How how does icmp packet travel across two compute nodes without br-int and br-tun running?
Hi All,
I have a very peculiar problem here. There is no problem with my cloud as such but with my understanding. And I need your help to understand this. I am 15 months old in openstack now.
I have 4 -node setup of openstack RDO kilo version. Details are: one controller, one network and two compute nodes. I am using rhel 7.1 VMs. This I have set up on my laptop just to understand the packet flow. All VMs has only one nic (vnic). I was trying to create private network so i have configured br-ex and pointed eth0 to that. This I have done on network and each compute node. I have created an instance on each compute node. These instances have different network. instance 1 has 30.30.30.0/28 and instance 2 has 40.40.40.0/28. the tunneling protocol is vxlan. Both instances are pinging.
My query is, according to this guide the icmp packets should follow as:
VM1==>tap device==>linux bridge==>br-int ==> br-tun ==> eth0(br-ex) and then it should go to network node's br-tun==>br-int here it should get routed and should go to compute node2 in the same but reverse sequence.
But here in my case, both br-tun and br-int are down on each node (compute1, compute2 and network node) and VMs are still pinging. When I tried to trace the icmp (tcpdump -i any ) on network node, nothing appears. Similiarly, tcpdumping on physical interfaces of compute nodes does not show anything either.
Does anyone have any idea on this. Am I missing anything here.
I have attached all necessary files here but please feel free to ask for anything if required.
C:\fakepath\ml2_conf.png C:\fakepath\ovs_neutron_plugin_networkNode.png C:\fakepath\ovs_neutron_plugin_compute1.png C:\fakepath\ovs_neutron_plugin_compute2.png C:\fakepath\config_file.png
is the trace empty? I think it gets encapsulated so you might not see it clearly. which Physical interface did you trace?
I traced like this on network and compute nodes: "tcpdump icmp -i any" and didn't get anything. I tried to trace device eth0 on each node in similar way, dint get anything. i have attached eth0 to br-ex on each nodes. Is this the problm? Also why br-int/br-tun are down. hw sud i correct it?
You do not appear to have actually attached any files. You should try that again.
Actually tool did not allow me to upload .ini/.conf files so I have changed the extension to .png. Please right-click and "save link as..." and open the files in vi-editor.
If you want to trace the ICMP, you have to use tcpdump to analyze the traffic within the namespace, after it has been de-encapsulated. Use "sudo netns list" to get qrouter or VM namespaces (on controller or compute respectively) followed by "sudo netns exec <namespace> tcpdump -i <iface>".