1cc9137cdf2 
    +-----------------------+-------------------------------------------------------------------------------------+
    | Field                 | Value                                                                               |
    +-----------------------+-------------------------------------------------------------------------------------+
    | admin_state_up        | True                                                                                |
    | allowed_address_pairs |                                                                                     |
    | binding:host_id       | ip-192-169-142-147.ip.secureserver.net                                              |
    | binding:profile       | {}                                                                                  |
    | binding:vif_details   | {"port_filter": true, "ovs_hybrid_plug": true}                                      |
    | binding:vif_type      | ovs                                                                                 |
    | binding:vnic_type     | normal                                                                              |
    | device_id             | 75ba0f05-3e92-4c37-a21a-0ee2f799caff                                                |
    | device_owner          | network:router_gateway                                                              |
    | extra_dhcp_opts       |                                                                                     |
    | fixed_ips             | {"subnet_id": "ca6b7767-f302-443d-a14d-2753f71d9112", "ip_address": "172.24.4.227"} |
    | id                    | 0fa52704-1d73-4400-b89a-e1cc9137cdf2                                                |
    | mac_address           | fa:16:3e:53:62:6a                                                                   |
    | name                  |                                                                                     |
    | network_id            | 2471ca6a-175e-4b60-b4c8-b83eeb188801                                                |
    | security_groups       |                                                                                     |
    | status                | DOWN                                                                                |
    | tenant_id             |                                                                                     |
    +-----------------------+-------------------------------------------------------------------------------------+
    [root@ip-192-169-142-147 ~(keystone_admin)]#
edit flag offensive delete link more

Comments

hello, but binding:vif_type is binding_fail and I can't connect to internet from instance. I have set security rule and floating ip.

twskay gravatar imagetwskay ( 2015-08-25 10:01:00 -0600 )edit

First of all when create router gateway , message "binding_failed" from your report should not come up.
Add UPDATE1 : CLI for creating external network and router gateway.
UPDATE 2 : Create OVS bridge br-ex and OVS port on Network Node
UPDATE 3 : Creating security rools.

dbaxps gravatar imagedbaxps ( 2015-08-25 11:00:28 -0600 )edit

bindng_vif_type should be ovs. See my sample.

dbaxps gravatar imagedbaxps ( 2015-08-25 11:02:07 -0600 )edit

hello, I have updated to question.

I aslo find error that bindng_vif_type is binding_failed.I set error arguments in creating ext-net and I recreate network. finally, bindng_vif_type is ovs.

twskay gravatar imagetwskay ( 2015-08-26 10:44:29 -0600 )edit

I have another probem. I set securtiy group and associate floating ip,but instance can't connect to internet.(I ping 8.8.8.8)

twskay gravatar imagetwskay ( 2015-08-26 10:44:53 -0600 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-08-24 10:35:21 -0600

Seen: 5,800 times

Last updated: Aug 31 '15