troubleshooting external network after upgrade to kilo
Hi all,
I was recently upgrading form icehouse to juno to kilo. Juno upgrade was all working fine.
After finishing kilo upgrade vm's external network connections stop working. Internal conversation vm<>vm is fine. Neither egress connections from vm with nor without floatingip does work (nor ingress). All floatingip’s are marked as ‘down’ in “Network Details: ext-net” in horizon.
tcpdump in router namespace for ext-net shows traffic up to this point, ssh/ping.
I guess I have drilled that down to initial network creation in icehouse where there was no
... --provider:physical_network ... --provider:network_type ...
configuration option.
The initial network creation was (icehouse):
neutron net-create ext-net --shared --router:external=True
My ext-net looks like:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | 0e4e1e69-b0f1-47b6-99e1-0794bd0e5b57 |
| mtu | |
| name | ext-net |
| provider:network_type | gre |
| provider:physical_network | |
| provider:segmentation_id | 1 |
| router:external | True |
| shared | False |
| status | ACTIVE |
| subnets | 2e1ad67b-8416-4bf2-ba83-831e1a60abcc |
| tenant_id | 26de2965153f40f1877e4acdd42ce332 |
+---------------------------+--------------------------------------+
The initial network creation in my testing environment was (juno) (which is running fine after upgrade to kilo ;):
neutron net-create ext-net --router:external True --provider:physical_network external --provider:network_type flat
and ext-net looks here:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | a1e98fbb-1401-4451-a4db-d2b0611b8414 |
| mtu | |
| name | ext-net |
| provider:network_type | flat |
| provider:physical_network | external |
| provider:segmentation_id | |
| router:external | True |
| shared | False |
| status | ACTIVE |
| subnets | 9246e329-a858-44ee-9ecd-71237120671b |
| tenant_id | 448df8e1104a44e6b9f9c3d14554f402 |
+---------------------------+--------------------------------------+
Thank you very much for any help especially cause this is running a beta for our institute in (some sort of) ‘production’ …
little
P.S.: these posts were also helpful:
https://ask.openstack.org/en/question/60145/troubleshooting-br-ex/ (troubleshooting-br-ex)
https://ask.openstack.org/en/question/24853/ovs-br-ex-confusion-and-neutron-network/ (ovs-br-ex-confusion-and-neutron-network)
ml2_conf.ini
... [ml2_type_flat] flat_networks = external [ovs] local_ip = 10.0.188.173 bridge_mappings = external:br-ex [agent] tunnel_types = gre
ovs-vsctl show
c03df532-293d-4bf3-a925-5fd90dcad48c
Bridge br-tun
fail_mode: secure
Port br-tun
Interface br-tun
type: internal
Port "gre-0a00bcab"
Interface "gre-0a00bcab"
type: gre
options: {df_default="true", in_key=flow, local_ip="10.0.188.173", out_key=flow, remote_ip="10.0.188.171"}
Port "gre-0a00bcae"
Interface "gre-0a00bcae"
type: gre
options: {df_default="true", in_key=flow, local_ip="10.0.188.173", out_key=flow, remote_ip="10.0.188.174"}
Port patch-int
Interface patch-int
type: patch
options: {peer=patch-tun}
Port "gre-0a00bceb"
Interface "gre-0a00bceb"
type: gre
options: {df_default="true", in_key=flow, local_ip="10.0.188.173", out_key=flow, remote_ip="10.0.188.235"}
Port "gre-0a00bcac"
Interface "gre-0a00bcac"
type: gre
options: {df_default="true", in_key=flow, local_ip="10.0.188.173", out_key=flow, remote_ip="10.0.188.172"}
Bridge br-int
fail_mode: secure
Port "qr-7190b7b1-4f"
tag: 6
Interface "qr-7190b7b1-4f"
type: internal
Port "qg-ecab36af-2b"
tag: 2
Interface "qg-ecab36af-2b"
type: internal
Port "tap33688b8c-9e"
tag: 7
Interface "tap33688b8c-9e"
type: internal
Port int-br-ex
Interface int-br-ex
type: patch
options: {peer=phy-br-ex}
Port "qr-41d73815-c4"
tag: 5
Interface "qr-41d73815-c4"
type: internal
Port "tap7c31c606-03"
tag: 4
Interface "tap7c31c606-03"
type: internal
Port "qr-5b423585-f4"
tag: 4
Interface "qr-5b423585-f4"
type: internal
Port "tap7c2819a1-e4"
tag: 6
Interface "tap7c2819a1-e4"
type: internal
Port patch-tun
Interface patch-tun
type: patch
options: {peer=patch-int}
Port "tap55df9075-f1"
tag: 1
Interface "tap55df9075-f1"
type: internal
Port "qg-c807056c-90"
tag: 2
Interface "qg-c807056c-90"
type: internal
Port "qg-77688f9a-8e"
tag: 2
Interface "qg-77688f9a-8e"
type: internal
Port "qg-3dddc4cb-28"
tag: 2
Interface "qg-3dddc4cb-28"
type: internal
Port "qg-ec0d45c1-2d"
tag: 2
Interface "qg-ec0d45c1-2d ...
You might want to check if the new network_type and physical_network for ext net match your configs. After that try to recreate another ext router.
I was guessing that I gave relevant configs above. But no, it should be like on testing environment: provider:network_type flat. If the only possibility is recreating it I will check that out. Otherwise could you please give more details on what to do/check?