Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Problem with openvswitch and vlan

I'm following the provider network with vSwitch setup and I'm stuck at booting an instance. (http://docs.openstack.org/mitaka/networking-guide/scenario-provider-ovs.html)

From what I can tell it looks like dhcp is not able to go from controller node to compute nodes. I have this network setup:

controller
 - eth0: 10.1.0.11
 - eth1 tagged for vlan 200 (10.2.0.0/23)
compute1
 - eth0: 10.1.0.31
 - eth1 tagged for vlan 200 (10.2.0.0/23)
compute2
 - eth0: 10.1.0.32
 - eth1 tagged for vlan 200 (10.2.0.0/23)


root@controller:~# lsb_release -a
Distributor ID: Ubuntu
Description:    Ubuntu 14.04.4 LTS
Release:    14.04
Codename:   trusty

this is from the console on my instance: (multiple images and compute nodes. same error)

[ 1676.128104] dhclient[279]: No working leases in persistent database - sleeping.
[ 2073.296531] dhclient[279]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 7
[ 2080.745989] dhclient[279]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 10
[ 2090.782171] dhclient[279]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 10
[ 2100.403171] dhclient[279]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 13
[ 2113.749431] dhclient[279]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 7
[ 2121.037653] dhclient[279]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 7
[ 2127.301099] dhclient[279]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 7
[ 2134.368263] dhclient[279]: No DHCPOFFERS received.

btw this is my first time trying to setup Openstack so I'm sure I'm doing something wrong.

I collected some information but I assumed that I would be able to ping the gateway at 10.2.0.4 from the provider-200 net side but I can't. Is this the reason that dhcp requests are not reaching compute nodes?

I also tried to remove openvswith and use linuxrouter with a flat network and that works fine. But for a small private cloud I'm assuming that a provider network where each compute node just talks directly to our switch is the best setup.

We are looking into replacing a setup with all esxi hosts using a similar setup. (but in esxi I can have two interfaces and send both management traffic AND prod,dev,qa,staging,other tags down the same links. and iscsi down the other links... )

root@controller:~# ip netns exec qdhcp-03882529-d73d-4ad6-a96e-f83a9147f91f ifconfig
tapb8b07cf8-ba Link encap:Ethernet  HWaddr fa:16:3e:13:4d:02
          inet addr:10.2.0.50  Bcast:10.2.1.255  Mask:255.255.254.0
          inet6 addr: fe80::f816:3eff:fe13:4d02/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:648 (648.0 B)

root@controller:~# ping 10.2.0.50
PING 10.2.0.50 (10.2.0.50) 56(84) bytes of data.
--- 10.2.0.50 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2017ms

root@controller:~# ip netns exec qdhcp-03882529-d73d-4ad6-a96e-f83a9147f91f ping 10.2.0.50
PING 10.2.0.50 (10.2.0.50) 56(84) bytes of data.
64 bytes from 10.2.0.50: icmp_seq=1 ttl=64 time=0.092 ms
64 bytes from 10.2.0.50: icmp_seq=2 ttl=64 time=0.062 ms
--- 10.2.0.50 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.062/0.077/0.092/0.015 ms

root@controller:~# ip netns exec qdhcp-03882529-d73d-4ad6-a96e-f83a9147f91f ping 10.2.0.4
PING 10.2.0.4 (10.2.0.4) 56(84) bytes of data.
--- 10.2.0.4 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms

root@controller:~# ping 10.2.0.4
PING 10.2.0.4 (10.2.0.4) 56(84) bytes of data.
64 bytes from 10.2.0.4: icmp_seq=1 ttl=255 time=0.805 ms
64 bytes from 10.2.0.4: icmp_seq=2 ttl=255 time=0.545 ms
--- 10.2.0.4 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.545/0.675/0.805/0.130 ms

root@controller:/etc/neutron/plugins/ml2# ovs-vsctl show
cefc99d2-0534-4c62-8006-07762b112496
    Bridge br-int
        fail_mode: secure
        Port int-br-provider
            Interface int-br-provider
                type: patch
                options: {peer=phy-br-provider}
        Port br-int
            Interface br-int
                type: internal
        Port "tapb8b07cf8-ba"
            tag: 1
            Interface "tapb8b07cf8-ba"
                type: internal
    Bridge br-provider
        Port "eth1"
            Interface "eth1"
        Port br-provider
            Interface br-provider
                type: internal
        Port phy-br-provider
            Interface phy-br-provider
                type: patch
                options: {peer=int-br-provider}
    ovs_version: "2.5.0"

root@controller:/etc/neutron/plugins/ml2# ovs-ofctl dump-flows br-provider
NXST_FLOW reply (xid=0x4):
 cookie=0xbd7ad4ccb4cbce63, duration=13012.386s, table=0, n_packets=20, n_bytes=896, idle_age=1033, priority=4,in_port=2,dl_vlan=1 actions=mod_vlan_vid:200,NORMAL
 cookie=0xbd7ad4ccb4cbce63, duration=13803.748s, table=0, n_packets=6, n_bytes=508, idle_age=13014, priority=2,in_port=2 actions=drop
 cookie=0xbd7ad4ccb4cbce63, duration=13804.810s, table=0, n_packets=48, n_bytes=2880, idle_age=523, priority=0 actions=NORMAL

root@controller:~# neutron port-list
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------+
| id                                   | name | mac_address       | fixed_ips                                                                        |
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------+
| 71c76afc-487b-4f7e-bb89-0cb385a8f6c5 |      | fa:16:3e:31:e4:07 | {"subnet_id": "08a717d8-77d4-455c-a5af-517126841ca2", "ip_address": "10.2.0.51"} |
| b8b07cf8-ba7b-4a77-87bd-e10ecd1e16b3 |      | fa:16:3e:13:4d:02 | {"subnet_id": "08a717d8-77d4-455c-a5af-517126841ca2", "ip_address": "10.2.0.50"} |
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------+
root@controller:~# neutron subnet-list
+--------------------------------------+---------------------+-------------+---------------------------------------------+
| id                                   | name                | cidr        | allocation_pools                            |
+--------------------------------------+---------------------+-------------+---------------------------------------------+
| 08a717d8-77d4-455c-a5af-517126841ca2 | provider-200-subnet | 10.2.0.0/23 | {"start": "10.2.0.50", "end": "10.2.1.254"} |
+--------------------------------------+---------------------+-------------+---------------------------------------------+
root@controller:~# neutron net-list
+--------------------------------------+--------------+--------------------------------------------------+
| id                                   | name         | subnets                                          |
+--------------------------------------+--------------+--------------------------------------------------+
| 03882529-d73d-4ad6-a96e-f83a9147f91f | provider-200 | 08a717d8-77d4-455c-a5af-517126841ca2 10.2.0.0/23 |
+--------------------------------------+--------------+--------------------------------------------------+
root@controller:~# neutron agent-list
+--------------------------------------+--------------------+------------+-------------------+-------+----------------+---------------------------+
| id                                   | agent_type         | host       | availability_zone | alive | admin_state_up | binary                    |
+--------------------------------------+--------------------+------------+-------------------+-------+----------------+---------------------------+
| 03be1024-5841-4677-a276-f9481dac17a5 | Open vSwitch agent | compute2   |                   | :-)   | True           | neutron-openvswitch-agent |
| 482165c3-e242-41d4-a356-1a3cd2fc0249 | DHCP agent         | controller | nova              | :-)   | True           | neutron-dhcp-agent        |
| 7344086c-8801-4964-a887-c053c449f4af | Open vSwitch agent | compute1   |                   | :-)   | True           | neutron-openvswitch-agent |
| 8e97eb32-993c-466f-9d14-fa0483edc6a6 | Metadata agent     | controller |                   | :-)   | True           | neutron-metadata-agent    |
| e69ec5c5-0691-48ba-a9bc-aabdda2077b1 | Open vSwitch agent | controller |                   | :-)   | True           | neutron-openvswitch-agent |
+--------------------------------------+--------------------+------------+-------------------+-------+----------------+---------------------------+