Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

How to surf internet via Neutron GRE tunnel (Fedora 20) ?

Setup described here in details it follows Kashyap links http://kashyapc.fedorapeople.org/virt/openstack/neutron-configs-GRE-OVS-two-node.txt and http://kashyapc.fedorapeople.org/virt/openstack/Two-node-Havana-setup.txt but done for real boxes ( not virtual machines and on non-libvirt subnet)

I have two instances on Physical Compute node F19 (text) and CentOS 6.5 (Gnome desktop) I can ping and traceroute any web site. Hoewever, both browsers - "links" on F19 and firefox on CentOS 6.5 open only fedoraproject.org and yandex.ru. I read several manuals in particular

Why Can't I Browse the Internet when Using a GRE Tunnel? . I don't have any Cisco router on LAN ( just usual Dlink)

When I attempted :

ifconfig br-ex mtu 1400    ( on Controller physical host)
ifconfig p37p1 mtu 1400    (on Compute physical host)

Firefox on CentOS 6.5 stopped working at all. I cannot touch outgoing Dlink Router and change MTU on it. I believe it has to be done on all devices of my LAN. It seems to me that neutron router-create should be taken care of GRE as well

 At the same time "yum -y update" & "yum -y install" works on both instances switching quickly between different mirrors  in case of slow response . It means RH mirrors are ready for GRE tunneling

How to surf internet via Neutron GRE tunnel (Fedora 20) ?

Setup described here in details it follows Kashyap links http://kashyapc.fedorapeople.org/virt/openstack/neutron-configs-GRE-OVS-two-node.txt and http://kashyapc.fedorapeople.org/virt/openstack/Two-node-Havana-setup.txt but done for real boxes ( not virtual machines and on non-libvirt subnet)subnet )

[root@dfw02 ~(keystone_admin)]$ neutron net-show 780ce2f3-2e6e-4881-bbac-857813f9a8e0
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| id                        | 780ce2f3-2e6e-4881-bbac-857813f9a8e0 |
| name                      | ext                                  |
| provider:network_type     | gre                                  |
| provider:physical_network |                                      |
| provider:segmentation_id  | 1                                    |
| router:external           | True                                 |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   | f30e5a16-a055-4388-a6ea-91ee142efc3d |
| tenant_id                 | 04ebe929a2a34557af21b6a735986278     |
+---------------------------+--------------------------------------+
[root@dfw02 ~(keystone_admin)]$ neutron net-show 1eea88bb-4952-4aa4-9148-18b61c22d5b7
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| id                        | 1eea88bb-4952-4aa4-9148-18b61c22d5b7 |
| name                      | int                                  |
| provider:network_type     | gre                                  |
| provider:physical_network |                                      |
| provider:segmentation_id  | 2                                    |
| router:external           | False                                |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   | fa930cea-3d51-4cbe-a305-579f12aa53c0 |
| tenant_id                 | d0a0acfdb62b4cc8a2bfa8d6a08bb62f     |
+---------------------------+--------------------------------------+
[root@dfw02 ~(keystone_admin)]$ neutron router-list
+--------------------------------------+---------+-----------------------------------------------------------------------------+
| id                                   | name    | external_gateway_info                                                       |
+--------------------------------------+---------+-----------------------------------------------------------------------------+
| bf360d81-79fb-4636-8241-0a843f228fc8 | router1 | {"network_id": "780ce2f3-2e6e-4881-bbac-857813f9a8e0", "enable_snat": true} |
+--------------------------------------+---------+-----------------------------------------------------------------------------+
[root@dfw02 ~(keystone_admin)]$ neutron router-show  bf360d81-79fb-4636-8241-0a843f228fc8
+-----------------------+-----------------------------------------------------------------------------+
| Field                 | Value                                                                       |
+-----------------------+-----------------------------------------------------------------------------+
| admin_state_up        | True                                                                        |
| external_gateway_info | {"network_id": "780ce2f3-2e6e-4881-bbac-857813f9a8e0", "enable_snat": true} |
| id                    | bf360d81-79fb-4636-8241-0a843f228fc8                                        |
| name                  | router1                                                                     |
| routes                |                                                                             |
| status                | ACTIVE                                                                      |
| tenant_id             | d0a0acfdb62b4cc8a2bfa8d6a08bb62f                                            |
+-----------------------+-----------------------------------------------------------------------------+

I have two instances on Physical Compute node F19 (text) and CentOS 6.5 (Gnome desktop) I can ping and traceroute any web site. Hoewever, both browsers - "links" on F19 and firefox on CentOS 6.5 open only fedoraproject.org and yandex.ru. I read several manuals in particular

Why Can't I Browse the Internet when Using a GRE Tunnel? . I don't have any Cisco router on LAN ( just usual Dlink)

When I attempted :

ifconfig br-ex mtu 1400    ( on Controller physical host)
ifconfig p37p1 mtu 1400    (on Compute physical host)

Firefox on CentOS 6.5 stopped working at all. I cannot touch outgoing Dlink Router and change MTU on it. I believe it has to be done on all devices of my LAN. It seems to me that neutron router-create should be taken care of GRE as well

 At the same time "yum -y update" & "yum -y install" works on both instances switching quickly between different mirrors  in case of slow response . It means RH mirrors are ready for GRE tunneling

How to surf internet via Neutron GRE tunnel (Fedora 20) ?

Setup described here in details it follows Kashyap links http://kashyapc.fedorapeople.org/virt/openstack/neutron-configs-GRE-OVS-two-node.txt and http://kashyapc.fedorapeople.org/virt/openstack/Two-node-Havana-setup.txt but done for real boxes ( not virtual machines and on non-libvirt subnet )

[root@dfw02 ~(keystone_admin)]$ neutron net-show 780ce2f3-2e6e-4881-bbac-857813f9a8e0
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| id                        | 780ce2f3-2e6e-4881-bbac-857813f9a8e0 |
| name                      | ext                                  |
| provider:network_type     | gre                                  |
| provider:physical_network |                                      |
| provider:segmentation_id  | 1                                    |
| router:external           | True                                 |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   | f30e5a16-a055-4388-a6ea-91ee142efc3d |
| tenant_id                 | 04ebe929a2a34557af21b6a735986278     |
+---------------------------+--------------------------------------+
[root@dfw02 ~(keystone_admin)]$ neutron net-show 1eea88bb-4952-4aa4-9148-18b61c22d5b7
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| id                        | 1eea88bb-4952-4aa4-9148-18b61c22d5b7 |
| name                      | int                                  |
| provider:network_type     | gre                                  |
| provider:physical_network |                                      |
| provider:segmentation_id  | 2                                    |
| router:external           | False                                |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   | fa930cea-3d51-4cbe-a305-579f12aa53c0 |
| tenant_id                 | d0a0acfdb62b4cc8a2bfa8d6a08bb62f     |
+---------------------------+--------------------------------------+
[root@dfw02 ~(keystone_admin)]$ neutron router-list
+--------------------------------------+---------+-----------------------------------------------------------------------------+
| id                                   | name    | external_gateway_info                                                       |
+--------------------------------------+---------+-----------------------------------------------------------------------------+
| bf360d81-79fb-4636-8241-0a843f228fc8 | router1 | {"network_id": "780ce2f3-2e6e-4881-bbac-857813f9a8e0", "enable_snat": true} |
+--------------------------------------+---------+-----------------------------------------------------------------------------+
[root@dfw02 ~(keystone_admin)]$ neutron router-show  bf360d81-79fb-4636-8241-0a843f228fc8
+-----------------------+-----------------------------------------------------------------------------+
| Field                 | Value                                                                       |
+-----------------------+-----------------------------------------------------------------------------+
| admin_state_up        | True                                                                        |
| external_gateway_info | {"network_id": "780ce2f3-2e6e-4881-bbac-857813f9a8e0", "enable_snat": true} |
| id                    | bf360d81-79fb-4636-8241-0a843f228fc8                                        |
| name                  | router1                                                                     |
| routes                |                                                                             |
| status                | ACTIVE                                                                      |
| tenant_id             | d0a0acfdb62b4cc8a2bfa8d6a08bb62f                                            |
+-----------------------+-----------------------------------------------------------------------------+

I have two instances on Physical Compute node F19 (text) and CentOS 6.5 (Gnome desktop) I can ping and traceroute any web site. Hoewever, both browsers - "links" on F19 and firefox on CentOS 6.5 open only fedoraproject.org and yandex.ru. I read several manuals in particular

Why Can't I Browse the Internet when Using a GRE Tunnel? . I don't have any Cisco router on LAN ( just usual Dlink)

When I attempted :

ifconfig br-ex mtu 1400    ( on Controller physical host)
ifconfig p37p1 mtu 1400    (on Compute physical host)

Firefox on CentOS 6.5 stopped working at all. I cannot touch outgoing Dlink Router and change MTU on it. I believe it has to be done on all devices of my LAN. It seems to me that neutron router-create should be taken care of GRE as well

 At the same time "yum -y update" & "yum -y install" works on both instances switching quickly between different mirrors  in case of slow response . It means RH mirrors are ready for GRE tunneling
tunneling 

As far as I understand `ip tcp adjust-mss 1400` would work only on Cisco router.