Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

No external traffic even on the network interface

Hi!

I have new install on RHEL 7.2 Openstack Liberty, and have problem whith external network - no external traffic, and no errors in the logs. For networl I'm use LinuxBridge.

I have on ip address submitted to the external network interface:

# ip netns exec qrouter-c179afdb-32d0-4c95-b786-538550cd8843 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ha-eb5e1ee4-fb@if18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether fa:16:3e:2a:8b:34 brd ff:ff:ff:ff:ff:ff
    inet 169.254.192.7/18 brd 169.254.255.255 scope global ha-eb5e1ee4-fb
       valid_lft forever preferred_lft forever
    inet 169.254.0.1/24 scope global ha-eb5e1ee4-fb
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe2a:8b34/64 scope link 
       valid_lft forever preferred_lft forever
3: qg-f98f1904-a9@if21: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether fa:16:3e:1d:7a:15 brd ff:ff:ff:ff:ff:ff
    inet 172.28.5.11/24 scope global qg-f98f1904-a9
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe1d:7a15/64 scope link nodad 
       valid_lft forever preferred_lft forever

This address on router:

# neutron  router-list
+--------------------------------------+------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+------+
| id                                   | name | external_gateway_info                                                                                                                                                                   | distributed | ha   |
+--------------------------------------+------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+------+
| c179afdb-32d0-4c95-b786-538550cd8843 | 3    | {"network_id": "a07aabc7-e477-46e9-b885-ef647a70e962", "enable_snat": true, "external_fixed_ips": [{"subnet_id": "40ce7b7a-50fe-4bfd-88f4-419fc45c9398", "ip_address": "172.28.5.11"}]} | False       | True |
+--------------------------------------+------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+------+

And on the network node no traffic:

# tcpdump -i any -n -v \ 'icmp[icmptype] = icmp-echoreply or icmp[icmptype] =icmp-echo'
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes

This means that the external network does not know that the IP address is on the external network interface Network Node and accordingly does not come.

Please help me understand what the problem is, I have completely run out of ideas.

No external traffic even on the network interface

Hi!

I have new install on RHEL 7.2 Openstack Liberty, and have problem whith external network - no external traffic, and no errors in the logs. For networl I'm use LinuxBridge.

I have on ip address submitted to the external network interface:

# ip netns exec qrouter-c179afdb-32d0-4c95-b786-538550cd8843 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ha-eb5e1ee4-fb@if18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether fa:16:3e:2a:8b:34 brd ff:ff:ff:ff:ff:ff
    inet 169.254.192.7/18 brd 169.254.255.255 scope global ha-eb5e1ee4-fb
       valid_lft forever preferred_lft forever
    inet 169.254.0.1/24 scope global ha-eb5e1ee4-fb
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe2a:8b34/64 scope link 
       valid_lft forever preferred_lft forever
3: qg-f98f1904-a9@if21: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether fa:16:3e:1d:7a:15 brd ff:ff:ff:ff:ff:ff
    inet 172.28.5.11/24 scope global qg-f98f1904-a9
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe1d:7a15/64 scope link nodad 
       valid_lft forever preferred_lft forever

This address on router:

# neutron  router-list
+--------------------------------------+------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+------+
| id                                   | name | external_gateway_info                                                                                                                                                                   | distributed | ha   |
+--------------------------------------+------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+------+
| c179afdb-32d0-4c95-b786-538550cd8843 | 3    | {"network_id": "a07aabc7-e477-46e9-b885-ef647a70e962", "enable_snat": true, "external_fixed_ips": [{"subnet_id": "40ce7b7a-50fe-4bfd-88f4-419fc45c9398", "ip_address": "172.28.5.11"}]} | False       | True |
+--------------------------------------+------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+------+

And on the network node no traffic:

# tcpdump -i any -n -v \ 'icmp[icmptype] = icmp-echoreply or icmp[icmptype] =icmp-echo'
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes

This means that the external network does not know that the IP address is on the external network interface Network Node and accordingly does not come.

Please help me understand what the problem is, I have completely run out of ideas.

No external traffic even on the external network interface

Hi!

I have new install on RHEL 7.2 Openstack Liberty, and have problem whith external network - no external traffic, and no errors in the logs. For networl network I'm use LinuxBridge.LinuxBridge. Inside, all working well.

I have on ip address submitted to the external network interface:

# ip netns exec qrouter-c179afdb-32d0-4c95-b786-538550cd8843 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ha-eb5e1ee4-fb@if18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether fa:16:3e:2a:8b:34 brd ff:ff:ff:ff:ff:ff
    inet 169.254.192.7/18 brd 169.254.255.255 scope global ha-eb5e1ee4-fb
       valid_lft forever preferred_lft forever
    inet 169.254.0.1/24 scope global ha-eb5e1ee4-fb
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe2a:8b34/64 scope link 
       valid_lft forever preferred_lft forever
3: qg-f98f1904-a9@if21: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether fa:16:3e:1d:7a:15 brd ff:ff:ff:ff:ff:ff
    inet 172.28.5.11/24 scope global qg-f98f1904-a9
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe1d:7a15/64 scope link nodad 
       valid_lft forever preferred_lft forever

This address on router:

# neutron  router-list
+--------------------------------------+------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+------+
| id                                   | name | external_gateway_info                                                                                                                                                                   | distributed | ha   |
+--------------------------------------+------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+------+
| c179afdb-32d0-4c95-b786-538550cd8843 | 3    | {"network_id": "a07aabc7-e477-46e9-b885-ef647a70e962", "enable_snat": true, "external_fixed_ips": [{"subnet_id": "40ce7b7a-50fe-4bfd-88f4-419fc45c9398", "ip_address": "172.28.5.11"}]} | False       | True |
+--------------------------------------+------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+------+

And on the network node no traffic:

# tcpdump -i any -n -v \ 'icmp[icmptype] = icmp-echoreply or icmp[icmptype] =icmp-echo'
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes

Configs:

# egrep -v ^#\|^$ /etc/neutron/plugins/ml2/ml2_conf.ini
[linux_bridge]
physical_interface_mappings = vlan:ens224,external:ens256
[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vlan
mechanism_drivers = linuxbridge,l2population
extension_drivers = port_security
[ml2_type_flat]
flat_networks = public
[ml2_type_vlan]
[ml2_type_gre]
[ml2_type_vxlan]
vni_ranges = 1:1000
[ml2_type_geneve]
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

# egrep -v ^#\|^$ /etc/neutron/plugins/ml2/linuxbridge_agent.ini 
[linux_bridge]
physical_interface_mappings = public:ens224
[vxlan]
enable_vxlan = True
local_ip = 10.0.20.1
l2_population = True
[agent]
prevent_arp_spoofing = True
[securitygroup]

This means that the external network does not know that the IP address is on the external network interface Network Node and accordingly does not come.

Please help me understand what the problem is, I have completely run out of ideas.

No external traffic even on the external network interface

Hi!

I have new install on RHEL 7.2 Openstack Liberty, and have problem whith with external network - no external traffic, and no errors in the logs. For network I'm use LinuxBridge. Inside, all working well.

I have on one ip address submitted to the external network interface:

# ip netns exec qrouter-c179afdb-32d0-4c95-b786-538550cd8843 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ha-eb5e1ee4-fb@if18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether fa:16:3e:2a:8b:34 brd ff:ff:ff:ff:ff:ff
    inet 169.254.192.7/18 brd 169.254.255.255 scope global ha-eb5e1ee4-fb
       valid_lft forever preferred_lft forever
    inet 169.254.0.1/24 scope global ha-eb5e1ee4-fb
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe2a:8b34/64 scope link 
       valid_lft forever preferred_lft forever
3: qg-f98f1904-a9@if21: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether fa:16:3e:1d:7a:15 brd ff:ff:ff:ff:ff:ff
    inet 172.28.5.11/24 scope global qg-f98f1904-a9
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe1d:7a15/64 scope link nodad 
       valid_lft forever preferred_lft forever

This address on router:

# neutron  router-list
+--------------------------------------+------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+------+
| id                                   | name | external_gateway_info                                                                                                                                                                   | distributed | ha   |
+--------------------------------------+------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+------+
| c179afdb-32d0-4c95-b786-538550cd8843 | 3    | {"network_id": "a07aabc7-e477-46e9-b885-ef647a70e962", "enable_snat": true, "external_fixed_ips": [{"subnet_id": "40ce7b7a-50fe-4bfd-88f4-419fc45c9398", "ip_address": "172.28.5.11"}]} | False       | True |
+--------------------------------------+------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+------+

And on the network node no traffic:

# tcpdump -i any -n -v \ 'icmp[icmptype] = icmp-echoreply or icmp[icmptype] =icmp-echo'
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes

Configs:

# egrep -v ^#\|^$ /etc/neutron/plugins/ml2/ml2_conf.ini
[linux_bridge]
physical_interface_mappings = vlan:ens224,external:ens256
[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vlan
mechanism_drivers = linuxbridge,l2population
extension_drivers = port_security
[ml2_type_flat]
flat_networks = public
[ml2_type_vlan]
[ml2_type_gre]
[ml2_type_vxlan]
vni_ranges = 1:1000
[ml2_type_geneve]
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

# egrep -v ^#\|^$ /etc/neutron/plugins/ml2/linuxbridge_agent.ini 
[linux_bridge]
physical_interface_mappings = public:ens224
[vxlan]
enable_vxlan = True
local_ip = 10.0.20.1
l2_population = True
[agent]
prevent_arp_spoofing = True
[securitygroup]

This means that the external network does not know that the IP address is on the external network interface Network Node and accordingly does not come.

Please help me understand what the problem is, I have completely run out of ideas.

No external traffic even on the external network interface

Hi!

I have new install on RHEL 7.2 Openstack Liberty, and have problem with external network - no external traffic, and no errors in the logs. For network I'm use LinuxBridge. Inside, all working well.

I have one ip address submitted to the external network interface:

# ip netns exec qrouter-c179afdb-32d0-4c95-b786-538550cd8843 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ha-eb5e1ee4-fb@if18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether fa:16:3e:2a:8b:34 brd ff:ff:ff:ff:ff:ff
    inet 169.254.192.7/18 brd 169.254.255.255 scope global ha-eb5e1ee4-fb
       valid_lft forever preferred_lft forever
    inet 169.254.0.1/24 scope global ha-eb5e1ee4-fb
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe2a:8b34/64 scope link 
       valid_lft forever preferred_lft forever
3: qg-f98f1904-a9@if21: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether fa:16:3e:1d:7a:15 brd ff:ff:ff:ff:ff:ff
    inet 172.28.5.11/24 scope global qg-f98f1904-a9
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe1d:7a15/64 scope link nodad 
       valid_lft forever preferred_lft forever

This address on router:

# neutron  router-list
+--------------------------------------+------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+------+
| id                                   | name | external_gateway_info                                                                                                                                                                   | distributed | ha   |
+--------------------------------------+------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+------+
| c179afdb-32d0-4c95-b786-538550cd8843 | 3    | {"network_id": "a07aabc7-e477-46e9-b885-ef647a70e962", "enable_snat": true, "external_fixed_ips": [{"subnet_id": "40ce7b7a-50fe-4bfd-88f4-419fc45c9398", "ip_address": "172.28.5.11"}]} | False       | True |
+--------------------------------------+------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+------+

And on the network node no traffic:

 # tcpdump -i any -n -v \ 'icmp[icmptype] = icmp-echoreply or icmp[icmptype] =icmp-echo'
 tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
^C
0 packets captured
0 packets received by filter
0 packets dropped by kernel

Configs:

# egrep -v ^#\|^$ /etc/neutron/plugins/ml2/ml2_conf.ini
[linux_bridge]
physical_interface_mappings = vlan:ens224,external:ens256
[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vlan
mechanism_drivers = linuxbridge,l2population
extension_drivers = port_security
[ml2_type_flat]
flat_networks = public
[ml2_type_vlan]
[ml2_type_gre]
[ml2_type_vxlan]
vni_ranges = 1:1000
[ml2_type_geneve]
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

# egrep -v ^#\|^$ /etc/neutron/plugins/ml2/linuxbridge_agent.ini 
[linux_bridge]
physical_interface_mappings = public:ens224
[vxlan]
enable_vxlan = True
local_ip = 10.0.20.1
l2_population = True
[agent]
prevent_arp_spoofing = True
[securitygroup]

This means that the external network does not know that the IP address is on the external network interface Network Node and accordingly does not come.

Please help me understand what the problem is, I have completely run out of ideas.