Revision history [back]

click to hide/show revision 1
initial version

second external network doesn't work with neutron dvr!

Hi,

I have an openstack installation on 7 servers: 2 controller/network nodes in HA, 3 compute nodes and 2 storage nodes. For block and ephemeral storage i use ceph as backend.

Neutron is set up in dvr mode on computes and dvr_snat on controllers. Provider network is vlan from 100 to 199.

Let's say i have 2 external networks with the following subnets 10.10.0.0/24 with vlan tag 100 and 10.10.1.0/24 with vlan tag 101.

i create the first external network from dashboard under physnet1 with vlantag 100, create the subnet without dhcp. I create a router and an internal network. Associate a port to the internal network and set gateway to the external network. Everything works as expected. The gateway port (10.10.0.2) is created on the controller that provisions snat to the vm's.

Next i boot 3 instances, one on every compute node. I associate a floating ip on the first instance, when i click add fip it gives me 10.10.0.3 and i associate it to the instance.

Another port is created as network:floatingip_agent_gateway (10.10.0.4) that i belive is the fip dvr creates for routing purposes. Add another fip gives me 10.10.0.5. Associate it to the vm running on compute2, 10.10.0.6 is created aswell as port network:floatingip_agent_gateway .

The same goes for compute3, 10.10.0.7 as intance fip and 10.10.0.8 as network:floatingip_agent_gateway . The next fips get released in order.

I create the second external network on physnet1 with vlan tag 101 and the subnet. I create another router, router2, and create a port on internal network2 and set gateway to external network2.

The gateway port gets created(10.10.1.2) and i can ping it. I create another 3 instances on every compute node. Add a fip and associate it with the first instance.

It get's associated but i dont get a network:floatingip_agent_gateway port. I can't ping it.

The error i get at l3_agent.log on the compute node is :

2015-04-02 13:54:30.913 4302 ERROR neutron.agent.linux.utils [-]
Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'qrouter-1a4b9fb4-85bf-4788-a5db-2adbe586635e', 'ip', 'addr', 'show', 'rfp-1a4b9fb4-8']
Exit code: 1
Stdout: ''
Stderr: 'Device "rfp-1a4b9fb4-8" does not exist.\n'
2015-04-02 13:55:45.981 4302 ERROR neutron.agent.linux.utils [-]
Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'qrouter-1a4b9fb4-85bf-4788-a5db-2adbe586635e', 'ip', 'addr', 'show', 'rfp-1a4b9fb4-8']
Exit code: 1
Stdout: ''
Stderr: 'Device "rfp-1a4b9fb4-8" does not exist.\n'
2015-04-02 13:55:47.026 4302 ERROR neutron.agent.linux.utils [-]
Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'qrouter-1a4b9fb4-85bf-4788-a5db-2adbe586635e', 'ip', 'addr', 'show', 'rfp-1a4b9fb4-8']
Exit code: 1
Stdout: ''
Stderr: 'Device "rfp-1a4b9fb4-8" does not exist.\n'
2015-04-02 13:56:39.011 4302 ERROR neutron.agent.linux.utils [-]
Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'fip-3cdb714e-0964-4e0b-bf4f-18822222d2b4', 'ip', '-4', 'addr', 'add', '5.154.188.67/32'$
Exit code: 1
Stdout: ''
Stderr: 'Cannot find device "fg-3e24fc88-b3"\n'

If i restart the l3_agent on the compute node, it picks up network:floatingip_agent_gateway port as it should, but device owner is the same as the port on the first external network.

Shouldn't it create another router, so the network:floatingip_agent_gateway port has another device owner?

Also, why does the network:floatingip_agent_gateway port get created only after i restart the l3_agent and why does it have the same device owner as the one in the first external network?

Here are my config files:

Controller:

neutron.conf

[DEFAULT]
verbose = True
router_distributed = True
lock_path = $state_path/lock
core_plugin = ml2
service_plugins = router,vpnaas,metering,firewall
auth_strategy = keystone
dvr_base_mac = fa:16:3f:00:00:00
allow_overlapping_ips = True
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
nova_url = http://haproxy:8774/v2
nova_region_name = regionOne
nova_admin_username = nova
nova_admin_tenant_id = 06461ba3794c4c25a5cdab12f7447785
nova_admin_password = nova32070624
nova_admin_auth_url = http://haproxy:35357/v2.0
rabbit_hosts=controller1:5672,controller2:5672
rabbit_password=rabbit32070624
rabbit_retry_interval=1
rabbit_retry_backoff=2
rabbit_max_retries=0
rabbit_ha_queues=true
rpc_backend=rabbit
[matchmaker_redis]
[matchmaker_ring]
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://haproxy:5000/v2.0
identity_uri = http://haproxy:35357
admin_tenant_name = service
admin_user = neutron
admin_password = neutron32070624
[database]
connection = mysql://neutron:8792cec676bc41513baa@mysqlvip/neutron
[fwaas]
driver = neutron.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver
enabled = True
[service_providers]
service_provider=LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
service_provider=VPN:openswan:neutron.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default
service_provider = FIREWALL:Iptables:neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver:default

l3_agent.ini

[DEFAULT]
verbose = True
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
gateway_external_network_id =
external_network_bridge =
router_delete_namespaces = True
agent_mode = dvr_snat

ml2_conf.ini

[ml2]
type_drivers = flat,vxlan,gre,vlan
tenant_network_types = vxlan,gre
mechanism_drivers = openvswitch,l2population
[ml2_type_flat]
flat_networks = *
[ml2_type_vlan]
network_vlan_ranges = physnet1:100:199
[ml2_type_gre]
[ml2_type_vxlan]
vni_ranges = 1001:5000
vxlan_group = 239.1.1.1
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 10.10.1.11
tunnel_type = vxlan
enable_tunneling = True
network_vlan_ranges = physnet1:100:199
bridge_mappings = physnet1:br-vlan
[agent]
tunnel_types = vxlan
l2_population = True
enable_distributed_routing = True
arp_responder = True

Compute:

neutron.conf

[DEFAULT]
verbose = True
lock_path = $state_path/lock
core_plugin = ml2
service_plugins = router,vpnaas,metering,firewall
auth_strategy = keystone
allow_overlapping_ips = True
rabbit_hosts=controller1:5672,controller2:5672
rabbit_password=rabbit32070624
rabbit_retry_interval=1
rabbit_retry_backoff=2
rabbit_max_retries=0
rabbit_ha_queues=true
rpc_backend=rabbit
[matchmaker_redis]
[matchmaker_ring]
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://haproxy:5000/v2.0
identity_uri = http://haproxy:35357
admin_tenant_name = service
admin_user = neutron
admin_password = neutron32070624
[database]
connection = sqlite:////var/lib/neutron/neutron.sqlite
[fwaas]
driver = neutron.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDri                                                                                                             ver
enabled = True
[service_providers]
service_provider=LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.hapr                                                                                                             oxy.plugin_driver.HaproxyOnHostPluginDriver:default
service_provider=VPN:openswan:neutron.services.vpn.service_drivers.ipsec.IPsecVP                                                                                                             NDriver:default
service_provider = FIREWALL:Iptables:neutron.agent.linux.iptables_firewall.OVSHy                                                                                                             bridIptablesFirewallDriver:default

l3_agent.ini

[DEFAULT]
verbose = True
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
gateway_external_network_id =
external_network_bridge =
router_delete_namespaces = True
agent_mode = dvr

ml2_conf.ini

[ml2]
type_drivers = flat,vxlan,gre,vlan
tenant_network_types = vxlan,gre
mechanism_drivers = openvswitch,l2population
[ml2_type_flat]
flat_networks = *
[ml2_type_vlan]
network_vlan_ranges = physnet1:100:199
[ml2_type_gre]
[ml2_type_vxlan]
vni_ranges = 1001:5000
vxlan_group = 239.1.1.1
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 10.10.1.31
tunnel_type = vxlan
enable_tunneling = True
network_vlan_ranges = physnet1:100:199
bridge_mappings = physnet1:br-vlan
[agent]
tunnel_types = vxlan
l2_population = True
enable_distributed_routing = True

second external network doesn't work with neutron dvr!

Hi,

I have an openstack installation on 7 servers: 2 controller/network nodes in HA, 3 compute nodes and 2 storage nodes. For block and ephemeral storage i use ceph as backend.

Neutron is set up in dvr mode on computes and dvr_snat on controllers. Provider network is vlan from 100 to 199.

Let's say i have 2 external networks with the following subnets 10.10.0.0/24 with vlan tag 100 and 10.10.1.0/24 with vlan tag 101.

i create the first external network from dashboard under physnet1 with vlantag 100, create the subnet without dhcp. I create a router and an internal network. Associate a port to the internal network and set gateway to the external network. Everything works as expected. The gateway port (10.10.0.2) is created on the controller that provisions snat to the vm's.

Next i boot 3 instances, one on every compute node. I associate a floating ip on the first instance, when i click add fip it gives me 10.10.0.3 and i associate it to the instance.

Another port is created as network:floatingip_agent_gateway (10.10.0.4) that i belive is the fip dvr creates for routing purposes. Add another fip gives me 10.10.0.5. Associate it to the vm running on compute2, 10.10.0.6 is created aswell as port network:floatingip_agent_gateway .

The same goes for compute3, 10.10.0.7 as intance fip and 10.10.0.8 as network:floatingip_agent_gateway . The next fips get released in order.

I create the second external network on physnet1 with vlan tag 101 and the subnet. I create another router, router2, and create a port on internal network2 and set gateway to external network2.

The gateway port gets created(10.10.1.2) and i can ping it. I create another 3 instances on every compute node. Add a fip and associate it with the first instance.

It get's associated but i dont get a network:floatingip_agent_gateway port. I can't ping it.

The error i get at l3_agent.log on the compute node is :

2015-04-02 13:54:30.913 4302 ERROR neutron.agent.linux.utils [-]
Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'qrouter-1a4b9fb4-85bf-4788-a5db-2adbe586635e', 'ip', 'addr', 'show', 'rfp-1a4b9fb4-8']
Exit code: 1
Stdout: ''
Stderr: 'Device "rfp-1a4b9fb4-8" does not exist.\n'
2015-04-02 13:55:45.981 4302 ERROR neutron.agent.linux.utils [-]
Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'qrouter-1a4b9fb4-85bf-4788-a5db-2adbe586635e', 'ip', 'addr', 'show', 'rfp-1a4b9fb4-8']
Exit code: 1
Stdout: ''
Stderr: 'Device "rfp-1a4b9fb4-8" does not exist.\n'
2015-04-02 13:55:47.026 4302 ERROR neutron.agent.linux.utils [-]
Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'qrouter-1a4b9fb4-85bf-4788-a5db-2adbe586635e', 'ip', 'addr', 'show', 'rfp-1a4b9fb4-8']
Exit code: 1
Stdout: ''
Stderr: 'Device "rfp-1a4b9fb4-8" does not exist.\n'
2015-04-02 13:56:39.011 4302 ERROR neutron.agent.linux.utils [-]
Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'fip-3cdb714e-0964-4e0b-bf4f-18822222d2b4', 'ip', '-4', 'addr', 'add', '5.154.188.67/32'$
Exit code: 1
Stdout: ''
Stderr: 'Cannot find device "fg-3e24fc88-b3"\n'

If i restart the l3_agent on the compute node, it picks up network:floatingip_agent_gateway port as it should, but device owner should.

My thought is the same as the port on the first external network.

Shouldn't it create another router, so the network:floatingip_agent_gateway port has another device owner?

Also, why does the network:floatingip_agent_gateway port that l3-agent doesn't get created only after i restart the l3_agent and why does it have the same device owner as the one in the first external network? updated!

Here are my config files:

Controller:

neutron.conf

[DEFAULT]
verbose = True
router_distributed = True
lock_path = $state_path/lock
core_plugin = ml2
service_plugins = router,vpnaas,metering,firewall
auth_strategy = keystone
dvr_base_mac = fa:16:3f:00:00:00
allow_overlapping_ips = True
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
nova_url = http://haproxy:8774/v2
nova_region_name = regionOne
nova_admin_username = nova
nova_admin_tenant_id = 06461ba3794c4c25a5cdab12f7447785
nova_admin_password = nova32070624
nova_admin_auth_url = http://haproxy:35357/v2.0
rabbit_hosts=controller1:5672,controller2:5672
rabbit_password=rabbit32070624
rabbit_retry_interval=1
rabbit_retry_backoff=2
rabbit_max_retries=0
rabbit_ha_queues=true
rpc_backend=rabbit
[matchmaker_redis]
[matchmaker_ring]
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://haproxy:5000/v2.0
identity_uri = http://haproxy:35357
admin_tenant_name = service
admin_user = neutron
admin_password = neutron32070624
[database]
connection = mysql://neutron:8792cec676bc41513baa@mysqlvip/neutron
[fwaas]
driver = neutron.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver
enabled = True
[service_providers]
service_provider=LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
service_provider=VPN:openswan:neutron.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default
service_provider = FIREWALL:Iptables:neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver:default

l3_agent.ini

[DEFAULT]
verbose = True
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
gateway_external_network_id =
external_network_bridge =
router_delete_namespaces = True
agent_mode = dvr_snat

ml2_conf.ini

[ml2]
type_drivers = flat,vxlan,gre,vlan
tenant_network_types = vxlan,gre
mechanism_drivers = openvswitch,l2population
[ml2_type_flat]
flat_networks = *
[ml2_type_vlan]
network_vlan_ranges = physnet1:100:199
[ml2_type_gre]
[ml2_type_vxlan]
vni_ranges = 1001:5000
vxlan_group = 239.1.1.1
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 10.10.1.11
tunnel_type = vxlan
enable_tunneling = True
network_vlan_ranges = physnet1:100:199
bridge_mappings = physnet1:br-vlan
[agent]
tunnel_types = vxlan
l2_population = True
enable_distributed_routing = True
arp_responder = True

Compute:

neutron.conf

[DEFAULT]
verbose = True
lock_path = $state_path/lock
core_plugin = ml2
service_plugins = router,vpnaas,metering,firewall
auth_strategy = keystone
allow_overlapping_ips = True
rabbit_hosts=controller1:5672,controller2:5672
rabbit_password=rabbit32070624
rabbit_retry_interval=1
rabbit_retry_backoff=2
rabbit_max_retries=0
rabbit_ha_queues=true
rpc_backend=rabbit
[matchmaker_redis]
[matchmaker_ring]
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://haproxy:5000/v2.0
identity_uri = http://haproxy:35357
admin_tenant_name = service
admin_user = neutron
admin_password = neutron32070624
[database]
connection = sqlite:////var/lib/neutron/neutron.sqlite
[fwaas]
driver = neutron.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDri                                                                                                             ver
enabled = True
[service_providers]
service_provider=LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.hapr                                                                                                             oxy.plugin_driver.HaproxyOnHostPluginDriver:default
service_provider=VPN:openswan:neutron.services.vpn.service_drivers.ipsec.IPsecVP                                                                                                             NDriver:default
service_provider = FIREWALL:Iptables:neutron.agent.linux.iptables_firewall.OVSHy                                                                                                             bridIptablesFirewallDriver:default

l3_agent.ini

[DEFAULT]
verbose = True
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
gateway_external_network_id =
external_network_bridge =
router_delete_namespaces = True
agent_mode = dvr

ml2_conf.ini

[ml2]
type_drivers = flat,vxlan,gre,vlan
tenant_network_types = vxlan,gre
mechanism_drivers = openvswitch,l2population
[ml2_type_flat]
flat_networks = *
[ml2_type_vlan]
network_vlan_ranges = physnet1:100:199
[ml2_type_gre]
[ml2_type_vxlan]
vni_ranges = 1001:5000
vxlan_group = 239.1.1.1
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 10.10.1.31
tunnel_type = vxlan
enable_tunneling = True
network_vlan_ranges = physnet1:100:199
bridge_mappings = physnet1:br-vlan
[agent]
tunnel_types = vxlan
l2_population = True
enable_distributed_routing = True

second external network doesn't work with neutron dvr!

Hi,

I have an openstack installation on 7 servers: 2 controller/network nodes in HA, 3 compute nodes and 2 storage nodes. For block and ephemeral storage i use ceph as backend.

Neutron is set up in dvr mode on computes and dvr_snat on controllers. Provider network is vlan from 100 to 199.

Let's say i have 2 external networks with the following subnets 10.10.0.0/24 with vlan tag 100 and 10.10.1.0/24 with vlan tag 101.

i create the first external network from dashboard under physnet1 with vlantag 100, create the subnet without dhcp. I create a router and an internal network. Associate a port to the internal network and set gateway to the external network. Everything works as expected. The gateway port (10.10.0.2) is created on the controller that provisions snat to the vm's.

Next i boot 3 instances, one on every compute node. I associate a floating ip on the first instance, when i click add fip it gives me 10.10.0.3 and i associate it to the instance.

Another port is created as network:floatingip_agent_gateway (10.10.0.4) that i belive is the fip dvr creates for routing purposes. Add another fip gives me 10.10.0.5. Associate it to the vm running on compute2, 10.10.0.6 is created aswell as port network:floatingip_agent_gateway .

The same goes for compute3, 10.10.0.7 as intance fip and 10.10.0.8 as network:floatingip_agent_gateway . The next fips get released in order.

I create the second external network on physnet1 with vlan tag 101 and the subnet. I create another router, router2, and create a port on internal network2 and set gateway to external network2.

The gateway port gets created(10.10.1.2) and i can ping it. I create another 3 instances on every compute node. Add a fip and associate it with the first instance.

It get's associated but i dont get a network:floatingip_agent_gateway port. I can't ping it.

The error i get at l3_agent.log on the compute node is :

2015-04-02 13:54:30.913 4302 ERROR neutron.agent.linux.utils [-]
Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'qrouter-1a4b9fb4-85bf-4788-a5db-2adbe586635e', 'ip', 'addr', 'show', 'rfp-1a4b9fb4-8']
Exit code: 1
Stdout: ''
Stderr: 'Device "rfp-1a4b9fb4-8" does not exist.\n'
2015-04-02 13:55:45.981 4302 ERROR neutron.agent.linux.utils [-]
Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'qrouter-1a4b9fb4-85bf-4788-a5db-2adbe586635e', 'ip', 'addr', 'show', 'rfp-1a4b9fb4-8']
Exit code: 1
Stdout: ''
Stderr: 'Device "rfp-1a4b9fb4-8" does not exist.\n'
2015-04-02 13:55:47.026 4302 ERROR neutron.agent.linux.utils [-]
Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'qrouter-1a4b9fb4-85bf-4788-a5db-2adbe586635e', 'ip', 'addr', 'show', 'rfp-1a4b9fb4-8']
Exit code: 1
Stdout: ''
Stderr: 'Device "rfp-1a4b9fb4-8" does not exist.\n'
2015-04-02 13:56:39.011 4302 ERROR neutron.agent.linux.utils [-]
Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'fip-3cdb714e-0964-4e0b-bf4f-18822222d2b4', 'ip', '-4', 'addr', 'add', '5.154.188.67/32'$
Exit code: 1
Stdout: ''
Stderr: 'Cannot find device "fg-3e24fc88-b3"\n'

If i restart the l3_agent on the compute node, it picks up network:floatingip_agent_gateway port as it should.

My thought is that l3-agent doesn't get updated!

Here are my config files:

Controller:

neutron.conf

[DEFAULT]
verbose = True
router_distributed = True
lock_path = $state_path/lock
core_plugin = ml2
service_plugins = router,vpnaas,metering,firewall
auth_strategy = keystone
dvr_base_mac = fa:16:3f:00:00:00
allow_overlapping_ips = True
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
nova_url = http://haproxy:8774/v2
nova_region_name = regionOne
nova_admin_username = nova
nova_admin_tenant_id = 06461ba3794c4c25a5cdab12f7447785
nova_admin_password = nova32070624
nova_admin_auth_url = http://haproxy:35357/v2.0
rabbit_hosts=controller1:5672,controller2:5672
rabbit_password=rabbit32070624
rabbit_retry_interval=1
rabbit_retry_backoff=2
rabbit_max_retries=0
rabbit_ha_queues=true
rpc_backend=rabbit
[matchmaker_redis]
[matchmaker_ring]
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://haproxy:5000/v2.0
identity_uri = http://haproxy:35357
admin_tenant_name = service
admin_user = neutron
admin_password = neutron32070624
[database]
connection = mysql://neutron:8792cec676bc41513baa@mysqlvip/neutron
[fwaas]
driver = neutron.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver
enabled = True
[service_providers]
service_provider=LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
service_provider=VPN:openswan:neutron.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default
service_provider = FIREWALL:Iptables:neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver:default

l3_agent.ini

[DEFAULT]
verbose = True
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
gateway_external_network_id =
external_network_bridge =
router_delete_namespaces = True
agent_mode = dvr_snat

ml2_conf.ini

[ml2]
type_drivers = flat,vxlan,gre,vlan
tenant_network_types = vxlan,gre
mechanism_drivers = openvswitch,l2population
[ml2_type_flat]
flat_networks = *
[ml2_type_vlan]
network_vlan_ranges = physnet1:100:199
[ml2_type_gre]
[ml2_type_vxlan]
vni_ranges = 1001:5000
vxlan_group = 239.1.1.1
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 10.10.1.11
tunnel_type = vxlan
enable_tunneling = True
network_vlan_ranges = physnet1:100:199
bridge_mappings = physnet1:br-vlan
[agent]
tunnel_types = vxlan
l2_population = True
enable_distributed_routing = True
arp_responder = True

Compute:

neutron.conf

[DEFAULT]
verbose = True
lock_path = $state_path/lock
core_plugin = ml2
service_plugins = router,vpnaas,metering,firewall
auth_strategy = keystone
allow_overlapping_ips = True
rabbit_hosts=controller1:5672,controller2:5672
rabbit_password=rabbit32070624
rabbit_retry_interval=1
rabbit_retry_backoff=2
rabbit_max_retries=0
rabbit_ha_queues=true
rpc_backend=rabbit
[matchmaker_redis]
[matchmaker_ring]
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://haproxy:5000/v2.0
identity_uri = http://haproxy:35357
admin_tenant_name = service
admin_user = neutron
admin_password = neutron32070624
[database]
connection = sqlite:////var/lib/neutron/neutron.sqlite
[fwaas]
driver = neutron.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDri                                                                                                             ver
enabled = True
[service_providers]
service_provider=LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.hapr                                                                                                             oxy.plugin_driver.HaproxyOnHostPluginDriver:default
service_provider=VPN:openswan:neutron.services.vpn.service_drivers.ipsec.IPsecVP                                                                                                             NDriver:default
service_provider = FIREWALL:Iptables:neutron.agent.linux.iptables_firewall.OVSHy                                                                                                             bridIptablesFirewallDriver:default

l3_agent.ini

[DEFAULT]
verbose = True
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
gateway_external_network_id =
external_network_bridge =
router_delete_namespaces = True
agent_mode = dvr

ml2_conf.ini

[ml2]
type_drivers = flat,vxlan,gre,vlan
tenant_network_types = vxlan,gre
mechanism_drivers = openvswitch,l2population
[ml2_type_flat]
flat_networks = *
[ml2_type_vlan]
network_vlan_ranges = physnet1:100:199
[ml2_type_gre]
[ml2_type_vxlan]
vni_ranges = 1001:5000
vxlan_group = 239.1.1.1
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 10.10.1.31
tunnel_type = vxlan
enable_tunneling = True
network_vlan_ranges = physnet1:100:199
bridge_mappings = physnet1:br-vlan
[agent]
tunnel_types = vxlan
l2_population = True
enable_distributed_routing = True

UPDATE:

I installed kilo and now it all works as it should! Closing the thread!