# Kilo: Network Node External Network unreachable?

Hi,

I've been struggling wit this issue since I created my tested in kilo, I filled the installation guide to the tips with three nodes (Controller, Compute, Network). I configured two tenants with two VMs each, and I end up with external network not working, I can't reach to VMs in or any external IP address in the cloud. all address are reachable through the namespaces {qdhcp, qrouter } ip nets exec, VMs can be access through horizon console but not with SSH,

after several investigation on external network in Network Node, I found the following:

1. all the external network related ports {tap, qr,qg} are down = PORT_DOWN and LINK_DOWN
2. another thing I noticed when I tried to draw a digram for my connections, I found the qg port is configured under the br-int bridge not in br-ext, although I didn't do any changed in the configuration, I simply followed the installation guid

Note:the OVS configuration are no different than what is in Openstack installation guide: http://docs.openstack.org/kilo/install-guide/install/apt/content/neutron-network-node.html (http://docs.openstack.org/kilo/instal...)

My questions: How to set the ports up ? why is my qg port configured under br-int instead of br-ex and is that normal? if not how to change this configuration? where I can find the OVS configuration file in openstack and the OVS bridges configuration? what should I do to fix the external network connection?

here are some details of the configuration from the Network Node:

“List OVS br-int Bridges contents”

OFPT_FEATURES_REPLY (xid=0x2): dpid:00001e203acb3547 n_tables:254, n_buffers:256 capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP actions: OUTPUT SET_VLAN_VID SET_VLAN_PCP STRIP_VLAN SET_DL_SRC SET_DL_DST SET_NW_SRC SET_NW_DST SET_NW_TOS SET_TP_SRC SET_TP_DST ENQUEUE  3(int-br-ex): addr:aa:35:9e:c5:9d:b3
config:     0
state:      0
speed: 0 Mbps now, 0 Mbps max  4(patch-tun): addr:52:42:20:bf:64:05
config:     0
state:      0
speed: 0 Mbps now, 0 Mbps max  5(tapf787d71a-7f): addr:00:00:00:00:00:00
config:     PORT_DOWN
speed: 0 Mbps now, 0 Mbps max  6(qr-c598ce66-1d): addr:00:00:00:00:00:00
config:     PORT_DOWN
speed: 0 Mbps now, 0 Mbps max  7(qg-677a5144-e4): addr:00:00:00:00:00:00
config:     PORT_DOWN
speed: 0 Mbps now, 0 Mbps max  8(tap75f81849-19): addr:00:00:00:00:00:00
config:     PORT_DOWN
speed: 0 Mbps now, 0 Mbps max  9(qg-a8d0cf48-dd): addr:00:00:00:00:00:00
config:     PORT_DOWN
speed: 0 Mbps now, 0 Mbps max  10(qr-35c7dc18-57): addr:00:00:00:00:00:00
config:     PORT_DOWN
speed: 0 Mbps now, 0 Mbps max  11(tap4e8a4128-1d): addr:00:00:00:00:00:00
config:     PORT_DOWN
speed: 0 Mbps now, 0 Mbps max  12(qg-f67da98c-eb): addr:00:00:00:00:00:00
config:     PORT_DOWN
speed: 0 Mbps now, 0 Mbps max  13(qr-ef9fd3b6-e2): addr:00:00:00:00:00:00
config:     PORT_DOWN
speed: 0 ...
Yes, its normal that your qg interface is under br-int at least liberty. so i guess its the same in kilo. can you ping your router ip from internet ? can you reach the external gateway from ip netne exec qr.. ping ?

If you can ping the 192.168.137.104 in the qrouter-c49868c0-2f77-49ff-bcc7-946c48a1c45c, and it should be no problem ? You can't ping your external gateway 192.168.137.1. I'm pretty sure you have a network problem outside of openstack. So I think you need to ckeck why eth2 can't talk to your networ

UPDATE:

I did some changes in the Network Node. I removed the eth2 from br-ex and then added eth0 to br-ex, finally I got the Network node connected to the external network of the cloud. I tested ssh the instance from the network Node and it work. I checked the port attached to br-ex and found the all qg ports moved from br-int to br-ex.

however, when I tired the test the connection (ping) from other nodes "Compute and Controller" the result was: Destination Host Unreachable. I did some tcpdump testing and I found that when I run ping command of an instance floating IP address (associated with qg port) from the other nodes, it reach to network node as ARP request and in return, network node reply back with the MAC address but it never received by the other node.

Any clue? do you thing that their is something blocking the arp reply to reach the other nodes? should network node should send the MAC address of eth0 rather than qg port? or is their a routing issues in the network node? why the other nodes can't receive the arp reply from network node?

If you are using external network provider (flat ) then qg interface should be attached to br-int and l3_agent.ini should be configured to allow non bridged external networking , otherwise ( you are not using external network provider ) you would have bridged external networking . If external bridge is called br-ex qg interface should be attached to br-ex.
See http://dbaxps.blogspot.com/2015/10/mu...
Regarding what means invoking external network provider , which commands might be used to get non bridged external networking or avoided to get bridged external networking

