Openstack Neutron VLan Networking Issue

asked 2016-11-18 09:18:44 -0500

rishikapoor gravatar image

updated 2016-11-22 23:17:35 -0500

I am facing Neutron Vlan networking issue in Openstack Mitaka, that is am not able to make my instance reachable from my physical vlan network after attaching them directly to the vlan network i created in Openstack with the segmentation id of my physical vlan network.

2 Node setup :- 1 compute node + 1 compute/controller/network node Separate NICs for Management(eth0) & Overlay/Instance Traffic(eth1, br-ex OVS bridge mapped)

Here are the steps i followed:-

a) Physical Switch Trunk mode configuration done on switch port to which NIC on Compute/Network node is connected for Instance/Overlay traffic. It allows vlan 14 to flow.

b) ifcfg-br-ex.14 created on both nodes to allow vlan 14 tagged traffic

c) ml2_conf.ini on Network/Controller node

type_drivers = vlan,gre
tenant_network_types = vlan,gre
mechanism_drivers =openvswitch
path_mtu = 0

[ml2_type_vlan]
network_vlan_ranges =vlan:14:14

[securitygroup]

firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
enable_security_group = True

d) openvswitch_agent.ini on both nodes

[ovs]

integration_bridge = br-int
tunnel_bridge = br-tun
bridge_mappings =vlan:br-ex

[securitygroup]

firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

e) Create network

neutron net-create vlan_X --shared --provider:network_type vlan --provider:segmentation_id 14 --provider:physical_network vlan ­­router:external

f) Create Subnet

neutron subnet-create --name subnet_X --gateway 172.29.X.1 --disable-dhcp --allocation-pool start=172.29.X.250,end=172.29.X.253 vlan_X 172.29.X.0/24 --dns-nameserver 172.29.X.2 --host_routes type=dict list=true destination=169.254.169.254/32,nexthop=172.29.X.1

Note:Some IP details hidden

h) After which i launch an instance on vlan_X, it is not reachable from my external vlan network.

Any step i am missing? Please suggest, it will really help me.

Please let know for more info.

edit retag flag offensive close merge delete

Comments

I believe you need to say neutron net-create....--provider:physical_network vlan, not vlan14. I.e. the provider NW name must correspond to your bridge mapping in the agent.ini. See http://docs.openstack.org/mitaka/netw....

Bernd Bausch gravatar imageBernd Bausch ( 2016-11-18 18:31:43 -0500 )edit

Hi Bernd, Greetings!! Really appreciate your response.

The Physical network name I decided is "vlan" and have checked the correct bridge mapping in

/etc/neutron/plugins/ml2/openvswitch_agent.ini bridge_mappings =vlan:br-ex

I have also updated the command as above, but still not successful

rishikapoor gravatar imagerishikapoor ( 2016-11-22 23:20:32 -0500 )edit

Guys!

Any step that i am missing over here, or any direction you would like to point me in.

Have already gone through http://docs.openstack.org/mitaka/networking-guide/scenario-provider-ovs.html (http://docs.openstack.org/mitaka/netw...) but didnt work out.

Please suggest, would really appreciate.

Thanks in advance.

rishikapoor gravatar imagerishikapoor ( 2016-11-22 23:22:03 -0500 )edit

The link I provided asks you to create the OVS bridge and doesn't talk about creating br-ex.14. Try to follow the instructions. Other things to check: Have you opened security group ports? Does the instance have an IP address? Does it have connectivity to anything?

Bernd Bausch gravatar imageBernd Bausch ( 2016-11-22 23:42:03 -0500 )edit

When you can't find a problem with the setup, trace packets. Do they arrive at the compute node's eth1? At the various interfaces between eth1 and the instance's tap interface? Use tcpdump -neli <interface name>.

Bernd Bausch gravatar imageBernd Bausch ( 2016-11-22 23:43:45 -0500 )edit