On Mon, Mar 31, 2014 at 3:46 PM, Shivaramakrishnan Vaidyanathan <[email protected]> wrote: > Sorry for asking so many questions. > How do I achieve it?Do I need to change from the vm or from host?Is there > any command to do this?If so,can you please let me know..Thanks for ur help > in advance > >From the VM. ifconfig eth0 mtu 1300
> > > On Mon, Mar 31, 2014 at 6:42 PM, Gurucharan Shetty <[email protected]> > wrote: >> >> On Mon, Mar 31, 2014 at 3:38 PM, Shivaramakrishnan Vaidyanathan >> <[email protected]> wrote: >> > Hi, >> > Is there a way to tweak ovs-vswitch for handling packets more than mtu >> > size? >> > >> > I get error messages like "openvswitch dropped over-mtu packets >> > 1542>1500" >> I think one way to solve it is to reduce the mtu size of your VM's >> network interface. I suppose this is coming from the GRE tunnel >> overhead. >> >> > >> > >> > On Mon, Mar 31, 2014 at 4:10 PM, Gurucharan Shetty <[email protected]> >> > wrote: >> >> >> >> On Mon, Mar 31, 2014 at 12:52 PM, Shivaramakrishnan Vaidyanathan >> >> <[email protected]> wrote: >> >> > Though I am able to reach any of vm's on a host from another host >> >> > machine.I >> >> > am not able to reach outside ip from the vm's. >> >> Well, if your bridge in the hypervisor does not have a way to reach >> >> outside ips, your VMs can't either. >> >> >> >> One way is to give your VMs 2 interfaces. One of them is a mgmt >> >> interface which should be connected to a bridge in the hypervisor that >> >> also has another port through which you can reach the internet. Other >> >> VM interface is connected to a bridge that has GRE tunnels for your >> >> data network. >> >> >> >> >> >> > >> >> > Also,this is where I find it strange.I have a nfs server process >> >> > running >> >> > on >> >> > host1 vm1. When i try to write to a nfs share from a vm2 on another >> >> > host2 >> >> > connected via gre,i am not able to complete the write. Though the >> >> > mount >> >> > succeeds.Is there any tweeking that needs to be done here? >> >> I don't have any suggestions here. May be you should ask a separate >> >> question for that. >> >> >> >> > >> >> > >> >> > On Mon, Mar 31, 2014 at 3:10 PM, Shivaramakrishnan Vaidyanathan >> >> > <[email protected]> wrote: >> >> >> >> >> >> Hello, >> >> >> Thanks a lot,It worked. >> >> >> I am able to communicate now between the two vm's on different hosts >> >> >> using >> >> >> multiple gre tunnels. >> >> >> But I am not able to communicate to an outside ip(say 4.2.2.2) from >> >> >> vm.Is >> >> >> there a config required for this? >> >> >> How do i give outside connectivity for vm's. >> >> >> >> >> >> >> >> >> On Mon, Mar 31, 2014 at 2:41 PM, Gurucharan Shetty >> >> >> <[email protected]> >> >> >> wrote: >> >> >>> >> >> >>> On Mon, Mar 31, 2014 at 10:07 AM, Shivaramakrishnan Vaidyanathan >> >> >>> <[email protected]> wrote: >> >> >>> > Thanks a lot. >> >> >>> > According to what i understand, >> >> >>> > Host 1: IP -- a.b.c.d >> >> >>> > >> >> >>> > ovs-vsctl add-port virbr3 gre2 -- set interface gre2 type=gre >> >> >>> > options:remote_ip:p.q.r.s options:key=30 >> >> >>> > >> >> >>> > Host2: IP -- p.q.r.s >> >> >>> > ovs-vsctl add-port virbr3 gre2 -- set interface gre2 type=gre >> >> >>> > options:remote_ip:a.b.c.d options:key=30 >> >> >>> > >> >> >>> > Is this what you mentioned?Just to confirm. >> >> >>> Yes. You have 2 pairs of gre tunnels. Each pair should have the >> >> >>> same >> >> >>> key. In the above example that you have given, you have set one >> >> >>> pair >> >> >>> as 30. You can set the other pair as 40. >> >> >>> >> >> >>> >> >> >>> > >> >> >>> > >> >> >>> > On Mon, Mar 31, 2014 at 12:29 PM, Gurucharan Shetty >> >> >>> > <[email protected]> >> >> >>> > wrote: >> >> >>> >> >> >> >>> >> On Mon, Mar 31, 2014 at 9:20 AM, Shivaramakrishnan Vaidyanathan >> >> >>> >> <[email protected]> wrote: >> >> >>> >> > Thanks a lot Gurucharan. >> >> >>> >> > I am pretty new to openvswitch.Can you provide the command to >> >> >>> >> > achieve >> >> >>> >> > this? >> >> >>> >> > Looking forward to your reply. >> >> >>> >> >> >> >>> >> The man page says: >> >> >>> >> .... >> >> >>> >> .... >> >> >>> >> Tunnel Options: >> >> >>> >> These options apply to interfaces with type of gre, >> >> >>> >> ipsec_gre, >> >> >>> >> gre64, >> >> >>> >> ipsec_gre64, vxlan, and lisp. >> >> >>> >> >> >> >>> >> Each tunnel must be uniquely identified by the >> >> >>> >> combination >> >> >>> >> of >> >> >>> >> type, >> >> >>> >> options:remote_ip, options:local_ip, and options:in_key. >> >> >>> >> If >> >> >>> >> two >> >> >>> >> ports >> >> >>> >> are defined that are the same except one has an optional >> >> >>> >> identifier >> >> >>> >> and >> >> >>> >> the other does not, the more specific one is >> >> >>> >> matched >> >> >>> >> first. >> >> >>> >> options:in_key is considered more specific than >> >> >>> >> options:local_ip >> >> >>> >> if a >> >> >>> >> port defines one and another port defines the other. >> >> >>> >> .... >> >> >>> >> ... >> >> >>> >> options : key: optional string >> >> >>> >> Optional. Shorthand to set in_key and out_key at >> >> >>> >> the >> >> >>> >> same >> >> >>> >> time. >> >> >>> >> ... >> >> >>> >> ... >> >> >>> >> >> >> >>> >> So you can do something like: >> >> >>> >> * If you create a new tunnel (the key should be same at both >> >> >>> >> ends >> >> >>> >> and >> >> >>> >> a different key at the other end): >> >> >>> >> ovs-vsctl add-port virbr3 gre2 -- set interface gre2 type=gre >> >> >>> >> options:remote_ip:p.q.r.s options:key=30 >> >> >>> >> >> >> >>> >> (note that your command does not have a '=' and instead has a >> >> >>> >> ':'. >> >> >>> >> Also your "ovs-vsctl show" does not print any o/p) >> >> >>> >> >> >> >>> >> * Or just add a key to a existing tunnel >> >> >>> >> ovs-vsctl set interface gre0 options:key=20 >> >> >>> >> >> >> >>> >> If you can't debug well, start with a simpler configuration. >> >> >>> >> i.e., >> >> >>> >> a >> >> >>> >> single gre tunnel. Once you get that working, you can build on >> >> >>> >> top >> >> >>> >> of >> >> >>> >> it. >> >> >>> >> >> >> >>> >> > >> >> >>> >> > >> >> >>> >> > On Mon, Mar 31, 2014 at 12:15 PM, Gurucharan Shetty >> >> >>> >> > <[email protected]> >> >> >>> >> > wrote: >> >> >>> >> >> >> >> >>> >> >> On Mon, Mar 31, 2014 at 9:12 AM, Shivaramakrishnan >> >> >>> >> >> Vaidyanathan >> >> >>> >> >> <[email protected]> wrote: >> >> >>> >> >> > So in that case,essentially we cant have multiple gre >> >> >>> >> >> > tunnels? >> >> >>> >> >> I think you can use unique keys to distinguish (Read "Tunnel >> >> >>> >> >> Options" >> >> >>> >> >> in "man ovs-vswitchd.conf.db"). >> >> >>> >> >> >> >> >>> >> >> > Though I have multiple bridges that vm's to communicate >> >> >>> >> >> > between >> >> >>> >> >> > each >> >> >>> >> >> > other. >> >> >>> >> >> > The requirement is I need to have multiple internal bridges >> >> >>> >> >> > for >> >> >>> >> >> > vm's >> >> >>> >> >> > and >> >> >>> >> >> > just one external bridge. >> >> >>> >> >> > Is there any alternative? >> >> >>> >> >> > >> >> >>> >> >> > >> >> >>> >> >> > On Mon, Mar 31, 2014 at 11:44 AM, Gurucharan Shetty >> >> >>> >> >> > <[email protected]> >> >> >>> >> >> > wrote: >> >> >>> >> >> >> >> >> >>> >> >> >> On Mon, Mar 31, 2014 at 8:36 AM, Shiva >> >> >>> >> >> >> <[email protected]> >> >> >>> >> >> >> wrote: >> >> >>> >> >> >> > Hello, >> >> >>> >> >> >> > >> >> >>> >> >> >> > I am setting up two gre tunnels between two hosts using >> >> >>> >> >> >> > the >> >> >>> >> >> >> > same >> >> >>> >> >> >> > external >> >> >>> >> >> >> > bridge.In this case (br1).I use virbr3 and virbr2 for >> >> >>> >> >> >> > internal >> >> >>> >> >> >> > communication. >> >> >>> >> >> >> > >> >> >>> >> >> >> > This is my config steps: >> >> >>> >> >> >> > Hypervisor 1: >> >> >>> >> >> >> > External communication >> >> >>> >> >> >> > ovs-vsctl add-br br1 >> >> >>> >> >> >> > ovs-vsctl add-port eth0 >> >> >>> >> >> >> > ifconfig br1 p.q.r.s netmask 255.255.255.0 >> >> >>> >> >> >> > >> >> >>> >> >> >> > Internal bridge for vm communication >> >> >>> >> >> >> > Tunnel1 : >> >> >>> >> >> >> > >> >> >>> >> >> >> > ovs-vsctl add-br virbr3 >> >> >>> >> >> >> > ovs-vsctl show >> >> >>> >> >> >> > ovs-vsctl add-port virbr3 gre2 -- set interface gre2 >> >> >>> >> >> >> > type=gre >> >> >>> >> >> >> > options:remote_ip:a.b.c.d >> >> >>> >> >> >> > >> >> >>> >> >> >> > Tunnel2: >> >> >>> >> >> >> > >> >> >>> >> >> >> > ovs-vsctl add-br virbr2 >> >> >>> >> >> >> > ovs-vsctl show >> >> >>> >> >> >> > ovs-vsctl add-port virbr2 gre0 -- set interface gre0 >> >> >>> >> >> >> > type=gre >> >> >>> >> >> >> > options:remote_ip:a.b.c.d >> >> >>> >> >> >> Consider the case for the traffic coming into Hypervisor1. >> >> >>> >> >> >> I >> >> >>> >> >> >> don't >> >> >>> >> >> >> think it is possible to figure out which of the two end >> >> >>> >> >> >> points >> >> >>> >> >> >> the >> >> >>> >> >> >> packet needs to be delivered to because the 2 gre tunnels >> >> >>> >> >> >> are >> >> >>> >> >> >> not >> >> >>> >> >> >> unique. >> >> >>> >> >> >> >> >> >>> >> >> >> I think if you delete one of your virbr* in each of the >> >> >>> >> >> >> machines, >> >> >>> >> >> >> you >> >> >>> >> >> >> should be able to communicate. >> >> >>> >> >> >> >> >> >>> >> >> >> >> >> >>> >> >> >> > >> >> >>> >> >> >> > >> >> >>> >> >> >> > Hypervisor 2: >> >> >>> >> >> >> > External communication >> >> >>> >> >> >> > ovs-vsctl add-br br1 >> >> >>> >> >> >> > ovs-vsctl add-port eth0 >> >> >>> >> >> >> > ifconfig br1 a.b.c.d netmask 255.255.255.0 >> >> >>> >> >> >> > >> >> >>> >> >> >> > Internal bridge for vm communication >> >> >>> >> >> >> > >> >> >>> >> >> >> > Tunnel1: >> >> >>> >> >> >> > >> >> >>> >> >> >> > >> >> >>> >> >> >> > ovs-vsctl add-br virbr3 >> >> >>> >> >> >> > ovs-vsctl show >> >> >>> >> >> >> > ovs-vsctl add-port virbr3 gre2 -- set interface gre2 >> >> >>> >> >> >> > type=gre >> >> >>> >> >> >> > options:remote_ip:p.q.r.s >> >> >>> >> >> >> > >> >> >>> >> >> >> > Tunnel2: >> >> >>> >> >> >> > >> >> >>> >> >> >> > ovs-vsctl add-br virbr2 >> >> >>> >> >> >> > ovs-vsctl show >> >> >>> >> >> >> > ovs-vsctl add-port virbr3 gre0 -- set interface gre0 >> >> >>> >> >> >> > type=gre >> >> >>> >> >> >> > options:remote_ip:p.q.r.s >> >> >>> >> >> >> > >> >> >>> >> >> >> > >> >> >>> >> >> >> > I am not able to communicate outside world from the >> >> >>> >> >> >> > vm's.I >> >> >>> >> >> >> > am >> >> >>> >> >> >> > just >> >> >>> >> >> >> > able >> >> >>> >> >> >> > to >> >> >>> >> >> >> > reach the host on which vm resides and viceversa.Can you >> >> >>> >> >> >> > please >> >> >>> >> >> >> > let >> >> >>> >> >> >> > me >> >> >>> >> >> >> > know >> >> >>> >> >> >> > what am i missing here? >> >> >>> >> >> >> > >> >> >>> >> >> >> > Your help in this regard is greatly appreciated. >> >> >>> >> >> >> > >> >> >>> >> >> >> > >> >> >>> >> >> >> > _______________________________________________ >> >> >>> >> >> >> > discuss mailing list >> >> >>> >> >> >> > [email protected] >> >> >>> >> >> >> > http://openvswitch.org/mailman/listinfo/discuss >> >> >>> >> >> >> > >> >> >>> >> >> > >> >> >>> >> >> > >> >> >>> >> > >> >> >>> >> > >> >> >>> > >> >> >>> > >> >> >> >> >> >> >> >> > >> > >> > > > _______________________________________________ discuss mailing list [email protected] http://openvswitch.org/mailman/listinfo/discuss
