Local vxlan traffic not sent between VMs on different compute nodes, missing OpenFlow rules [closed]

asked 2016-06-13 13:08:06 -0500

SoHm gravatar image

updated 2016-06-15 12:49:09 -0500

Hello!

My environment is one contoller and two compute nodes. Openstack - Mitaka.

Services on each nodes are below.

Controller:

nova-api
nova-conductor
nova-consoleaut
nova-novncproxy
nova-scheduler
glance-api
glance-registry
cinder-api
cinder-schedule
neutron-server

Compute (Hosts "openstack-3" and openstack-4):

nova-compute
nova-novncproxy
cinder-volume
tgtd
neutron-dhcp-agent
neutron-l3-agent
neutron-metadata-agent
neutron-ns-metadata-proxy
neutron-openvswitch-agent

My problem is that the traffic from one VM (vm-test-1, Host "openstack-3") does not reach the second VM (vm-test-2, Host "openstack-4"). After the diagnosis, I found that there is no corresponding rule in OpenFlow in Table 22. (flow table is below) If I create two VMs on single compute host, then they can ping each other and default gateway(if I create Router).

All nodes have one Ethernet-port.

Controller node - 172.17.44.61 Compute node "openstack-3" - 172.17.44.63 Compute node "openstack-4" - 172.17.44.64

[root@controller stack]# ifconfig

eth0      Link encap:Ethernet  HWaddr 00:0c:29:36:f7:0c  
          inet addr:172.17.44.61  Bcast:172.17.47.255  Mask:255.255.252.0
          inet6 addr: fe80::20c:29ff:fe36:f70c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:368569 errors:0 dropped:117 overruns:0 frame:0
          TX packets:246253 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:106549313 (106.5 MB)  TX bytes:87773092 (87.7 MB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:1186358 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1186358 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:538045452 (538.0 MB)  TX bytes:538045452 (538.0 MB)

[root@openstack-3 ~]# ifconfig

br-ex     Link encap:Ethernet  HWaddr 00:0c:29:c0:e8:3a  
          inet addr:172.17.44.63  Bcast:172.17.47.255  Mask:255.255.252.0
          inet6 addr: fe80::20c:29ff:fec0:e83a/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:72633 errors:0 dropped:3 overruns:0 frame:0
          TX packets:50174 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:35476230 (35.4 MB)  TX bytes:13857397 (13.8 MB)

eth0      Link encap:Ethernet  HWaddr 00:0c:29:c0:e8:3a  
          inet6 addr: fe80::20c:29ff:fec0:e83a/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:190147 errors:0 dropped:1 overruns:0 frame:0
          TX packets:50164 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:63479879 (63.4 MB)  TX bytes:13856977 (13.8 MB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:58310 errors:0 dropped:0 overruns:0 frame:0
          TX packets:58310 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:3238899 (3.2 MB)  TX ...
(more)
edit retag flag offensive reopen merge delete

Closed for the following reason the question is answered, right answer was accepted by SoHm
close date 2016-06-15 12:49:34.830543

Comments

Per each node add to question :-
ovs-vsctl show and ifconfig

dbaxps gravatar imagedbaxps ( 2016-06-13 13:37:33 -0500 )edit

Added. Openvswitch agent is installed only on compute nodes.

SoHm gravatar imageSoHm ( 2016-06-13 14:02:21 -0500 )edit

I see br-ex is present on Compute Nodes and absent on Controller . Is it correct ? Please confirm.
If "YES" OVS configuration of all nodes in system has been done wrong
I presume that you have installed Controller/Network together on the host 172.17.44.61

dbaxps gravatar imagedbaxps ( 2016-06-13 15:59:02 -0500 )edit

Controller don't have OVS-agent installed. Each Compute node acts as Network node (DNAT), because I want't have single point of failure. I would like to use Distributed Virtual Router (DVR) (http://blog.gampel.net/2014/12/openstack-neutron-distributed-virtual.html (http://blog.gampel.net/2014/12/openst...)) Should Controller have OVS-agent?

SoHm gravatar imageSoHm ( 2016-06-14 01:26:08 -0500 )edit

You forgot about DVR_SNAT

dbaxps gravatar imagedbaxps ( 2016-06-14 02:55:56 -0500 )edit