Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Openvswitch VLAN tagged external uplink

Hello,

We have a OpenStack environment with 4 compute nodes and 2 network nodes. All of them is running CentOS with OpenStack Juno.

We use GRE for tunnels with tenant networks (tenant_network_types=gre). What we want to do is have VLAN tagged uplinks for our external network (that goes up to our external production routers).

This is what I currently have, but I have some questions because it's not working correctly. The VLAN we want to use for external uplink is 2652. Bond1 is the CentOS bond of physical 10gbit interface p2p1 and p2p2.

/etc/neutron/plugin.ini

[ml2]
type_drivers = vlan,gre,flat
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_vlan]
network_vlan_ranges = external:2652:2654
[ovs]
local_ip = 192.168.108.52
enable_tunneling = True
network_vlan_ranges = external:2652:2654
bridge_mappings = external:br-ex

br-ex

Bridge br-ex
        Port patch-to-br-uplink
            Interface patch-to-br-uplink
                type: patch
                options: {peer=patch-to-br-ex}
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port "qg-e104cb7c-e2"
            Interface "qg-e104cb7c-e2"
                type: internal
        Port br-ex
            Interface br-ex
                type: internal

br-uplink

Bridge br-uplink
        Port patch-to-br-ex
            Interface patch-to-br-ex
                type: patch
                options: {peer=patch-to-br-uplink}
        Port "bond1"
            trunks: [2652]
            Interface "bond1"
        Port br-uplink
            Interface br-uplink
                type: internal

Created with commands like this:

ovs-vsctl add-br br-ex
ovs-vsctl add-br br-uplink
ovs-vsctl add-port br-uplink bond1
ovs-vsctl set port bond1 vlan_mode=trunk trunk=2652
ovs-vsctl add-port br-ex patch-to-br-uplink
ovs-vsctl add-port br-uplink patch-to-br-ex
ovs-vsctrl set interface patch-to-br-uplink type=patch options:peer=patch-to-br-ex
ovs-vsctl set interface patch-to-br-ex type=patch options:peer=patch-to-br-uplink

Do I need to set the VLAN on the patch ports or will they be trunks automatically?

To create the network in OpenStack I did the following, edit ml2 config on controller node and run command

[ml2]
type_drivers = flat,vlan,gre
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_vlan]
network_vlan_ranges = external:2652:2654

Creating the network

neutron net-create public --router:external True --provider:physical_network external --provider:network_type vlan --provider:segmentation_id 2652 --shared

net-show

[root@controller ~]# neutron net-show public
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| id                        | 9fc39c41-57eb-48d6-9240-340f7771d746 |
| name                      | public                               |
| provider:network_type     | vlan                                 |
| provider:physical_network | external                             |
| provider:segmentation_id  | 2652                                 |
| router:external           | True                                 |
| shared                    | True                                 |
| status                    | ACTIVE                               |
| subnets                   | fe11ce91-4360-4be9-9648-ba8750481c83 |
| tenant_id                 | e7b79b45a67e4dc1908a459e98da6afb     |
+---------------------------+--------------------------------------+

What am I missing? Do I need to make the patch ports between br-uplink and br-ex to trunks with VLAN 2652? Why is the gateway for my router in br-ex not tagged with VLAN 2652, should it not be? (see below)

Bridge br-ex
        Port "qg-e104cb7c-e2"
            Interface "qg-e104cb7c-e2"
                type: internal

Thanks for any help. Best regards

Openvswitch VLAN tagged external uplink

Hello,

We have a OpenStack environment with 4 compute nodes and 2 network nodes. All of them is running CentOS with OpenStack Juno.

We use GRE for tunnels with tenant networks (tenant_network_types=gre). What we want to do is have VLAN tagged uplinks for our external network (that goes up to our external production routers).

This is what I currently have, but I have some questions because it's not working correctly. The VLAN we want to use for external uplink is 2652. Bond1 is the CentOS bond of physical 10gbit interface p2p1 and p2p2.

/etc/neutron/plugin.ini

[ml2]
type_drivers = vlan,gre,flat
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_vlan]
network_vlan_ranges = external:2652:2654
[ovs]
local_ip = 192.168.108.52
enable_tunneling = True
network_vlan_ranges = external:2652:2654
bridge_mappings = external:br-ex

l3_agent.ini

[DEFAULT]
debug = False
verbose = True
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
external_network_bridge = br-ex
router_delete_namespaces = True
agent_mode = legacy

br-ex

Bridge br-ex
        Port patch-to-br-uplink
            Interface patch-to-br-uplink
                type: patch
                options: {peer=patch-to-br-ex}
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port "qg-e104cb7c-e2"
            Interface "qg-e104cb7c-e2"
                type: internal
        Port br-ex
            Interface br-ex
                type: internal

br-uplink

Bridge br-uplink
        Port patch-to-br-ex
            Interface patch-to-br-ex
                type: patch
                options: {peer=patch-to-br-uplink}
        Port "bond1"
            trunks: [2652]
            Interface "bond1"
        Port br-uplink
            Interface br-uplink
                type: internal

Created with commands like this:

ovs-vsctl add-br br-ex
ovs-vsctl add-br br-uplink
ovs-vsctl add-port br-uplink bond1
ovs-vsctl set port bond1 vlan_mode=trunk trunk=2652
ovs-vsctl add-port br-ex patch-to-br-uplink
ovs-vsctl add-port br-uplink patch-to-br-ex
ovs-vsctrl set interface patch-to-br-uplink type=patch options:peer=patch-to-br-ex
ovs-vsctl set interface patch-to-br-ex type=patch options:peer=patch-to-br-uplink

Do I need to set the VLAN on the patch ports or will they be trunks automatically?

To create the network in OpenStack I did the following, edit ml2 config on controller node and run command

[ml2]
type_drivers = flat,vlan,gre
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_vlan]
network_vlan_ranges = external:2652:2654

Creating the network

neutron net-create public --router:external True --provider:physical_network external --provider:network_type vlan --provider:segmentation_id 2652 --shared

net-show

[root@controller ~]# neutron net-show public
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| id                        | 9fc39c41-57eb-48d6-9240-340f7771d746 |
| name                      | public                               |
| provider:network_type     | vlan                                 |
| provider:physical_network | external                             |
| provider:segmentation_id  | 2652                                 |
| router:external           | True                                 |
| shared                    | True                                 |
| status                    | ACTIVE                               |
| subnets                   | fe11ce91-4360-4be9-9648-ba8750481c83 |
| tenant_id                 | e7b79b45a67e4dc1908a459e98da6afb     |
+---------------------------+--------------------------------------+

What am I missing? Do I need to make the patch ports between br-uplink and br-ex to trunks with VLAN 2652? Why is the gateway for my router in br-ex not tagged with VLAN 2652, should it not be? (see below)

Bridge br-ex
        Port "qg-e104cb7c-e2"
            Interface "qg-e104cb7c-e2"
                type: internal

Thanks for any help. Best regards