Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

neutron router gateway can't be ping through except on network node

i installed openstack kilo on unbutn 1 controller+1netwrok +2 compute by following ubuntu kilo install guide.

everythis is ok ,then created a the external network ,its subnet and a router ,Attached the router to the external network by setting it as the gateway. the tenant router gateway IP can only be ping through from network.

1: /etc/neutron/neutron.conf [DEFAULT] verbose = True rpc_backend = rabbit auth_strategy = keystone core_plugin = ml2 service_plugins = router,lbaas allow_overlapping_ips = True core_plugin = ml2 [matchmaker_redis] [matchmaker_ring] [quotas] [agent] root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:35357 auth_plugin = password project_domain_id = default user_domain_id = default project_name = service username = neutron password = admin [database] [nova] [oslo_concurrency] lock_path = $state_path/lock [oslo_policy] [oslo_messaging_amqp] [oslo_messaging_qpid] [oslo_messaging_rabbit] rabbit_host = controller rabbit_userid = openstack rabbit_password = admin

2: /etc/neutron/plugins/ml2/ml2_conf.ini [ml2] type_drivers = flat,vlan,gre,vxlan tenant_network_types = gre mechanism_drivers = openvswitch [ml2_type_flat] flat_networks = external [ml2_type_vlan] [ml2_type_gre] tunnel_id_ranges = 1:1000 [ml2_type_vxlan] [securitygroup] enable_security_group = True enable_ipset = True firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver [ovs] local_ip = 10.0.1.21 bridge_mappings = external:br-ex [agent] tunnel_types = gre

3: ovs-vsctl show 6786d85c-0346-48b1-9f38-2d1e0869a189 Bridge br-tun fail_mode: secure Port "gre-0a000129" Interface "gre-0a000129" type: gre options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.41"} Port "gre-0a00011f" Interface "gre-0a00011f" type: gre options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.31"} Port br-tun Interface br-tun type: internal Port patch-int Interface patch-int type: patch options: {peer=patch-tun} Bridge br-ex Port "eth0" Interface "eth0" Port phy-br-ex Interface phy-br-ex type: patch options: {peer=int-br-ex} Port br-ex Interface br-ex type: internal Bridge br-int fail_mode: secure Port patch-tun Interface patch-tun type: patch options: {peer=patch-int} Port "qg-c8d02166-aa" tag: 2 Interface "qg-c8d02166-aa" type: internal Port "tap9cf77d45-ea" tag: 1 Interface "tap9cf77d45-ea" type: internal Port br-int Interface br-int type: internal Port int-br-ex Interface int-br-ex type: patch options: {peer=phy-br-ex} Port "qr-d899e95e-14" tag: 1 Interface "qr-d899e95e-14" type: internal ovs_version: "2.3.1"

neutron router gateway can't be ping through except on network node

i installed openstack kilo on unbutn 1 controller+1netwrok +2 compute by following ubuntu kilo install guide.

everythis is ok ,then created a the external network ,its subnet and a router ,Attached the router to the external network by setting it as the gateway. the tenant router gateway IP can only be ping through from network.

1: /etc/neutron/neutron.conf /etc/neutron/neutron.conf

  [DEFAULT]
verbose = True
rpc_backend = rabbit
auth_strategy = keystone
core_plugin = ml2
service_plugins = router,lbaas
allow_overlapping_ips = True
core_plugin = ml2
[matchmaker_redis]
[matchmaker_ring]
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = admin
[database]
[nova]
[oslo_concurrency]
lock_path = $state_path/lock
[oslo_policy]
[oslo_messaging_amqp]
[oslo_messaging_qpid]
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = admin

admin

2: /etc/neutron/plugins/ml2/ml2_conf.ini [ml2] type_drivers = flat,vlan,gre,vxlan tenant_network_types = gre mechanism_drivers = openvswitch [ml2_type_flat] flat_networks = external [ml2_type_vlan] [ml2_type_gre] tunnel_id_ranges = 1:1000 [ml2_type_vxlan] [securitygroup] enable_security_group = True enable_ipset = True firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver [ovs] local_ip = 10.0.1.21 bridge_mappings = external:br-ex [agent] tunnel_types = gre

3: ovs-vsctl show 6786d85c-0346-48b1-9f38-2d1e0869a189 Bridge br-tun fail_mode: secure Port "gre-0a000129" Interface "gre-0a000129" type: gre options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.41"} Port "gre-0a00011f" Interface "gre-0a00011f" type: gre options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.31"} Port br-tun Interface br-tun type: internal Port patch-int Interface patch-int type: patch options: {peer=patch-tun} Bridge br-ex Port "eth0" Interface "eth0" Port phy-br-ex Interface phy-br-ex type: patch options: {peer=int-br-ex} Port br-ex Interface br-ex type: internal Bridge br-int fail_mode: secure Port patch-tun Interface patch-tun type: patch options: {peer=patch-int} Port "qg-c8d02166-aa" tag: 2 Interface "qg-c8d02166-aa" type: internal Port "tap9cf77d45-ea" tag: 1 Interface "tap9cf77d45-ea" type: internal Port br-int Interface br-int type: internal Port int-br-ex Interface int-br-ex type: patch options: {peer=phy-br-ex} Port "qr-d899e95e-14" tag: 1 Interface "qr-d899e95e-14" type: internal ovs_version: "2.3.1"

neutron router gateway can't be ping through except on network node

i installed openstack kilo on unbutn 1 controller+1netwrok +2 compute by following ubuntu kilo install guide.

everythis is ok ,then created a the external network ,its subnet and a router ,Attached the router to the external network by setting it as the gateway. the tenant router gateway IP can only be ping through from network.

1: /etc/neutron/neutron.conf

 
 [DEFAULT]
verbose = True
rpc_backend = rabbit
auth_strategy = keystone
core_plugin = ml2
service_plugins = router,lbaas
allow_overlapping_ips = True
core_plugin = ml2
[matchmaker_redis]
[matchmaker_ring]
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = admin
[database]
[nova]
[oslo_concurrency]
lock_path = $state_path/lock
[oslo_policy]
[oslo_messaging_amqp]
[oslo_messaging_qpid]
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = admin

2: /etc/neutron/plugins/ml2/ml2_conf.ini

 
[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_flat]
flat_networks = external
[ml2_type_vlan]
[ml2_type_gre]
tunnel_id_ranges = 1:1000
[ml2_type_vxlan]
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 10.0.1.21
bridge_mappings = external:br-ex
[agent]
tunnel_types = gre

3:$ovs-vsctl show

 
6786d85c-0346-48b1-9f38-2d1e0869a189
    Bridge br-tun
        fail_mode: secure
        Port "gre-0a000129"
            Interface "gre-0a000129"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.41"}
        Port "gre-0a00011f"
            Interface "gre-0a00011f"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.31"}
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge br-ex
        Port "eth0"
            Interface "eth0"
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
    Bridge br-int
        fail_mode: secure
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "qg-c8d02166-aa"
            tag: 2
            Interface "qg-c8d02166-aa"
                type: internal
        Port "tap9cf77d45-ea"
            tag: 1
            Interface "tap9cf77d45-ea"
                type: internal
        Port br-int
            Interface br-int
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port "qr-d899e95e-14"
            tag: 1
            Interface "qr-d899e95e-14"
                type: internal
    ovs_version: "2.3.1"

neutron router gateway can't be ping through except on network node

i installed openstack kilo on unbutn 1 controller+1netwrok +2 compute by following ubuntu kilo install guide.

everythis is ok ,then created a the external network ,its subnet and a router ,Attached the router to the external network by setting it as the gateway. the tenant router gateway IP can only be ping through from network.

1: /etc/neutron/neutron.conf

 
 [DEFAULT]
verbose = True
rpc_backend = rabbit
auth_strategy = keystone
core_plugin = ml2
service_plugins = router,lbaas
allow_overlapping_ips = True
core_plugin = ml2
[matchmaker_redis]
[matchmaker_ring]
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = admin
[database]
[nova]
[oslo_concurrency]
lock_path = $state_path/lock
[oslo_policy]
[oslo_messaging_amqp]
[oslo_messaging_qpid]
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = admin

2: /etc/neutron/plugins/ml2/ml2_conf.ini

 
[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_flat]
flat_networks = external
[ml2_type_vlan]
[ml2_type_gre]
tunnel_id_ranges = 1:1000
[ml2_type_vxlan]
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 10.0.1.21
bridge_mappings = external:br-ex
[agent]
tunnel_types = gre

3:$ovs-vsctl show

 
6786d85c-0346-48b1-9f38-2d1e0869a189
    Bridge br-tun
        fail_mode: secure
        Port "gre-0a000129"
            Interface "gre-0a000129"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.41"}
        Port "gre-0a00011f"
            Interface "gre-0a00011f"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.31"}
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge br-ex
        Port "eth0"
            Interface "eth0"
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
    Bridge br-int
        fail_mode: secure
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "qg-c8d02166-aa"
            tag: 2
            Interface "qg-c8d02166-aa"
                type: internal
        Port "tap9cf77d45-ea"
            tag: 1
            Interface "tap9cf77d45-ea"
                type: internal
        Port br-int
            Interface br-int
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port "qr-d899e95e-14"
            tag: 1
            Interface "qr-d899e95e-14"
                type: internal
    ovs_version: "2.3.1"

4: ip netns


qdhcp-a00e6369-bdaa-4850-8051-0e2ffec4a109
qrouter-a49bbd0e-970e-4b9f-bccb-bef6337c87d9

neutron router gateway can't be ping through except on network node

i installed openstack kilo on unbutn with 1 controller+1netwrok controller+1network +2 compute by following ubuntu kilo install guide.

everythis all is ok ,then created a unless go to create the external flat network ,its subnet and a router ,Attached the router to the external network by setting it as the gateway. the tenant router gateway IP can only be ping through from network.

1: /etc/neutron/neutron.conf

 
 [DEFAULT]
verbose = True
rpc_backend = rabbit
auth_strategy = keystone
core_plugin = ml2
service_plugins = router,lbaas
allow_overlapping_ips = True
core_plugin = ml2
[matchmaker_redis]
[matchmaker_ring]
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = admin
[database]
[nova]
[oslo_concurrency]
lock_path = $state_path/lock
[oslo_policy]
[oslo_messaging_amqp]
[oslo_messaging_qpid]
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = admin

2: /etc/neutron/plugins/ml2/ml2_conf.ini

 
[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_flat]
flat_networks = external
[ml2_type_vlan]
[ml2_type_gre]
tunnel_id_ranges = 1:1000
[ml2_type_vxlan]
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 10.0.1.21
bridge_mappings = external:br-ex
[agent]
tunnel_types = gre

3:$ovs-vsctl show

 
6786d85c-0346-48b1-9f38-2d1e0869a189
    Bridge br-tun
        fail_mode: secure
        Port "gre-0a000129"
            Interface "gre-0a000129"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.41"}
        Port "gre-0a00011f"
            Interface "gre-0a00011f"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.31"}
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge br-ex
        Port "eth0"
            Interface "eth0"
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
    Bridge br-int
        fail_mode: secure
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "qg-c8d02166-aa"
            tag: 2
            Interface "qg-c8d02166-aa"
                type: internal
        Port "tap9cf77d45-ea"
            tag: 1
            Interface "tap9cf77d45-ea"
                type: internal
        Port br-int
            Interface br-int
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port "qr-d899e95e-14"
            tag: 1
            Interface "qr-d899e95e-14"
                type: internal
    ovs_version: "2.3.1"

4: ip netns


qdhcp-a00e6369-bdaa-4850-8051-0e2ffec4a109
qrouter-a49bbd0e-970e-4b9f-bccb-bef6337c87d9

neutron router gateway can't be ping through except on network node

i installed openstack kilo on unbutn with 1 controller+1network +2 compute by following ubuntu kilo install guide.

all is ok unless before go to create the external flat network ,its subnet and a router ,Attached the router to the external network by setting it as the gateway. the tenant router gateway IP can only be ping through from network.

1: /etc/neutron/neutron.conf

 
 [DEFAULT]
verbose = True
rpc_backend = rabbit
auth_strategy = keystone
core_plugin = ml2
service_plugins = router,lbaas
allow_overlapping_ips = True
core_plugin = ml2
[matchmaker_redis]
[matchmaker_ring]
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = admin
[database]
[nova]
[oslo_concurrency]
lock_path = $state_path/lock
[oslo_policy]
[oslo_messaging_amqp]
[oslo_messaging_qpid]
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = admin

2: /etc/neutron/plugins/ml2/ml2_conf.ini

 
[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_flat]
flat_networks = external
[ml2_type_vlan]
[ml2_type_gre]
tunnel_id_ranges = 1:1000
[ml2_type_vxlan]
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 10.0.1.21
bridge_mappings = external:br-ex
[agent]
tunnel_types = gre

3:$ovs-vsctl show

 
6786d85c-0346-48b1-9f38-2d1e0869a189
    Bridge br-tun
        fail_mode: secure
        Port "gre-0a000129"
            Interface "gre-0a000129"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.41"}
        Port "gre-0a00011f"
            Interface "gre-0a00011f"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.31"}
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge br-ex
        Port "eth0"
            Interface "eth0"
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
    Bridge br-int
        fail_mode: secure
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "qg-c8d02166-aa"
            tag: 2
            Interface "qg-c8d02166-aa"
                type: internal
        Port "tap9cf77d45-ea"
            tag: 1
            Interface "tap9cf77d45-ea"
                type: internal
        Port br-int
            Interface br-int
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port "qr-d899e95e-14"
            tag: 1
            Interface "qr-d899e95e-14"
                type: internal
    ovs_version: "2.3.1"

4: ip netns


qdhcp-a00e6369-bdaa-4850-8051-0e2ffec4a109
qrouter-a49bbd0e-970e-4b9f-bccb-bef6337c87d9

neutron router gateway can't be ping through except on network node

i installed openstack kilo on unbutn with 1 controller+1network +2 compute by following ubuntu kilo install guide.

all is ok before go to create the external flat network ,its subnet and a router ,Attached the router to the external network by setting it as the gateway. the tenant router gateway IP can only be ping through from network.

the router gatway is 16.157.128.85


root@network:~# ifconfig
br-ex     Link encap:Ethernet  HWaddr 00:50:56:88:6a:8f
          inet addr:16.157.134.188  Bcast:16.157.135.255  Mask:255.255.248.0
          inet6 addr: fe80::e890:2eff:fe95:c5c8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:356635 errors:0 dropped:2906 overruns:0 frame:0
          TX packets:2611 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:34246121 (34.2 MB)  TX bytes:384580 (384.5 KB)

eth0 Link encap:Ethernet HWaddr 00:50:56:88:6a:8f inet6 addr: fe80::250:56ff:fe88:6a8f/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:356615 errors:0 dropped:4 overruns:0 frame:0 TX packets:2898 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34244821 (34.2 MB) TX bytes:394146 (394.1 KB)

eth1 Link encap:Ethernet HWaddr 00:50:56:88:2c:1e inet addr:10.0.0.21 Bcast:10.0.0.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fe88:2c1e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:373992 errors:0 dropped:2909 overruns:0 frame:0 TX packets:28631 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:35539613 (35.5 MB) TX bytes:4942004 (4.9 MB)

eth2 Link encap:Ethernet HWaddr 00:50:56:88:1b:70 inet addr:10.0.1.21 Bcast:10.0.1.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fe88:1b70/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:354716 errors:0 dropped:2908 overruns:0 frame:0 TX packets:253 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34085050 (34.0 MB) TX bytes:26583 (26.5 KB)

 

1: /etc/neutron/neutron.conf

 
 [DEFAULT]
verbose = True
rpc_backend = rabbit
auth_strategy = keystone
core_plugin = ml2
service_plugins = router,lbaas
allow_overlapping_ips = True
core_plugin = ml2
[matchmaker_redis]
[matchmaker_ring]
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = admin
[database]
[nova]
[oslo_concurrency]
lock_path = $state_path/lock
[oslo_policy]
[oslo_messaging_amqp]
[oslo_messaging_qpid]
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = admin

2: /etc/neutron/plugins/ml2/ml2_conf.ini

 
[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_flat]
flat_networks = external
[ml2_type_vlan]
[ml2_type_gre]
tunnel_id_ranges = 1:1000
[ml2_type_vxlan]
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 10.0.1.21
bridge_mappings = external:br-ex
[agent]
tunnel_types = gre

3:$ovs-vsctl show

 
6786d85c-0346-48b1-9f38-2d1e0869a189
    Bridge br-tun
        fail_mode: secure
        Port "gre-0a000129"
            Interface "gre-0a000129"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.41"}
        Port "gre-0a00011f"
            Interface "gre-0a00011f"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.31"}
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge br-ex
        Port "eth0"
            Interface "eth0"
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
    Bridge br-int
        fail_mode: secure
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "qg-c8d02166-aa"
            tag: 2
            Interface "qg-c8d02166-aa"
                type: internal
        Port "tap9cf77d45-ea"
            tag: 1
            Interface "tap9cf77d45-ea"
                type: internal
        Port br-int
            Interface br-int
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port "qr-d899e95e-14"
            tag: 1
            Interface "qr-d899e95e-14"
                type: internal
    ovs_version: "2.3.1"

4: ip netns


qdhcp-a00e6369-bdaa-4850-8051-0e2ffec4a109
qrouter-a49bbd0e-970e-4b9f-bccb-bef6337c87d9

neutron router gateway can't be ping through except on network node

i installed openstack kilo on unbutn with 1 controller+1network +2 compute by following ubuntu kilo install guide.

all is ok before go to create the external flat network ,its subnet and a router ,Attached the router to the external network by setting it as the gateway. the tenant router gateway IP can only be ping through from network.

the router gatway is 16.157.128.85


root@network:~# ifconfig
br-ex     Link encap:Ethernet  HWaddr 00:50:56:88:6a:8f
          inet addr:16.157.134.188  Bcast:16.157.135.255  Mask:255.255.248.0
          inet6 addr: fe80::e890:2eff:fe95:c5c8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:356635 errors:0 dropped:2906 overruns:0 frame:0
          TX packets:2611 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:34246121 (34.2 MB)  TX bytes:384580 (384.5 KB)

eth0 Link encap:Ethernet HWaddr 00:50:56:88:6a:8f inet6 addr: fe80::250:56ff:fe88:6a8f/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:356615 errors:0 dropped:4 overruns:0 frame:0 TX packets:2898 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34244821 (34.2 MB) TX bytes:394146 (394.1 KB)

eth1 Link encap:Ethernet HWaddr 00:50:56:88:2c:1e inet addr:10.0.0.21 Bcast:10.0.0.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fe88:2c1e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:373992 errors:0 dropped:2909 overruns:0 frame:0 TX packets:28631 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:35539613 (35.5 MB) TX bytes:4942004 (4.9 MB)

eth2 Link encap:Ethernet HWaddr 00:50:56:88:1b:70 inet addr:10.0.1.21 Bcast:10.0.1.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fe88:1b70/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:354716 errors:0 dropped:2908 overruns:0 frame:0 TX packets:253 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34085050 (34.0 MB) TX bytes:26583 (26.5 KB)

 

1: /etc/neutron/neutron.conf

 
 [DEFAULT]
verbose = True
rpc_backend = rabbit
auth_strategy = keystone
core_plugin = ml2
service_plugins = router,lbaas
allow_overlapping_ips = True
core_plugin = ml2
[matchmaker_redis]
[matchmaker_ring]
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = admin
[database]
[nova]
[oslo_concurrency]
lock_path = $state_path/lock
[oslo_policy]
[oslo_messaging_amqp]
[oslo_messaging_qpid]
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = admin

2: /etc/neutron/plugins/ml2/ml2_conf.ini

 
[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_flat]
flat_networks = external
[ml2_type_vlan]
[ml2_type_gre]
tunnel_id_ranges = 1:1000
[ml2_type_vxlan]
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 10.0.1.21
bridge_mappings = external:br-ex
[agent]
tunnel_types = gre

3:$ovs-vsctl show

 
6786d85c-0346-48b1-9f38-2d1e0869a189
    Bridge br-tun
        fail_mode: secure
        Port "gre-0a000129"
            Interface "gre-0a000129"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.41"}
        Port "gre-0a00011f"
            Interface "gre-0a00011f"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.31"}
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge br-ex
        Port "eth0"
            Interface "eth0"
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
    Bridge br-int
        fail_mode: secure
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "qg-c8d02166-aa"
            tag: 2
            Interface "qg-c8d02166-aa"
                type: internal
        Port "tap9cf77d45-ea"
            tag: 1
            Interface "tap9cf77d45-ea"
                type: internal
        Port br-int
            Interface br-int
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port "qr-d899e95e-14"
            tag: 1
            Interface "qr-d899e95e-14"
                type: internal
    ovs_version: "2.3.1"

4: ip netns


qdhcp-a00e6369-bdaa-4850-8051-0e2ffec4a109
qrouter-a49bbd0e-970e-4b9f-bccb-bef6337c87d9

neutron router gateway can't be ping through except on network node

i installed openstack kilo on unbutn with 1 controller+1network +2 compute by following ubuntu kilo install guide.

all is ok before go to create the external flat network ,its subnet and a router ,Attached the router to the external network by setting it as the gateway. the tenant router gateway IP can only be ping through from network.

the router gatway is 16.157.128.85

root@network:~# ifconfig

 root@network:~# ifconfig
br-ex     Link encap:Ethernet  HWaddr 00:50:56:88:6a:8f
          inet addr:16.157.134.188  Bcast:16.157.135.255  Mask:255.255.248.0
          inet6 addr: fe80::e890:2eff:fe95:c5c8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:356635 errors:0 dropped:2906 overruns:0 frame:0
          TX packets:2611 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:34246121 (34.2 MB)  TX bytes:384580 (384.5 KB)

eth0 Link encap:Ethernet HWaddr 00:50:56:88:6a:8f inet6 addr: fe80::250:56ff:fe88:6a8f/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:356615 errors:0 dropped:4 overruns:0 frame:0 TX packets:2898 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34244821 (34.2 MB) TX bytes:394146 (394.1 KB)

eth1 Link encap:Ethernet HWaddr 00:50:56:88:2c:1e inet addr:10.0.0.21 Bcast:10.0.0.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fe88:2c1e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:373992 errors:0 dropped:2909 overruns:0 frame:0 TX packets:28631 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:35539613 (35.5 MB) TX bytes:4942004 (4.9 MB)

eth2 Link encap:Ethernet HWaddr 00:50:56:88:1b:70 inet addr:10.0.1.21 Bcast:10.0.1.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fe88:1b70/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:354716 errors:0 dropped:2908 overruns:0 frame:0 TX packets:253 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34085050 (34.0 MB) TX bytes:26583 (26.5 KB)

1: /etc/neutron/neutron.conf

 
 [DEFAULT]
verbose = True
rpc_backend = rabbit
auth_strategy = keystone
core_plugin = ml2
service_plugins = router,lbaas
allow_overlapping_ips = True
core_plugin = ml2
[matchmaker_redis]
[matchmaker_ring]
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = admin
[database]
[nova]
[oslo_concurrency]
lock_path = $state_path/lock
[oslo_policy]
[oslo_messaging_amqp]
[oslo_messaging_qpid]
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = admin

2: /etc/neutron/plugins/ml2/ml2_conf.ini

 
[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_flat]
flat_networks = external
[ml2_type_vlan]
[ml2_type_gre]
tunnel_id_ranges = 1:1000
[ml2_type_vxlan]
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 10.0.1.21
bridge_mappings = external:br-ex
[agent]
tunnel_types = gre

3:$ovs-vsctl show

 
6786d85c-0346-48b1-9f38-2d1e0869a189
    Bridge br-tun
        fail_mode: secure
        Port "gre-0a000129"
            Interface "gre-0a000129"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.41"}
        Port "gre-0a00011f"
            Interface "gre-0a00011f"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.31"}
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge br-ex
        Port "eth0"
            Interface "eth0"
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
    Bridge br-int
        fail_mode: secure
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "qg-c8d02166-aa"
            tag: 2
            Interface "qg-c8d02166-aa"
                type: internal
        Port "tap9cf77d45-ea"
            tag: 1
            Interface "tap9cf77d45-ea"
                type: internal
        Port br-int
            Interface br-int
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port "qr-d899e95e-14"
            tag: 1
            Interface "qr-d899e95e-14"
                type: internal
    ovs_version: "2.3.1"

4: ip netns


qdhcp-a00e6369-bdaa-4850-8051-0e2ffec4a109
qrouter-a49bbd0e-970e-4b9f-bccb-bef6337c87d9

neutron router gateway can't be ping through except on neutron network node

i installed openstack kilo on unbutn with 1 controller+1network +2 compute by following ubuntu kilo install guide.

all is ok before go to create the external flat network ,its subnet and a router ,Attached the router to the external network by setting it as the gateway. the tenant router gateway IP can only be ping through from network.neutron network node.

the router gatway is 16.157.128.85

root@network:~# ifconfig


br-ex     Link encap:Ethernet  HWaddr 00:50:56:88:6a:8f
          inet addr:16.157.134.188  Bcast:16.157.135.255  Mask:255.255.248.0
          inet6 addr: fe80::e890:2eff:fe95:c5c8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:356635 errors:0 dropped:2906 overruns:0 frame:0
          TX packets:2611 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:34246121 (34.2 MB)  TX bytes:384580 (384.5 KB)

eth0 Link encap:Ethernet HWaddr 00:50:56:88:6a:8f inet6 addr: fe80::250:56ff:fe88:6a8f/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:356615 errors:0 dropped:4 overruns:0 frame:0 TX packets:2898 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34244821 (34.2 MB) TX bytes:394146 (394.1 KB)

eth1 Link encap:Ethernet HWaddr 00:50:56:88:2c:1e inet addr:10.0.0.21 Bcast:10.0.0.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fe88:2c1e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:373992 errors:0 dropped:2909 overruns:0 frame:0 TX packets:28631 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:35539613 (35.5 MB) TX bytes:4942004 (4.9 MB)

eth2 Link encap:Ethernet HWaddr 00:50:56:88:1b:70 inet addr:10.0.1.21 Bcast:10.0.1.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fe88:1b70/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:354716 errors:0 dropped:2908 overruns:0 frame:0 TX packets:253 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34085050 (34.0 MB) TX bytes:26583 (26.5 KB)

1: /etc/neutron/neutron.conf

 
 [DEFAULT]
verbose = True
rpc_backend = rabbit
auth_strategy = keystone
core_plugin = ml2
service_plugins = router,lbaas
allow_overlapping_ips = True
core_plugin = ml2
[matchmaker_redis]
[matchmaker_ring]
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = admin
[database]
[nova]
[oslo_concurrency]
lock_path = $state_path/lock
[oslo_policy]
[oslo_messaging_amqp]
[oslo_messaging_qpid]
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = admin

2: /etc/neutron/plugins/ml2/ml2_conf.ini

 
[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_flat]
flat_networks = external
[ml2_type_vlan]
[ml2_type_gre]
tunnel_id_ranges = 1:1000
[ml2_type_vxlan]
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 10.0.1.21
bridge_mappings = external:br-ex
[agent]
tunnel_types = gre

3:$ovs-vsctl show

 
6786d85c-0346-48b1-9f38-2d1e0869a189
    Bridge br-tun
        fail_mode: secure
        Port "gre-0a000129"
            Interface "gre-0a000129"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.41"}
        Port "gre-0a00011f"
            Interface "gre-0a00011f"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.31"}
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge br-ex
        Port "eth0"
            Interface "eth0"
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
    Bridge br-int
        fail_mode: secure
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "qg-c8d02166-aa"
            tag: 2
            Interface "qg-c8d02166-aa"
                type: internal
        Port "tap9cf77d45-ea"
            tag: 1
            Interface "tap9cf77d45-ea"
                type: internal
        Port br-int
            Interface br-int
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port "qr-d899e95e-14"
            tag: 1
            Interface "qr-d899e95e-14"
                type: internal
    ovs_version: "2.3.1"

4: ip netns


qdhcp-a00e6369-bdaa-4850-8051-0e2ffec4a109
qrouter-a49bbd0e-970e-4b9f-bccb-bef6337c87d9

neutron router gateway can't be ping through except on neutron network node

i installed openstack kilo on unbutn with 1 controller+1network +2 compute by following ubuntu kilo install guide.

all is ok before go to create the external flat network ,its subnet and a router ,Attached the router to the external network by setting it as the gateway. the tenant router gateway IP can only be ping through from neutron network node.

the router gatway gateway ip is 16.157.128.85

root@network:~# ifconfig


br-ex     Link encap:Ethernet  HWaddr 00:50:56:88:6a:8f
          inet addr:16.157.134.188  Bcast:16.157.135.255  Mask:255.255.248.0
          inet6 addr: fe80::e890:2eff:fe95:c5c8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:356635 errors:0 dropped:2906 overruns:0 frame:0
          TX packets:2611 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:34246121 (34.2 MB)  TX bytes:384580 (384.5 KB)

eth0 Link encap:Ethernet HWaddr 00:50:56:88:6a:8f inet6 addr: fe80::250:56ff:fe88:6a8f/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:356615 errors:0 dropped:4 overruns:0 frame:0 TX packets:2898 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34244821 (34.2 MB) TX bytes:394146 (394.1 KB)

eth1 Link encap:Ethernet HWaddr 00:50:56:88:2c:1e inet addr:10.0.0.21 Bcast:10.0.0.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fe88:2c1e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:373992 errors:0 dropped:2909 overruns:0 frame:0 TX packets:28631 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:35539613 (35.5 MB) TX bytes:4942004 (4.9 MB)

eth2 Link encap:Ethernet HWaddr 00:50:56:88:1b:70 inet addr:10.0.1.21 Bcast:10.0.1.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fe88:1b70/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:354716 errors:0 dropped:2908 overruns:0 frame:0 TX packets:253 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34085050 (34.0 MB) TX bytes:26583 (26.5 KB)

1: /etc/neutron/neutron.conf

 
 [DEFAULT]
verbose = True
rpc_backend = rabbit
auth_strategy = keystone
core_plugin = ml2
service_plugins = router,lbaas
allow_overlapping_ips = True
core_plugin = ml2
[matchmaker_redis]
[matchmaker_ring]
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = admin
[database]
[nova]
[oslo_concurrency]
lock_path = $state_path/lock
[oslo_policy]
[oslo_messaging_amqp]
[oslo_messaging_qpid]
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = admin

2: /etc/neutron/plugins/ml2/ml2_conf.ini

 
[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_flat]
flat_networks = external
[ml2_type_vlan]
[ml2_type_gre]
tunnel_id_ranges = 1:1000
[ml2_type_vxlan]
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 10.0.1.21
bridge_mappings = external:br-ex
[agent]
tunnel_types = gre

3:$ovs-vsctl show

 
6786d85c-0346-48b1-9f38-2d1e0869a189
    Bridge br-tun
        fail_mode: secure
        Port "gre-0a000129"
            Interface "gre-0a000129"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.41"}
        Port "gre-0a00011f"
            Interface "gre-0a00011f"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.31"}
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge br-ex
        Port "eth0"
            Interface "eth0"
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
    Bridge br-int
        fail_mode: secure
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "qg-c8d02166-aa"
            tag: 2
            Interface "qg-c8d02166-aa"
                type: internal
        Port "tap9cf77d45-ea"
            tag: 1
            Interface "tap9cf77d45-ea"
                type: internal
        Port br-int
            Interface br-int
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port "qr-d899e95e-14"
            tag: 1
            Interface "qr-d899e95e-14"
                type: internal
    ovs_version: "2.3.1"

4: ip netns


qdhcp-a00e6369-bdaa-4850-8051-0e2ffec4a109
qrouter-a49bbd0e-970e-4b9f-bccb-bef6337c87d9

neutron router gateway can't be ping through except on neutron network node

i installed openstack kilo on unbutn with 1 controller+1network +2 compute by following ubuntu kilo install guide.

all is ok before go to create the external flat network ,its subnet and a router ,Attached the router to the external network by setting it as the gateway. the tenant router gateway IP can only be ping through from neutron network node.

the router gateway ip is 16.157.128.85

root@network:~# ifconfig


br-ex     Link encap:Ethernet  HWaddr 00:50:56:88:6a:8f
          inet addr:16.157.134.188  Bcast:16.157.135.255  Mask:255.255.248.0
          inet6 addr: fe80::e890:2eff:fe95:c5c8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:356635 errors:0 dropped:2906 overruns:0 frame:0
          TX packets:2611 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:34246121 (34.2 MB)  TX bytes:384580 (384.5 KB)

eth0 Link encap:Ethernet HWaddr 00:50:56:88:6a:8f inet6 addr: fe80::250:56ff:fe88:6a8f/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:356615 errors:0 dropped:4 overruns:0 frame:0 TX packets:2898 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34244821 (34.2 MB) TX bytes:394146 (394.1 KB)

eth1 Link encap:Ethernet HWaddr 00:50:56:88:2c:1e inet addr:10.0.0.21 Bcast:10.0.0.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fe88:2c1e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:373992 errors:0 dropped:2909 overruns:0 frame:0 TX packets:28631 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:35539613 (35.5 MB) TX bytes:4942004 (4.9 MB)

eth2 Link encap:Ethernet HWaddr 00:50:56:88:1b:70 inet addr:10.0.1.21 Bcast:10.0.1.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fe88:1b70/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:354716 errors:0 dropped:2908 overruns:0 frame:0 TX packets:253 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34085050 (34.0 MB) TX bytes:26583 (26.5 KB)

1: /etc/neutron/neutron.conf

 
 [DEFAULT]
verbose = True
rpc_backend = rabbit
auth_strategy = keystone
core_plugin = ml2
service_plugins = router,lbaas
allow_overlapping_ips = True
core_plugin = ml2
[matchmaker_redis]
[matchmaker_ring]
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = admin
[database]
[nova]
[oslo_concurrency]
lock_path = $state_path/lock
[oslo_policy]
[oslo_messaging_amqp]
[oslo_messaging_qpid]
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = admin

2: /etc/neutron/plugins/ml2/ml2_conf.ini

 
[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_flat]
flat_networks = external
[ml2_type_vlan]
[ml2_type_gre]
tunnel_id_ranges = 1:1000
[ml2_type_vxlan]
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 10.0.1.21
bridge_mappings = external:br-ex
[agent]
tunnel_types = gre

3:$ovs-vsctl show

 
6786d85c-0346-48b1-9f38-2d1e0869a189
    Bridge br-tun
        fail_mode: secure
        Port "gre-0a000129"
            Interface "gre-0a000129"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.41"}
        Port "gre-0a00011f"
            Interface "gre-0a00011f"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.31"}
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge br-ex
        Port "eth0"
            Interface "eth0"
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
    Bridge br-int
        fail_mode: secure
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "qg-c8d02166-aa"
            tag: 2
            Interface "qg-c8d02166-aa"
                type: internal
        Port "tap9cf77d45-ea"
            tag: 1
            Interface "tap9cf77d45-ea"
                type: internal
        Port br-int
            Interface br-int
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port "qr-d899e95e-14"
            tag: 1
            Interface "qr-d899e95e-14"
                type: internal
    ovs_version: "2.3.1"

4: ip netns


qdhcp-a00e6369-bdaa-4850-8051-0e2ffec4a109
qrouter-a49bbd0e-970e-4b9f-bccb-bef6337c87d9

5: root@network:~# ip netns exec qrouter-a49bbd0e-970e-4b9f-bccb-bef6337c87d9 ip a

1: lo: <loopback,up,lower_up> mtu 65536 qdisc noqueue state UNKNOWN group default link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 13: qr-d899e95e-14: <broadcast,multicast,up,lower_up> mtu 1500 qdisc noqueue state UNKNOWN group default link/ether fa:16:3e:2b:0d:1a brd ff:ff:ff:ff:ff:ff inet 192.168.1.1/24 brd 192.168.1.255 scope global qr-d899e95e-14 valid_lft forever preferred_lft forever inet6 fe80::f816:3eff:fe2b:d1a/64 scope link valid_lft forever preferred_lft forever 14: qg-c8d02166-aa: <broadcast,multicast,up,lower_up> mtu 1500 qdisc noqueue state UNKNOWN group default link/ether fa:16:3e:89:12:71 brd ff:ff:ff:ff:ff:ff inet 16.157.128.85/16 brd 16.157.255.255 scope global qg-c8d02166-aa valid_lft forever preferred_lft forever inet 16.157.128.86/32 brd 16.157.128.86 scope global qg-c8d02166-aa valid_lft forever preferred_lft forever inet6 fe80::f816:3eff:fe89:1271/64 scope link valid_lft forever preferred_lft forever

neutron router gateway can't be ping through except on neutron network nodenode or nova instance

i installed openstack kilo on unbutn with 1 controller+1network +2 compute by following ubuntu kilo install guide.

all is ok before go to create the external flat network ,its subnet and a router ,Attached the router to the external network by setting it as the gateway.

the tenant router gateway IP can only be ping through from neutron network node.node and nova VM instance

the router gateway ip is 16.157.128.85

16.157.128.85 root@network:~# ifconfig


br-ex     Link encap:Ethernet  HWaddr 00:50:56:88:6a:8f
          inet addr:16.157.134.188  Bcast:16.157.135.255  Mask:255.255.248.0
          inet6 addr: fe80::e890:2eff:fe95:c5c8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:356635 errors:0 dropped:2906 overruns:0 frame:0
          TX packets:2611 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:34246121 (34.2 MB)  TX bytes:384580 (384.5 KB)

eth0 Link encap:Ethernet HWaddr 00:50:56:88:6a:8f inet6 addr: fe80::250:56ff:fe88:6a8f/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:356615 errors:0 dropped:4 overruns:0 frame:0 TX packets:2898 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34244821 (34.2 MB) TX bytes:394146 (394.1 KB)

eth1 Link encap:Ethernet HWaddr 00:50:56:88:2c:1e inet addr:10.0.0.21 Bcast:10.0.0.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fe88:2c1e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:373992 errors:0 dropped:2909 overruns:0 frame:0 TX packets:28631 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:35539613 (35.5 MB) TX bytes:4942004 (4.9 MB)

eth2 Link encap:Ethernet HWaddr 00:50:56:88:1b:70 inet addr:10.0.1.21 Bcast:10.0.1.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fe88:1b70/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:354716 errors:0 dropped:2908 overruns:0 frame:0 TX packets:253 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34085050 (34.0 MB) TX bytes:26583 (26.5 KB)

1: /etc/neutron/neutron.conf

 
 [DEFAULT]
verbose = True
rpc_backend = rabbit
auth_strategy = keystone
core_plugin = ml2
service_plugins = router,lbaas
allow_overlapping_ips = True
core_plugin = ml2
[matchmaker_redis]
[matchmaker_ring]
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = admin
[database]
[nova]
[oslo_concurrency]
lock_path = $state_path/lock
[oslo_policy]
[oslo_messaging_amqp]
[oslo_messaging_qpid]
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = admin

2: /etc/neutron/plugins/ml2/ml2_conf.ini

 
[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_flat]
flat_networks = external
[ml2_type_vlan]
[ml2_type_gre]
tunnel_id_ranges = 1:1000
[ml2_type_vxlan]
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 10.0.1.21
bridge_mappings = external:br-ex
[agent]
tunnel_types = gre

3:$ovs-vsctl show

 
6786d85c-0346-48b1-9f38-2d1e0869a189
    Bridge br-tun
        fail_mode: secure
        Port "gre-0a000129"
            Interface "gre-0a000129"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.41"}
        Port "gre-0a00011f"
            Interface "gre-0a00011f"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.31"}
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge br-ex
        Port "eth0"
            Interface "eth0"
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
    Bridge br-int
        fail_mode: secure
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "qg-c8d02166-aa"
            tag: 2
            Interface "qg-c8d02166-aa"
                type: internal
        Port "tap9cf77d45-ea"
            tag: 1
            Interface "tap9cf77d45-ea"
                type: internal
        Port br-int
            Interface br-int
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port "qr-d899e95e-14"
            tag: 1
            Interface "qr-d899e95e-14"
                type: internal
    ovs_version: "2.3.1"

4: ip netns


qdhcp-a00e6369-bdaa-4850-8051-0e2ffec4a109
qrouter-a49bbd0e-970e-4b9f-bccb-bef6337c87d9

5: root@network:~# ip netns exec qrouter-a49bbd0e-970e-4b9f-bccb-bef6337c87d9 ip a

1: lo: <loopback,up,lower_up> mtu 65536 qdisc noqueue state UNKNOWN group default link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 13: qr-d899e95e-14: <broadcast,multicast,up,lower_up> mtu 1500 qdisc noqueue state UNKNOWN group default link/ether fa:16:3e:2b:0d:1a brd ff:ff:ff:ff:ff:ff inet 192.168.1.1/24 brd 192.168.1.255 scope global qr-d899e95e-14 valid_lft forever preferred_lft forever inet6 fe80::f816:3eff:fe2b:d1a/64 scope link valid_lft forever preferred_lft forever 14: qg-c8d02166-aa: <broadcast,multicast,up,lower_up> mtu 1500 qdisc noqueue state UNKNOWN group default link/ether fa:16:3e:89:12:71 brd ff:ff:ff:ff:ff:ff inet 16.157.128.85/16 brd 16.157.255.255 scope global qg-c8d02166-aa valid_lft forever preferred_lft forever inet 16.157.128.86/32 brd 16.157.128.86 scope global qg-c8d02166-aa valid_lft forever preferred_lft forever inet6 fe80::f816:3eff:fe89:1271/64 scope link valid_lft forever preferred_lft forever

neutron router gateway can't be ping through except on neutron network node or nova instance

i installed openstack kilo on unbutn with 1 controller+1network +2 compute by following ubuntu kilo install guide.

all is ok before go to create the external flat network ,its subnet and a router ,Attached the router to the external network by setting it as the gateway.

the tenant router gateway IP can only be ping through from neutron network node and nova VM instance

the router gateway ip is 16.157.128.85 root@network:~# ifconfig


br-ex     Link encap:Ethernet  HWaddr 00:50:56:88:6a:8f
          inet addr:16.157.134.188  Bcast:16.157.135.255  Mask:255.255.248.0
          inet6 addr: fe80::e890:2eff:fe95:c5c8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:356635 errors:0 dropped:2906 overruns:0 frame:0
          TX packets:2611 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:34246121 (34.2 MB)  TX bytes:384580 (384.5 KB)

eth0 Link encap:Ethernet HWaddr 00:50:56:88:6a:8f inet6 addr: fe80::250:56ff:fe88:6a8f/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:356615 errors:0 dropped:4 overruns:0 frame:0 TX packets:2898 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34244821 (34.2 MB) TX bytes:394146 (394.1 KB)

eth1 Link encap:Ethernet HWaddr 00:50:56:88:2c:1e inet addr:10.0.0.21 Bcast:10.0.0.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fe88:2c1e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:373992 errors:0 dropped:2909 overruns:0 frame:0 TX packets:28631 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:35539613 (35.5 MB) TX bytes:4942004 (4.9 MB)

eth2 Link encap:Ethernet HWaddr 00:50:56:88:1b:70 inet addr:10.0.1.21 Bcast:10.0.1.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fe88:1b70/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:354716 errors:0 dropped:2908 overruns:0 frame:0 TX packets:253 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34085050 (34.0 MB) TX bytes:26583 (26.5 KB)

1: /etc/neutron/neutron.conf

 
 [DEFAULT]
verbose = True
rpc_backend = rabbit
auth_strategy = keystone
core_plugin = ml2
service_plugins = router,lbaas
allow_overlapping_ips = True
core_plugin = ml2
[matchmaker_redis]
[matchmaker_ring]
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = admin
[database]
[nova]
[oslo_concurrency]
lock_path = $state_path/lock
[oslo_policy]
[oslo_messaging_amqp]
[oslo_messaging_qpid]
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = admin

2: /etc/neutron/plugins/ml2/ml2_conf.ini

 
[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_flat]
flat_networks = external
[ml2_type_vlan]
[ml2_type_gre]
tunnel_id_ranges = 1:1000
[ml2_type_vxlan]
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 10.0.1.21
bridge_mappings = external:br-ex
[agent]
tunnel_types = gre

3:$ovs-vsctl show

 
6786d85c-0346-48b1-9f38-2d1e0869a189
    Bridge br-tun
        fail_mode: secure
        Port "gre-0a000129"
            Interface "gre-0a000129"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.41"}
        Port "gre-0a00011f"
            Interface "gre-0a00011f"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.31"}
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge br-ex
        Port "eth0"
            Interface "eth0"
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
    Bridge br-int
        fail_mode: secure
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "qg-c8d02166-aa"
            tag: 2
            Interface "qg-c8d02166-aa"
                type: internal
        Port "tap9cf77d45-ea"
            tag: 1
            Interface "tap9cf77d45-ea"
                type: internal
        Port br-int
            Interface br-int
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port "qr-d899e95e-14"
            tag: 1
            Interface "qr-d899e95e-14"
                type: internal
    ovs_version: "2.3.1"

4: ip netns


qdhcp-a00e6369-bdaa-4850-8051-0e2ffec4a109
qrouter-a49bbd0e-970e-4b9f-bccb-bef6337c87d9

5: root@network:~# ip netns exec qrouter-a49bbd0e-970e-4b9f-bccb-bef6337c87d9 ip a

1: lo: <loopback,up,lower_up> mtu 65536 qdisc noqueue state UNKNOWN group default link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 13: qr-d899e95e-14: <broadcast,multicast,up,lower_up> mtu 1500 qdisc noqueue state UNKNOWN group default link/ether fa:16:3e:2b:0d:1a brd ff:ff:ff:ff:ff:ff inet 192.168.1.1/24 brd 192.168.1.255 scope global qr-d899e95e-14 valid_lft forever preferred_lft forever inet6 fe80::f816:3eff:fe2b:d1a/64 scope link valid_lft forever preferred_lft forever 14: qg-c8d02166-aa: <broadcast,multicast,up,lower_up> mtu 1500 qdisc noqueue state UNKNOWN group default link/ether fa:16:3e:89:12:71 brd ff:ff:ff:ff:ff:ff inet 16.157.128.85/16 brd 16.157.255.255 scope global qg-c8d02166-aa valid_lft forever preferred_lft forever inet 16.157.128.86/32 brd 16.157.128.86 scope global qg-c8d02166-aa valid_lft forever preferred_lft forever inet6 fe80::f816:3eff:fe89:1271/64 scope link valid_lft forever preferred_lft forever

controller:~$ neutron agent-list


+--------------------------------------+--------------------+----------+-------+----------------+---------------------------+
| id                                   | agent_type         | host     | alive | admin_state_up | binary                    |
+--------------------------------------+--------------------+----------+-------+----------------+---------------------------+
| 0d53a161-cd9d-41dc-87a5-0ba5c039d89b | Open vSwitch agent | compute1 | :-)   | True           | neutron-openvswitch-agent |
| 3f994be2-f15a-48e1-a2e9-ce27febcae58 | Open vSwitch agent | network  | :-)   | True           | neutron-openvswitch-agent |
| 838d0cf0-7c71-4681-9c7c-a3e392d573db | Metadata agent     | network  | :-)   | True           | neutron-metadata-agent    |
| dcfc147d-c3f2-4502-8777-b21df358750a | L3 agent           | network  | :-)   | True           | neutron-l3-agent          |
| e31f9bc0-28a5-47b0-8ecf-4a13ba11d58a | Open vSwitch agent | compute2 | :-)   | True           | neutron-openvswitch-agent |
| fa183ae0-b237-47c2-9b20-f79b9105ff6a | DHCP agent         | network  | :-)   | True           | neutron-dhcp-agent        |
+--------------------------------------+--------------------+----------+-------+----------------+---------------------------+

neutron router gateway can't be ping through except on neutron network node or nova instance

i installed openstack kilo on unbutn guest VM with 1 controller+1network +2 compute by following ubuntu kilo install guide.

all is ok before go to create the external flat network ,its subnet and a router ,Attached the router to the external network by setting it as the gateway.

the tenant router gateway IP can only be ping through from neutron network node and nova VM instance

the router gateway ip is 16.157.128.85 root@network:~# ifconfig


br-ex     Link encap:Ethernet  HWaddr 00:50:56:88:6a:8f
          inet addr:16.157.134.188  Bcast:16.157.135.255  Mask:255.255.248.0
          inet6 addr: fe80::e890:2eff:fe95:c5c8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:356635 errors:0 dropped:2906 overruns:0 frame:0
          TX packets:2611 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:34246121 (34.2 MB)  TX bytes:384580 (384.5 KB)

eth0 Link encap:Ethernet HWaddr 00:50:56:88:6a:8f inet6 addr: fe80::250:56ff:fe88:6a8f/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:356615 errors:0 dropped:4 overruns:0 frame:0 TX packets:2898 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34244821 (34.2 MB) TX bytes:394146 (394.1 KB)

eth1 Link encap:Ethernet HWaddr 00:50:56:88:2c:1e inet addr:10.0.0.21 Bcast:10.0.0.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fe88:2c1e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:373992 errors:0 dropped:2909 overruns:0 frame:0 TX packets:28631 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:35539613 (35.5 MB) TX bytes:4942004 (4.9 MB)

eth2 Link encap:Ethernet HWaddr 00:50:56:88:1b:70 inet addr:10.0.1.21 Bcast:10.0.1.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fe88:1b70/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:354716 errors:0 dropped:2908 overruns:0 frame:0 TX packets:253 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34085050 (34.0 MB) TX bytes:26583 (26.5 KB)

1: /etc/neutron/neutron.conf

 
 [DEFAULT]
verbose = True
rpc_backend = rabbit
auth_strategy = keystone
core_plugin = ml2
service_plugins = router,lbaas
allow_overlapping_ips = True
core_plugin = ml2
[matchmaker_redis]
[matchmaker_ring]
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = admin
[database]
[nova]
[oslo_concurrency]
lock_path = $state_path/lock
[oslo_policy]
[oslo_messaging_amqp]
[oslo_messaging_qpid]
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = admin

2: /etc/neutron/plugins/ml2/ml2_conf.ini

 
[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_flat]
flat_networks = external
[ml2_type_vlan]
[ml2_type_gre]
tunnel_id_ranges = 1:1000
[ml2_type_vxlan]
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 10.0.1.21
bridge_mappings = external:br-ex
[agent]
tunnel_types = gre

3:$ovs-vsctl show

 
6786d85c-0346-48b1-9f38-2d1e0869a189
    Bridge br-tun
        fail_mode: secure
        Port "gre-0a000129"
            Interface "gre-0a000129"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.41"}
        Port "gre-0a00011f"
            Interface "gre-0a00011f"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.31"}
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge br-ex
        Port "eth0"
            Interface "eth0"
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
    Bridge br-int
        fail_mode: secure
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "qg-c8d02166-aa"
            tag: 2
            Interface "qg-c8d02166-aa"
                type: internal
        Port "tap9cf77d45-ea"
            tag: 1
            Interface "tap9cf77d45-ea"
                type: internal
        Port br-int
            Interface br-int
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port "qr-d899e95e-14"
            tag: 1
            Interface "qr-d899e95e-14"
                type: internal
    ovs_version: "2.3.1"

4: ip netns


qdhcp-a00e6369-bdaa-4850-8051-0e2ffec4a109
qrouter-a49bbd0e-970e-4b9f-bccb-bef6337c87d9

5: root@network:~# ip netns exec qrouter-a49bbd0e-970e-4b9f-bccb-bef6337c87d9 ip a

1: lo: <loopback,up,lower_up> mtu 65536 qdisc noqueue state UNKNOWN group default link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 13: qr-d899e95e-14: <broadcast,multicast,up,lower_up> mtu 1500 qdisc noqueue state UNKNOWN group default link/ether fa:16:3e:2b:0d:1a brd ff:ff:ff:ff:ff:ff inet 192.168.1.1/24 brd 192.168.1.255 scope global qr-d899e95e-14 valid_lft forever preferred_lft forever inet6 fe80::f816:3eff:fe2b:d1a/64 scope link valid_lft forever preferred_lft forever 14: qg-c8d02166-aa: <broadcast,multicast,up,lower_up> mtu 1500 qdisc noqueue state UNKNOWN group default link/ether fa:16:3e:89:12:71 brd ff:ff:ff:ff:ff:ff inet 16.157.128.85/16 brd 16.157.255.255 scope global qg-c8d02166-aa valid_lft forever preferred_lft forever inet 16.157.128.86/32 brd 16.157.128.86 scope global qg-c8d02166-aa valid_lft forever preferred_lft forever inet6 fe80::f816:3eff:fe89:1271/64 scope link valid_lft forever preferred_lft forever

controller:~$ neutron agent-list


+--------------------------------------+--------------------+----------+-------+----------------+---------------------------+
| id                                   | agent_type         | host     | alive | admin_state_up | binary                    |
+--------------------------------------+--------------------+----------+-------+----------------+---------------------------+
| 0d53a161-cd9d-41dc-87a5-0ba5c039d89b | Open vSwitch agent | compute1 | :-)   | True           | neutron-openvswitch-agent |
| 3f994be2-f15a-48e1-a2e9-ce27febcae58 | Open vSwitch agent | network  | :-)   | True           | neutron-openvswitch-agent |
| 838d0cf0-7c71-4681-9c7c-a3e392d573db | Metadata agent     | network  | :-)   | True           | neutron-metadata-agent    |
| dcfc147d-c3f2-4502-8777-b21df358750a | L3 agent           | network  | :-)   | True           | neutron-l3-agent          |
| e31f9bc0-28a5-47b0-8ecf-4a13ba11d58a | Open vSwitch agent | compute2 | :-)   | True           | neutron-openvswitch-agent |
| fa183ae0-b237-47c2-9b20-f79b9105ff6a | DHCP agent         | network  | :-)   | True           | neutron-dhcp-agent        |
+--------------------------------------+--------------------+----------+-------+----------------+---------------------------+