cannot ping tenant router gateway

asked 2015-09-02 16:21:51 -0500

lyonj3
1 ●1 ●1 ●1

updated 2015-09-03 12:53:02 -0500

Hi,

I have successfully completed the steps for setting up Kilo on SLES12 up until the part where I need to verify the network connectivity:

http://docs.openstack.org/kilo/install-guide/install/zypper/content/neutron_initial-networks-verify.html (http://docs.openstack.org/kilo/instal...)

I have tried several times to set all this up but it just ends up the same way. The gateway port on my tenant router is DOWN and says vif_type = binding_failed.

openstack1:~ # neutron port-show 1ba72d7b-5c38-43f9-a7c9-ed101255013b
+-----------------------+---------------------------------------------------------------------------------------+
| Field                 | Value                                                                                 |
+-----------------------+---------------------------------------------------------------------------------------+
| admin_state_up        | True                                                                                  |
| allowed_address_pairs |                                                                                       |
| binding:host_id       | openstack1                                                                       |
| binding:profile       | {}                                                                                    |
| binding:vif_details   | {}                                                                                    |
| binding:vif_type      | binding_failed                                                                        |
| binding:vnic_type     | normal                                                                                |
| device_id             | cafe3ce1-33a2-4448-a356-65fd48f2b420                                                  |
| device_owner          | network:router_gateway                                                                |
| extra_dhcp_opts       |                                                                                       |
| fixed_ips             | {"subnet_id": "25520250-ceec-48a8-b8a3-0e5473b2a741", "ip_address": "10.244.236.232"} |
| id                    | 1ba72d7b-5c38-43f9-a7c9-ed101255013b                                                  |
| mac_address           | fa:16:3e:1b:ed:bc                                                                     |
| name                  |                                                                                       |
| network_id            | a1a1ac43-1cc5-4ee3-ae9c-182fa58c1078                                                  |
| security_groups       |                                                                                       |
| status                | DOWN                                                                                  |
| tenant_id             |                                                                                       |
+-----------------------+---------------------------------------------------------------------------------------+

Here is the output of my ovs-vsctl:

b832e21a-9e34-4a94-93ce-738a09b9c283
    Bridge br-int
        fail_mode: secure
        Port br-int
            Interface br-int
                type: internal
        Port "qr-5053953e-24"
            tag: 4095
            Interface "qr-5053953e-24"
                type: internal
        Port "tap596025cc-ce"
            tag: 4095
            Interface "tap596025cc-ce"
                type: internal
    Bridge br-ex
        Port br-ex
            Interface br-ex
                type: internal
        Port ext
            Interface ext
        Port "qg-1ba72d7b-5c"
            Interface "qg-1ba72d7b-5c"
                type: internal
    ovs_version: "2.1.2"

"ext" is the name of my external interface, it is added to the br-ex interface. Both are interfaces up and connected.

In my setup the management and external networks happen to be the same network and the networking, compute and controller are all on one node (there is also a second compute node), not sure if this is an issue, but I have to think that I am unable to ping the tenant router because of the "binding_failed" and I cannot figure out why that is happening. I also see "tag:4095" under br-int which is apparently a bad thing but I'm not sure what to do about that (it was created automatically).

Any help would be greatly appreciated! I have been staring at this for days now...

EDIT1: some info from the logs that might be helpful:

2015-09-03 10:22:29.603 2795 ERROR neutron.agent.linux.utils [req-a13d0e2b-a626-412d-9ca5-293268a1a1e9 ]
Command: ['sudo', 'neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ovs-ofctl', 'dump-flows', 'br-int', 'table=23']
Exit code: 1
Stdin:
Stdout:
Stderr: ovs-ofctl: br-int is not a bridge or a socket

2015-09-03 10:22:29.604 2795 ERROR neutron.agent.common.ovs_lib [req-a13d0e2b-a626-412d-9ca5-293268a1a1e9 ] Unable to execute ['ovs-ofctl', 'dump-flows', 'br-int', 'table=23']. Exception:
Command: ['sudo', 'neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ovs-ofctl', 'dump-flows', 'br-int', 'table=23']
Exit code: 1
Stdin:
Stdout:
Stderr: ovs-ofctl: br-int is not a bridge or a socket

But I get the feeling this has only shown up because I deleted br-int at one point, because I don't see this error in the logs since I reinstalled neutron.

edit retag flag offensive close merge delete

add a comment

3 answers

Sort by » oldest newest most voted

answered 2015-09-04 12:29:25 -0500

lyonj3
1 ●1 ●1 ●1

I half solved this. I am able to get the virtual routers gateway to ping by adding this to /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini:

[ovs]
integration_bridge = br-int
local_ip = 10.0.1.11
[agent]
tunnel_types = gre
[securitygroup]
firewall_driver = neutron.agent.firewall.NoopFirewallDriver
enable_security_group = True
enable_ipset = True

And this to /etc/neutron/l3_agent.ini:

external_network_bridge = br-ex

However the vif_type of the gateway interface on my router is still "binding_failed" which I'm sure will cause problems down the line...

edit flag offensive delete link

Comments

Thanks for the update.

The file /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini is not there in my server. I created it and added your contents.

Also, I did the same configurations in /etc/neutron/plugins/ml2/ml2_conf.ini and restarted the services. Still I couldn't ping the router gateway

Srini ( 2015-09-07 02:10:45 -0500 )edit

If you manually add an IP to your bridged external interface (the interface added to br-ex) can you ping that?

lyonj3 ( 2015-09-08 09:27:04 -0500 )edit

Also, what operating system are you using? I just got it to work fully following the install guide exactly using ubuntu server 15.04. There seem to be issues with SLES12 (which is what I was using previously).

lyonj3 ( 2015-09-08 13:39:49 -0500 )edit

Yes, there is a manual IP address assigned to eth1 which is added to br-ex. But still couldn't ping the gateway. (I have briefed my setup in one of my previous post in this thread)

I'm using Ubuntu 15.04 (all nodes - controller, network & compute in the same machine)

Srini ( 2015-09-11 01:52:10 -0500 )edit

Have you guys fixed the issue? I have same problem. What is local_ip= ?

Allen Liu ( 2015-10-22 18:31:15 -0500 )edit

add a comment

answered 2015-09-04 03:35:32 -0500

Srini
1 ●1 ●3 ●2

I'm also facing the same issue.

I run controller, network & compute nodes on the same host machine but with different NIC cards as follows,

172.31.140.145 controller - eth0
172.31.140.111 network - eth1
172.31.140.112 compute - eth2

There are two additional interfaces created for tunnelling (eth0:1 & eth0:2).

root@arm64:/home/ubuntu# ifconfig -a
    br-ex     Link encap:Ethernet  HWaddr 7e:cf:8e:d6:9d:41
              BROADCAST MULTICAST  MTU:1500  Metric:1
              RX packets:0 errors:0 dropped:0 overruns:0 frame:0
              TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

    br-int    Link encap:Ethernet  HWaddr aa:9b:a0:3c:9d:48
              BROADCAST MULTICAST  MTU:1500  Metric:1
              RX packets:112 errors:0 dropped:0 overruns:0 frame:0
              TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:7680 (7.6 KB)  TX bytes:0 (0.0 B)

    br-tun    Link encap:Ethernet  HWaddr 8e:b1:d4:28:3c:4e
              BROADCAST MULTICAST  MTU:1500  Metric:1
              RX packets:0 errors:0 dropped:0 overruns:0 frame:0
              TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

    eth0      Link encap:Ethernet  HWaddr 16:cf:5e:0e:aa:ac
              inet addr:172.31.140.145  Bcast:172.31.255.255  Mask:255.255.0.0
              inet6 addr: fe80::14cf:5eff:fe0e:aaac/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:118720 errors:0 dropped:4651 overruns:0 frame:0
              TX packets:32287 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000
              RX bytes:17278987 (17.2 MB)  TX bytes:14353728 (14.3 MB)

    eth0:1    Link encap:Ethernet  HWaddr 16:cf:5e:0e:aa:ac
              inet addr:172.31.141.100  Bcast:172.31.255.255  Mask:255.255.0.0
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

    eth0:2    Link encap:Ethernet  HWaddr 16:cf:5e:0e:aa:ac
              inet addr:172.31.141.101  Bcast:172.31.255.255  Mask:255.255.0.0
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

    eth1      Link encap:Ethernet  HWaddr 6a:be:2e:26:a8:de
              inet addr:172.31.140.111  Bcast:172.31.255.255  Mask:255.255.0.0
              inet6 addr: fe80::68be:2eff:fe26:a8de/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:48 errors:0 dropped:0 overruns:0 frame:0
              TX packets:447 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000
              RX bytes:3888 (3.8 KB)  TX bytes:27828 (27.8 KB)

    eth2      Link encap:Ethernet  HWaddr 1e:0e:ed:28:69:ba
              inet addr:172.31.140.112  Bcast:172.31.255.255  Mask:255.255.0.0
              inet6 addr: fe80::1c0e:edff:fe28:69ba/64 Scope ...

(more)

edit flag offensive delete link

Comments

Try setting external_network_bridge = br-ex in /etc/neutron/l3_agent.ini

lyonj3 ( 2015-09-04 12:31:37 -0500 )edit

add a comment

answered 2015-09-03 01:05:40 -0500

dbaxps

10778 ●57 ●112 ●224 http://bderzhavets.blo...

Tag 4095 is dead tag ( in your case attached to qr-*). Recreate external network and try to recreate gateway at neutron router.

edit flag offensive delete link

Comments

Thanks for the reply, I have tried that several times like so:

remove all networks and router and ovs bridges

add br-ex

add ext port to br-ex

create ext-net/subnet

create int-net/subnet

create router

add int-subnet to router

set router gateway to ext-subnet

I still see the 4095 tag.

lyonj3 ( 2015-09-03 09:37:11 -0500 )edit

Something is wrong with Neutron, I would try reinstall neutron from scratch

dbaxps ( 2015-09-03 09:51:40 -0500 )edit

Ok I will try that again as well, this is my second install of it hitting the same problem.

lyonj3 ( 2015-09-03 09:54:04 -0500 )edit

No luck, but I found something in the neutron-openvswitch-agent log that might be useful. Added above.

lyonj3 ( 2015-09-03 12:53:53 -0500 )edit

Same issue in my env.

Allen Liu ( 2015-10-22 18:34:00 -0500 )edit

add a comment

cannot ping tenant router gateway

3 answers

Comments

Comments

Comments

Your Answer

Get to know Ask OpenStack

Question Tools

Stats

Related questions

Feedback About This Page

OpenStack

Community

Documentation

Branding & Legal

cannot ping tenant router gateway edit

3 answers

Comments

Comments

Comments

Your Answer

Get to know Ask OpenStack

Question Tools

Stats

Related questions

Feedback About This Page

OpenStack

Community

Documentation

Branding & Legal

cannot ping tenant router gateway