Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

how to configure multiple external networks in RDO Liberty/Mitaka

I have to install a network device that will do QoS for one of my customers. Due I only have one External network for Openstack (192.168.70.0/24), which leads to (beside others) the Internet, and I don’t want to pass all my traffic (where are other customer’s traffic in there) thru this network device, I decide to create another external network (VLAN), that will be used only for this only customer, and will have the network device (physical) on it. So, it will be something like this: image description So, I have my physical environment configured to pass this “new” traffic thru the VLAN 90, and now I have the linux where I’m installing Openstack RDO Liberty (and also tested on Mitaka) all-in-one with this configuration before configuring any bridge on it:

# cat /etc/sysconfig/network-scripts/ifcfg-em1
TYPE=Ethernet
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
NAME=em1
UUID=84d040c4-1070-4587-bfa8-0a67844f050e
DEVICE=em1
ONBOOT=yes
IPADDR=192.168.70.14
PREFIX=24
GATEWAY=192.168.70.1
DNS1=192.168.10.7
DOMAIN=akainix.local
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_PRIVACY=no

# cat /etc/sysconfig/network-scripts/ifcfg-em1.90
VLAN=yes
DEVICE=em1.90
BOOTPROTO=static
ONBOOT=yes
IPADDR=192.168.90.14
NETMASK=255.255.255.0
PHYSDEV=em1

Now, thanks to http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.rpdb.simple.html I learned I have to do this: Everything that comes from the VLAN interface (192.168.90.14, em1.90) have to go to 192.168.90.1:

# echo 200 Testing >> /etc/iproute2/rt_tables
# ip rule add from 192.168.90.14 table Testing
# ip rule ls
0:      from all lookup local
32765:  from 192.168.90.14 lookup Testing
32766:  from all lookup main
32767:  from all lookup default

# ip route add default via 192.168.90.1 dev em1.90 table Testing
# ip route flush cache

So, Now I can reach both interfaces (em1 and em1.90) without problem: image description

So far, so good. The problem is when I try to create a second bridge… then everything goes to hell. When I have only one external bridge, this is what I configure:

# cat  ifcfg-br-ex
DEVICE="br-ex"
BOOTPROTO="static"
IPADDR="192.168.70.14"
NETMASK="255.255.255.0"
DNS1="192.168.10.7"
BROADCAST="192.168.70.255"
GATEWAY="192.168.70.1"
NM_CONTROLLED="no"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="yes"
IPV6INIT=no
ONBOOT="yes"
TYPE="OVSIntPort"
OVS_BRIDGE=br-ex
DEVICETYPE="ovs"

# cat   ifcfg-em1
DEVICE="em1"
ONBOOT="yes"
TYPE="OVSPort"
DEVICETYPE="ovs"
OVS_BRIDGE=br-ex
NM_CONTROLLED=no
IPV6INIT=no

Restart, and then start creating networks, routers, etc. in Openstack and everything goes fine since there… but now, with two external bridges I (guess) need to create… no luck. I tried stuff like http://blog.oddbit.com/2014/05/28/multiple-external-networks-wit/ with no luck. I also tried this:

# cat  ifcfg-br-ex90
DEVICE="br-ex90"
BOOTPROTO="static"
IPADDR="192.168.70.14"
NETMASK="255.255.255.0"
BROADCAST="192.168.70.255"
NM_CONTROLLED="no"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="yes"
IPV6INIT=no
ONBOOT="yes"
TYPE="OVSIntPort"
OVS_BRIDGE=br-ex90
DEVICETYPE="ovs"

# cat   ifcfg-em1.90
DEVICE="em1.90"
ONBOOT="yes"
TYPE="OVSPort"
DEVICETYPE="ovs"
OVS_BRIDGE=br-ex90
NM_CONTROLLED=no
IPV6INIT=no
VLAN=yes
PHYSDEV=em1

But when I restart networking, there lots of errors, and if I try to reboot the box, never goes up because networking, and I have to enter as single mode, delete all bridges and start all over. Any ideas on how to do it?