Ask Your Question
0

Has anyone gotten multiple external gateways to work for flat/vlan networks and openvswitch?

asked 2015-10-04 00:13:05 -0500

penghon gravatar image

updated 2015-10-04 00:13:47 -0500

Based on http://blog.oddbit.com/2014/05/28/multiple-external-networks-wit/ (http://blog.oddbit.com/2014/05/28/mul...) it would appear that you can achieve something like the following:

            +                              
            |  +---------+   +---------------------+
            +--+ router1 +---+  external1/gateway1 |
+---------+ |  +---------+   +---------------------+
| private +-+                              
+---------+ |                              
            |  +---------+   +---------------------+
            +--+ router2 +---+ external2/gateway2  |
            |  +---------+   +---------------------+

+

I have not been able to get the above to work and would like to ask if anyone has ever gotten such a configuration to work in their Juno/Kilo opentstack deployment.

[root@clarion ~(keystone_admin)]# ovs-vsctl show
a74b8d71-bdec-475d-9462-0ba733383bfc
    Bridge br-ex
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
        Port "eth1"
            Interface "eth1"
    Bridge br-int
        fail_mode: secure
        Port br-int
            Interface br-int
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port "qg-88797849-5f "
            tag: 1
            Interface "qg-88797849-5f "
                type: internal
        Port "int-br-ex2"
            Interface "int-br-ex2"
                type: patch
                options: {peer="phy-br-ex2"}
    Bridge "br-ex2"
        Port "br-ex2"
            Interface "br-ex2"
                type: internal
        Port "phy-br-ex2"
            Interface "phy-br-ex2"
                type: patch
                options: {peer="int-br-ex2"}
        Port "eth2"
            Interface "eth2"
    ovs_version: "2.3.1"

[root@clarion ~]# grep -iRE "br-ex|physnet|external_network_bridge|gateway_external_network_id" /etc/neutron/* | grep -v "#"
/etc/neutron/l3_agent.ini:gateway_external_network_id =
/etc/neutron/l3_agent.ini:external_network_bridge =
/etc/neutron/plugin.ini:network_vlan_ranges =physnet1:1:100,physnet2:101:200
/etc/neutron/plugins/ml2/ml2_conf.ini:network_vlan_ranges =physnet1:1:100,physnet2:101:200
/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini:bridge_mappings =physnet1:br-ex,physnet2:br-ex2

The odd behaviour seen is that the qg interface of the router is attached to br-int as shown in the above ovs-vsctl show command.

I have tested on Juno and kilo, wiped out the config and reconfig, create/recreate network/router/subnet via GUI and CLI and nothing works.

Any advice/guidance would be greatly appreciated.

edit retag flag offensive close merge delete
add a comment

1 answer

Sort by ยป oldest newest most voted
0

answered 2015-11-01 23:33:47 -0500

penghon gravatar image

I found out that the problem is with my understanding. Assumption: Multiple gateways (routers created via openstack) can be used for a single instance that has more than one interface tagged to a separate external gateway.

What I found out: You no longer can configure openstack routers if you use multiple external vlan. The keypoint which I missed out from http://blog.oddbit.com/2014/05/28/multiple-external-networks-wit/ (http://blog.oddbit.com/2014/05/28/mul...) is "This assumes that eth1 is connected to a network using 10.1.0.0/24 and eth2 is connected to a network using 10.2.0.0/24, and that each network has a gateway sitting at the corresponding .1 address."

From my setup:

    [root@diminishingreturns (keystone_user1)]# ovs-vsctl show
    59ed8124-67f7-4da5-b4ec-177c12f4dcc5
        Bridge "br-ex2"
            Port "eth2"
                Interface "eth2"
            Port "phy-br-ex2"
                Interface "phy-br-ex2"
                    type: patch
                    options: {peer="int-br-ex2"}
            Port "br-ex2"
                Interface "br-ex2"
                    type: internal
        Bridge br-int
            fail_mode: secure
            Port "int-br-ex2"
                Interface "int-br-ex2"
                    type: patch
                    options: {peer="phy-br-ex2"}
            Port "qvo37461431-48"
                tag: 1
                Interface "qvo37461431-48"
            Port "qvoec757be8-b1"
                tag: 1
                Interface "qvoec757be8-b1"
            Port br-int
                Interface br-int
                    type: internal
            Port int-br-ex
                Interface int-br-ex
                    type: patch
                    options: {peer=phy-br-ex}
            Port "qvob5290ebb-d3"
                tag: 3
                Interface "qvob5290ebb-d3"
        Bridge br-ex
            Port br-ex
                Interface br-ex
                    type: internal
            Port phy-br-ex
                Interface phy-br-ex
                    type: patch
                    options: {peer=int-br-ex}
            Port "eth1"
                Interface "eth1"
        ovs_version: "2.3.1"

[root@diminishingreturns cinder(keystone_user1)]# ovs-ofctl show br-int
OFPT_FEATURES_REPLY (xid=0x2): dpid:00001e68565d0d43
n_tables:254, n_buffers:256
capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP
actions: OUTPUT SET_VLAN_VID SET_VLAN_PCP STRIP_VLAN SET_DL_SRC SET_DL_DST SET_NW_SRC SET_NW_DST SET_NW_TOS SET_TP_SRC SET_TP_DST ENQUEUE
 16(int-br-ex2): addr:86:e4:99:88:e3:8e
     config:     0
     state:      0
     speed: 0 Mbps now, 0 Mbps max
 17(int-br-ex): addr:22:81:34:97:cb:b7
     config:     0
     state:      0
     speed: 0 Mbps now, 0 Mbps max
 18(qvo37461431-48): addr:4a:a6:6a:ac:b3:e3
     config:     0
     state:      0
     current:    10GB-FD COPPER
     speed: 10000 Mbps now, 0 Mbps max
 20(qvoec757be8-b1): addr:fa:1a:ea:be:92:6a
     config:     0
     state:      0
     current:    10GB-FD COPPER
     speed: 10000 Mbps now, 0 Mbps max
 21(qvob5290ebb-d3): addr:6e:b1:53:4d:16:1f
     config:     0
     state:      0
     current:    10GB-FD COPPER
     speed: 10000 Mbps now, 0 Mbps max
 LOCAL(br-int): addr:1e:68:56:5d:0d:43
     config:     PORT_DOWN
     state:      LINK_DOWN
     speed: 0 Mbps now, 0 Mbps max
OFPT_GET_CONFIG_REPLY (xid=0x4): frags=normal miss_send_len=0
[root@diminishingreturns cinder(keystone_user1)]# ovs-ofctl dump-flows br-int
NXST_FLOW reply (xid=0x4):
  cookie=0x0, duration=12124.902s, table=0, n_packets=409, n_bytes=39452, idle_age=1, priority=1 actions=NORMAL
  cookie=0x0, duration=12124.320s, table=0, n_packets=9, n_bytes=576, idle_age=1596, priority=2,in_port=16 actions=drop
  cookie=0x0, duration=12123.718s, table=0, n_packets=9, n_bytes=576, idle_age=1596, priority=2,in_port=17 actions=drop
  cookie=0x0, duration=801.740s, table=0, n_packets=334, n_bytes=31700, idle_age=1, priority=3,in_port=16,vlan_tci=0x0000 actions=mod_vlan_vid:3,NORMAL
  cookie=0x0, duration=1492.361s, table=0, n_packets=27, n_bytes=2212, idle_age=312, priority=3,in_port=17,vlan_tci=0x0000 actions=mod_vlan_vid ...
(more)
edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2015-10-04 00:13:05 -0500

Seen: 566 times

Last updated: Nov 01 '15

Related questions

Instance failed to spawn

Router external interface DOWN

neutron generate random MAC

post creation failing

Juno dashboard 403 forbidden

where is swift API key

RDO Kilo - NoValidHost: No valid host was found. There are not enough hosts available.

Unable to create security group.

create security group

Help with neutron policy.json