From the following, I do see the internal network (demo-net)’s
provider:segmentation_id is 2. The IP in that subnet should map to vlan2,
please correct me if I am wrong. Is there a way to check the packets left from
an instance is equipped with a correct header to enter its trunk port? In the
router namespace, I can not capture any packets. Is there a way to debug this?
Thank you for the advice and help,
Mitchell
root@controller: # neutron net-list
+--------------------------------------+----------+------------------------------------------------------+
| id | name | subnets
|
+--------------------------------------+----------+------------------------------------------------------+
| 5496a11e-6671-406b-9eb8-a6460effc853 | demo-net |
fc31066e-2bca-4ac1-9f9d-b9853c9bc875 192.168.2.0/24 |
| 7c4a2fe1-a100-495b-875a-137ff528033a | ext-net |
ea04fd80-2f44-48cc-ad17-4a64aef4649e 172.29.105.0/24 |
+--------------------------------------+----------+------------------------------------------------------+
root@controller: # neutron net-show 5496a11e-6671-406b-9eb8-a6460effc853
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | 5496a11e-6671-406b-9eb8-a6460effc853 |
| name | demo-net |
| provider:network_type | vlan |
| provider:physical_network | physnet1 |
| provider:segmentation_id | 2 |
| router:external | False |
| shared | False |
| status | ACTIVE |
| subnets | fc31066e-2bca-4ac1-9f9d-b9853c9bc875 |
| tenant_id | 1bc3de8b19384858a1a7a6395e1845e3 |
+---------------------------+--------------------------------------+
root@controller:# neutron net-show 7c4a2fe1-a100-495b-875a-137ff528033a
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | 7c4a2fe1-a100-495b-875a-137ff528033a |
| name | ext-net |
| provider:network_type | vlan |
| provider:physical_network | physnet1 |
| provider:segmentation_id | 1 |
| router:external | True |
| shared | True |
| status | ACTIVE |
| subnets | ea04fd80-2f44-48cc-ad17-4a64aef4649e |
| tenant_id | 7479d4eabeb14b45a7f38269155ec0f5 |
+---------------------------+--------------------------------------+
root@neutron:# ip netns
qdhcp-5496a11e-6671-406b-9eb8-a6460effc853
qrouter-b5e219a7-a81c-45d9-9009-a6696b008be3
root@neutron:# ip netns exec qrouter-b5e219a7-a81c-45d9-9009-a6696b008be3
tcpdump
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on qr-3fd978e0-45, link-type EN10MB (Ethernet), capture size 65535
bytes
^C
0 packets captured
0 packets received by filter
0 packets dropped by kernel
From: Akilesh K [mailto:[email protected]]
Sent: Saturday, March 21, 2015 1:23 AM
To: Mitchell Chen
Cc: [email protected]
Subject: Re: [Openstack] Change from GRE to vlan
vlan id maps to the segmentation-id of the network. Later when you create a
subnet under a network the subnet is associated to the vlan-id(segmentation-id)
of its network.
So all you have to do is provide '--provider:segmentation-id' param while
creating network. I am not sure with the exact param name, though it should be
something like what I have mentioned. I do not have access to my OpenStack, but
you can look it up using 'neutron net-create --help'. I am not sure if the
dashboard allows you to do this, so use the cli. Finally make sure you do this
as 'admin' user.
Thank you,
Ageeleshwar K
On Sat, Mar 21, 2015 at 1:16 AM, Mitchell Chen
<[email protected]<mailto:[email protected]>> wrote:
Hi All,
Thanks you, Ageeleshwar, for the response. I changed the ml2 configuration for
vlan from 1 to 8. The log and dump are in the following. But, I have a question
how the tenant subnet associated with a vlan? I want to have my both tenants
with 192.168.2.x and 192.168.3.x subnets to associate vlan2 and vlan3. How can
I do that with vlan?
Thanks,
Mitchell
[ml2]
type_drivers = vlan
tenant_network_types = vlan
mechanism_drivers = openvswitch
[ml2_type_vlan]
network_vlan_ranges = physnet1:1:8
[ovs]
local_ip = 192.168.1.218
bridge_mappings = physnet1:br-eth1
tenant_network_type = vlan
network_vlan_ranges = physnet1:1:8
integration_bridge = br-int
In my compute node, :
2015-03-20 12:14:32.068 1340 DEBUG neutron.agent.linux.utils
[req-8a174ab2-0a11-4278-afda-bd8a829831f3 None]
Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf',
'ovs-ofctl', 'dump-flows', 'br-int', 'table=22']
Exit code: 0
Stdout: 'NXST_FLOW reply (xid=0x4):\n cookie=0x0, duration=169.473s, table=22,
n_packets=0, n_bytes=0, idle_age=169, priority=0 actions=drop\n'
Stderr: '' execute
/usr/lib/python2.7/dist-packages/neutron/agent/linux/utils.py:75
2015-03-20 12:14:32.069 1340 DEBUG
neutron.plugins.openvswitch.agent.ovs_neutron_agent
[req-8a174ab2-0a11-4278-afda-bd8a829831f3 None] Agent rpc_loop - iteration:84
completed. Processed ports statistics: {'ancillary': {'removed': 0, 'added':
0}, 'regular': {'updated': 0, 'added': 0, 'removed': 0}}. Elapsed:0.065
rpc_loop
/usr/lib/python2.7/dist-packages/neutron/plugins/openvswitch/agent/ovs_neutron_agent.py:1388
2015-03-20 12:14:34.007 1340 DEBUG
neutron.plugins.openvswitch.agent.ovs_neutron_agent
[req-8a174ab2-0a11-4278-afda-bd8a829831f3 None] Agent rpc_loop - iteration:85
started rpc_loop
/usr/lib/python2.7/dist-packages/neutron/plugins/openvswitch/agent/ovs_neutron_agent.py:1287
2015-03-20 12:14:34.008 1340 DEBUG neutron.agent.linux.utils
[req-8a174ab2-0a11-4278-afda-bd8a829831f3 None] Running command: ['sudo',
'/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ovs-ofctl',
'dump-flows', 'br-int', 'table=22'] create_process
/usr/lib/python2.7/dist-packages/neutron/agent/linux/utils.py:48
root@compute:# ovs-ofctl dump-flows br-eth1
NXST_FLOW reply (xid=0x4):
cookie=0x0, duration=1111.903s, table=0, n_packets=1070, n_bytes=191705,
idle_age=0, priority=4,in_port=4,dl_vlan=1 actions=mod_vlan_vid:2,NORMAL
cookie=0x0, duration=1113.399s, table=0, n_packets=508, n_bytes=95459,
idle_age=6, priority=2,in_port=4 actions=drop
cookie=0x0, duration=1114.149s, table=0, n_packets=613, n_bytes=41365,
idle_age=2, priority=1 actions=NORMAL
root@neutron:# ovs-ofctl dump-flows br-eth1
NXST_FLOW reply (xid=0x4):
cookie=0x0, duration=71982.785s, table=0, n_packets=10, n_bytes=796,
idle_age=65534, hard_age=65534, priority=4,in_port=2,dl_vlan=1
actions=mod_vlan_vid:2,NORMAL
cookie=0x0, duration=75606.253s, table=0, n_packets=29929, n_bytes=5592694,
idle_age=5, hard_age=65534, priority=2,in_port=2 actions=drop
cookie=0x0, duration=75607.504s, table=0, n_packets=1, n_bytes=78,
idle_age=65534, hard_age=65534, priority=1 actions=NORMAL
From: Akilesh K [mailto:[email protected]<mailto:[email protected]>]
Sent: Wednesday, March 18, 2015 11:13 PM
To: Mitchell Chen
Cc: [email protected]<mailto:[email protected]>
Subject: Re: [Openstack] Change from GRE to vlan
Apart from type_driver, there are many other setting in 'ml2_conf.ini'. Like
below
[ml2]
mechanism_drivers=openvswitch
type_drivers=vlan,flat
tenant_network_types=vlan,flat
[ml2_type_flat]
flat_networks=Extnet
[ml2_type_vlan]
network_vlan_ranges=Intnet1:100:200
[ovs]
bridge_mappings=Intnet1:br-eth1, Extnet:br-ex
In above configuration I am using one flat External network 'Extnet' and One
vlan network 'Intnet1'.
I would suggest read through the documentation given in the config file. It is
a good starting point.
In case you need more info we have created a few blog posts that could be of
help.
https://fosskb.wordpress.com/2014/06/19/l2-connectivity-in-openstack-using-openvswitch-mechanism-driver/
https://fosskb.wordpress.com/2014/09/15/l3-connectivity-using-neutron-l3-agent/
https://fosskb.wordpress.com/2014/10/18/openstack-juno-on-ubuntu-14-10/
Do write back if you need any further information.
Thank you,
Ageeleshwar K
On Thu, Mar 19, 2015 at 11:31 AM, Mitchell Chen
<[email protected]<mailto:[email protected]>> wrote:
Hi All,
I have, step by step, followed the OpenStack icehouse installation guide to
install control, compute and neutron nodes. They all run fine like OpenStack
document describes. There is a GRE tunneling connection described in OpenStack
installation guide from compute nodes to a neutron node. We currently plan to
change the GRE tunneling connection to vlan, but I don't see the Openstack
installation describes detail for setting up vlan.
I can see the type driver need to be changed from gre to vlan in ml2_conf.ini
files in all nodes. I also got a HP switch configured vlan trunk ports for each
computer and neutron systems to replace the current flat switch in the physical
private connection.
Besides the above mentioned ml2_conf.ini change and physical connection change,
is there anything else I need to do for setting the vlan connection to get the
external/internal nets, subnets and the router to work again to build
instances? I am going to do this work very soon and will appreciate advices
from your experience.
Thank you,
Mitchell
************* Email Confidentiality Notice ********************
The information contained in this e-mail message (including any
attachments) may be confidential, proprietary, privileged, or otherwise
exempt from disclosure under applicable laws. It is intended to be
conveyed only to the designated recipient(s). Any use, dissemination,
distribution, printing, retaining or copying of this e-mail (including its
attachments) by unintended recipient(s) is strictly prohibited and may
be unlawful. If you are not an intended recipient of this e-mail, or believe
that you have received this e-mail in error, please notify the sender
immediately (by replying to this e-mail), delete any and all copies of
this e-mail (including any attachments) from your system, and do not
disclose the content of this e-mail to any other person. Thank you!
_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to :
[email protected]<mailto:[email protected]>
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
************* Email Confidentiality Notice ********************
The information contained in this e-mail message (including any
attachments) may be confidential, proprietary, privileged, or otherwise
exempt from disclosure under applicable laws. It is intended to be
conveyed only to the designated recipient(s). Any use, dissemination,
distribution, printing, retaining or copying of this e-mail (including its
attachments) by unintended recipient(s) is strictly prohibited and may
be unlawful. If you are not an intended recipient of this e-mail, or believe
that you have received this e-mail in error, please notify the sender
immediately (by replying to this e-mail), delete any and all copies of
this e-mail (including any attachments) from your system, and do not
disclose the content of this e-mail to any other person. Thank you!
_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : [email protected]
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
