Ask Your Question
1

Liberty: neutron arp can't arrive external network

asked 2016-01-26 01:45:03 -0500

liuyuan gravatar image

Hi. Using devstack I have built the openstack with enabled neutron in a single machine which is a vm on Vmware ESI. Next I mannually built network step by step for learning. but in the last step, the vm can't access the external network. Actually vm can ping br-ex,but can't ping the external gateway. I use tcpdump on the br-ex, and arp request can be seen, but no response. I perform arping on br-ex to external gateway, it's ok. Here is the networking configuration of host:

auto eth0 iface eth0 inet static
address 192.168.18.247
netmask 255.255.255.0
gateway 192.168.18.1
auto eth1 iface eth1 inet manual up
ifconfig $IFACE 0.0.0.0 up up ip link
set $IFACE promisc on down ip link set
$IFACE promisc off down ifconfig
$IFACE down

auto br-ex iface br-ex inet static
address 192.168.16.2 netmask
255.255.255.0 gateway 192.168.18.1 up ip link set $IFACE promisc on down ip
link set $IFACE promisc off

Eth0 and eth1 are virtual nic of host, and eth0 is for host connections, and eth1 for external access of neutron network, whose configuration is been assigned to br-ex. Here is neutron network list.

$ neutron net-list

session continue
session continue
+--------------------------------------+-----------+----------------------------------------------------------+
| id                                   | name      | subnets                                                  |
+--------------------------------------+-----------+----------------------------------------------------------+
| ab6151c1-c10a-4256-ada4-503f74d71793 | my-public | 9663a87e-a587-4e24-9023-95d4454cf0cd 192.168.16.0/24     |
| 24766edc-5994-4897-87c8-c45f619f7f7f | vm-net2   | 23e8982f-41e4-46c8-9540-3b5d690eb605 40.40.40.0/24       |
| e51fe177-bda3-4fcf-9829-e9f7b47510af | user1     | de101e01-901f-444a-a1f6-e3b1c73acbe5 192.168.0.0/24      |
|                                      |           | e0f6b7d1-28d2-4f7f-9fda-141db8212c06 40.40.0.0/24        |
| 2c5d2a21-d537-41e6-99c4-b78a29d62405 | private   | 58d9a6c7-3fc6-4fdb-8d19-15dbe778c375 10.0.0.0/24         |
|                                      |           | 7930939e-02e9-4b19-9c87-892074647171 fd9f:3495:e4c6::/64 |
| 4f2cc0e8-7422-426b-8396-a959663c1949 | vm-net1   | 6c737233-a8ff-45f9-8b68-3f2bcd38fa46 30.30.0.0/24        |
+--------------------------------------+-----------+----------------------------------------------------------+

Here is the subnet of public network

$ neutron subnet-show 9663a87e-a587-4e24-9023-95d4454cf0cd
+-------------------+------------------------------------------------------+
| Field             | Value                                                |
+-------------------+------------------------------------------------------+
| allocation_pools  | {"start": "192.168.16.230", "end": "192.168.16.240"} |
| cidr              | 192.168.16.0/24                                      |
| dns_nameservers   |                                                      |
| enable_dhcp       | False                                                |
| gateway_ip        | 192.168.16.1                                         |
| host_routes       |                                                      |
| id                | 9663a87e-a587-4e24-9023-95d4454cf0cd                 |
| ip_version        | 4                                                    |
| ipv6_address_mode |                                                      |
| ipv6_ra_mode      |                                                      |
| name              | public_subnet2                                       |
| network_id        | ab6151c1-c10a-4256-ada4-503f74d71793                 |
| subnetpool_id     |                                                      |
| tenant_id         | f982ad752ca846ab8009b5cd8572ac7e                     |
+-------------------+------------------------------------------------------+

Here is ovs bridge:

   ovs-vsctl show
    64b72f96-6d9d-4b36-aa3d-1aad376fff37
        Bridge br-ex
            Port "eth1"
                Interface "eth1"
            Port br-ex
                Interface br-ex
                    type: internal
            Port "qg-f74798b3-91"
                Interface "qg-f74798b3-91"
                    type: internal
            Port "qg-7ffc26e5-73"
                Interface "qg-7ffc26e5-73"
                    type: internal
            Port "qg-60952223-b3"
                Interface "qg-60952223-b3"
                    type: internal
            Port "tap8dd8a07a-4e"
                Interface "tap8dd8a07a-4e"

Here is the router’s interfaces:

$ sudo ip netns exec qrouter-4faaee4d-f539-4f38-811a-25174bc8a4a1 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
6: qg-7ffc26e5-73: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default
    link/ether fa:16:3e:3c:d0:d6 brd ff:ff:ff:ff:ff:ff
    inet 192.168.16.230/24 brd 192.168.16.255 scope global qg-7ffc26e5-73
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe3c:d0d6/64 scope link
       valid_lft forever preferred_lft forever
13: qr-ca8ca08d-32: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default
    link ...
(more)
edit retag flag offensive close merge delete

1 answer

Sort by » oldest newest most voted
0

answered 2016-04-15 07:05:24 -0500

fxpester gravatar image

just hit the same thing.

external network works well, and answers for ARP


15:01:57.165863 ARP, Reply 192.168.1.30 is-at 00:0c:29:c5:49:6e, length 28
15:01:58.162731 ARP, Request who-has 192.168.1.30 tell 192.168.1.221, length 46
host machine can see MAC of 192.168.1.30 but vm namespace can`t:


root@ubuntu:/opt/stack/logs# ip netns exec qrouter-22748a15-6710-4b19-a7fa-7a612fcaebd4 arp -an
? (192.168.1.18) at 00:0c:29:25:3f:89 [ether] on qg-72ab82eb-67
? (192.168.1.1) at d4:ca:6d:32:01:36 [ether] on qg-72ab82eb-67
? (10.0.0.3) at fa:16:3e:5c:24:c6 [ether] on qr-9aa3ec3a-84
? (192.168.1.30) at <incomplete> on qg-72ab82eb-67
root@ubuntu:/opt/stack/logs# arp -an
? (192.168.1.220) at fa:16:3e:9d:38:23 [ether] on br-ex
? (192.168.1.1) at d4:ca:6d:32:01:36 [ether] on br-ex
? (192.168.1.30) at 00:0c:29:c5:49:6e [ether] on br-ex
? (192.168.1.221) at fa:16:3e:9d:38:23 [ether] on br-ex

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

Stats

Asked: 2016-01-25 19:55:42 -0500

Seen: 889 times

Last updated: Apr 15 '16