Ask Your Question

jbabel's profile - activity

2016-09-19 04:49:38 -0500 commented answer How to configure a flat network with OpenVswitch on Openstack mitaka

Thanks for the answer but i resolved this problem and forgot to close the question. I was in an virtual environnement and the flat network did'nt want to work. I tried on physical servers and it work. By the way there was also DHCP snooping on the network to simplify the troubleshooting.

2016-07-28 14:45:40 -0500 received badge  Nice Question (source)
2016-07-26 08:43:56 -0500 received badge  Student (source)
2016-07-25 07:55:37 -0500 commented answer How to configure a flat network with OpenVswitch on Openstack mitaka

I tested again without success, I also added the neutron agent-list to the post but it is normal.

2016-07-25 07:55:37 -0500 received badge  Commentator
2016-07-25 04:54:05 -0500 commented answer How to configure a flat network with OpenVswitch on Openstack mitaka

Thanks for the answer Mohit. Sorry for the delay but the post was considered spam... I tried the above configuration but it didn't work. Though the agents on both nodes are up and fine. I'll retry today just in case i miss something.

2016-07-14 02:31:29 -0500 commented answer How to configure a flat network with OpenVswitch on Openstack mitaka

Yes I can see the ICMP request getting out. Furthermore if I try to ping from the instance on the lan, the computer receive the request on send back the reply so the problem must be somewhere on the way back. The interfaces of the compute? I add the ebtables and iptables to the post just in case

2016-07-14 01:55:46 -0500 received badge  Enthusiast
2016-07-13 03:02:20 -0500 commented answer How to configure a flat network with OpenVswitch on Openstack mitaka

I have ebtables and iptables on both node. But OpenStack is supposed to manage them no ? I can add rules to the post if needed.

2016-07-13 02:57:10 -0500 commented answer How to configure a flat network with OpenVswitch on Openstack mitaka

I'll need some explanation if you don't mind. The traffic is supposed to pass through the controller or not ? For me, with a flat network we rely on the physical network so we don't need to pass through it but I maybe wrong.

2016-07-12 17:33:29 -0500 commented answer How to configure a flat network with OpenVswitch on Openstack mitaka

Yup I know and the gateway 192.168.0.254 is the valid gateway for the network. I try to ping from a simple computer on the lan. The compute and the controler nodes are connected directly to the lan and accessible from it.

2016-07-12 16:53:34 -0500 commented answer How to configure a flat network with OpenVswitch on Openstack mitaka

After looking closely to the routing table with route -n (I have always used the ip route command before). The problem could be at this level with the network 192.168.0.0 with no valid gateway. Should I change it manually or is there a way for openstack to do it automatically ?

2016-07-12 16:38:33 -0500 commented answer How to configure a flat network with OpenVswitch on Openstack mitaka

I agree with you, ICMP should reach the VM but it doesn't. In fact I see no ICMP traffic while capturing at the three points. The computer send frames but the others get nothing. It's really weird. I'll add the routing table to the post but it seems correct to me.

2016-07-12 04:59:24 -0500 received badge  Famous Question (source)
2016-07-12 04:01:52 -0500 commented answer How to configure a flat network with OpenVswitch on Openstack mitaka

Thanks for answering kaustubh, I already try to trace packet but i can't see where the traffic is lost. It seems normal to me. I added the captures to the post. For the firewall, In order to comply to the docs i changed it but I can't see any difference between iptables_hybrid and OVS firewall.

2016-07-12 03:43:25 -0500 received badge  Editor (source)
2016-07-11 01:38:45 -0500 received badge  Notable Question (source)
2016-07-10 11:10:37 -0500 received badge  Popular Question (source)
2016-07-10 10:35:14 -0500 commented question How to configure a flat network with OpenVswitch on Openstack mitaka

Hi, I already test some configurations with this section filled but no result. Nevertheless I tried again and still no result. Furthermore if I do not add vlan to type_drivers should i still complete this section. I edited the post to explain more the network problem.

2016-07-08 09:52:38 -0500 asked a question How to configure a flat network with OpenVswitch on Openstack mitaka

Hi everybody,

I try to manually setup an openstack mitaka on Centos 7.2.

The test platform is composed of two nodes:

  1. One Controller (Keystone, Glance, Nova api, Neutron)
  2. One Compute (Nova-compute)

I follow the official guide http://docs.openstack.org/mitaka/install-guide-rdo/ in order to install Openstack and everything works fine till neutron configuration.

I would like to use the Networking option 1 (Provider Networks) with OpenVswitch. However I don’t need vlan nor router, the instances must get an IP (static or dhcp) on the lan. I tried many configurations following this http://docs.openstack.org/mitaka/networking-guide/scenario-provider-ovs.html , but I can’t make it work properly.

I wanted to have some advice on this setup. Is it Possible? And how to make it work?

Here are my configuration files:

Tell me if you need more configuration file or command output.

Controller

/etc/neutron/plugins/ml2/ml2_conf.ini

[DEFAULT]
[ml2]
type_drivers = flat
tenant_network_types =
mechanism_drivers = openvswitch
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[ml2_type_geneve]
[ml2_type_gre]
[ml2_type_vlan]
[ml2_type_vxlan]
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

/etc/neutron/plugins/ml2/openvswitch_agent.ini

DEFAULT]
[agent]
[ovs]
bridge_mappings = provider:br-enp0s8
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

ovs-vsctl show

Bridge "br-enp0s8"
        Port "enp0s8"
            Interface "enp0s8"
        Port "br-enp0s8"
            Interface "br-enp0s8"
                type: internal
        Port "phy-br-enp0s8"
            Interface "phy-br-enp0s8"
                type: patch
                options: {peer="int-br-enp0s8"}
    Bridge br-int
        fail_mode: secure
        Port "int-br-enp0s8"
            Interface "int-br-enp0s8"
                type: patch
                options: {peer="phy-br-enp0s8"}
        Port "tapd2c4eaad-31"
            tag: 1
            Interface "tapd2c4eaad-31"
                type: internal
        Port br-int
            Interface br-int
                type: internal

Compute

/etc/neutron/plugins/ml2/openvswitch_agent.ini

[DEFAULT]
[agent]
[ovs]
bridge_mappings = provider:br-enp0s8
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

ovs-vsctl show

Bridge br-int
        fail_mode: secure
        Port "qvo22d7cc0b-a0"
            tag: 1
            Interface "qvo22d7cc0b-a0"
        Port br-int
            Interface br-int
                type: internal
        Port "qvo8115b057-cd"
            tag: 1
            Interface "qvo8115b057-cd"
        Port "int-br-enp0s8"
            Interface "int-br-enp0s8"
                type: patch
                options: {peer="phy-br-enp0s8"}
    Bridge "br-enp0s8"
        Port "enp0s8"
            Interface "enp0s8"
        Port "br-enp0s8"
            Interface "br-enp0s8"
                type: internal
        Port "phy-br-enp0s8"
            Interface "phy-br-enp0s8"
                type: patch
                options: {peer="int-br-enp0s8"}

Update 1 : The real problem in my setup is that neutron seems to work (Instance correctly get an IP) but I can't join them from the LAN. If try to ping there is no result. However broadcast flow works because instances are able to update their MAC table according to equipements on the LAN (Gateway, Computer). By the way security group are configured to let ICMP and SSH pass.

Update 2 : I did the captures that you asked for

On compute host

tcpdump -ne -i enp0s8 ether host 0c:8b:fd:0a:f3:e8 (MAC address of the computer where ping come from)

10:35:36.252660 0c:8b:fd:0a:f3:e8 > Broadcast, ethertype ARP (0x0806), length 60: Request who-has 192.168.0.112 tell 192.168.0.34, length 46
10:35:36.255043 fa:16:3e:38:a3:a6 > 0c:8b:fd:0a:f3:e8, ethertype ARP (0x0806), length 42: Reply 192.168.0.112 is-at fa:16:3e:38:a3:a6, length 28
10:36:06.248391 0c:8b:fd:0a:f3:e8 > Broadcast, ethertype ARP (0x0806), length ...
(more)