Before you rebuild, I suggest you ping at the interval of 0.01, then, take "ovs-ofctl dump-flows br-int" and save it to a file. The relevant columns are table and n_packets. Wait a couple of seconds, then take the dump again. Compare and find the entries that increment at the rate of your ping.
If you don't see the hits in the tables - check iptables, kmod, etc. If you ser them, use trace to figure out why your traffic is being dropped. Regards, Paul Get Outlook for iOS<https://aka.ms/o0ukef> ________________________________ From: ovs-discuss-boun...@openvswitch.org <ovs-discuss-boun...@openvswitch.org> on behalf of den...@exemail.com.au <den...@exemail.com.au> Sent: Saturday, May 12, 2018 11:45:57 PM To: Orabuntu-LXC Cc: ovs-discuss@openvswitch.org Subject: Re: [ovs-discuss] Openvswitch and LXC integration on Ubuntu 18.04 Thanks. I tried that and still unable to ping from the LXC container to the IP address set on the bridge. I will rebuild everything from scratch and retry. > Check sysctl settings. Check/set these on the LXC host machine in the > /etc/sysctl.conf (or in a new file in the /etc/sysctl.d directory, e.g you > could call it /etc/sysctl.d/60-lxc.conf) : > > net.ipv4.conf.default.rp_filter=0 > net.ipv4.conf.all.rp_filter=0 > net.ipv4.ip_forward=1 > > Reference: > https://thenewstack.io/solving-a-common-beginners-problem-when-pinging-from-an-openstack-instance/ > > > > On Sat, May 12, 2018 at 7:09 AM, <den...@exemail.com.au> wrote: > >> Thanks for the response and links. I will watch the OvS Con videos. >> >> I have now successfully started the container, but unable to ping out or >> into the container. >> >> I have modified my /var/lib/vm1/conf to be >> >> # Network configuration >> lxc.net.0.type = veth >> lxc.net.0.link = br-int <- Name of my internal container bridge >> lxc.net.0.flags = up >> lxc.net.0.name=eth0 >> lxc.net.0.hwaddr = 00:16:3e:d2:23:a8 . <- This was in the conf when >> created. >> >> >> When I start the container - I can see the port be added to the bridge >> on >> the host system >> >> # sudo lxc-start -n vm1 >> # sudo ovs-vsctl show >> c3d9247e-68f1-4ae1-be0e-4bb86fd2c541 >> Bridge br-dmz >> Port br-dmz >> Interface br-dmz >> type: internal >> Bridge br-int >> Port "veth4U4B0B" <- New port added when >> container starts >> Interface "veth4U4B0B" >> Port br-int >> Interface br-int >> type: internal >> Port "enp2s0" >> Interface "enp2s0" >> ovs_version: "2.9.0" >> >> The bridge br-int has self IP 192.168.10.1/24 - that I added using >> (after >> reboot) >> >> # sudo ip addr del 192.168.0.1/24 dev br-int >> >> 5: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group >> default qlen 1000 >> link/ether 00:01:80:82:f8:59 brd ff:ff:ff:ff:ff:ff >> inet 192.168.10.1/24 scope global br-int >> valid_lft forever preferred_lft forever >> >> and the new port >> >> 8: veth4U4B0B@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc >> noqueue master ovs-system state UP group default qlen 1000 >> link/ether fe:b8:87:1b:1e:5e brd ff:ff:ff:ff:ff:ff link-netnsid 0 >> inet6 fe80::fcb8:87ff:fe1b:1e5e/64 scope link >> valid_lft forever preferred_lft forever >> >> Inside the container I set the IP of eth0 device using >> >> ubuntu@vm1:~$ sudo ip addr add 192.168.10.2/24 dev eth0 >> >> ubuntu@vm1:~$ ip a >> 7: eth0@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue >> state UP group default qlen 1000 >> link/ether 00:16:3e:d2:23:a8 brd ff:ff:ff:ff:ff:ff link-netnsid 0 >> inet 192.168.10.2/24 scope global eth0 >> valid_lft forever preferred_lft forever >> inet6 fe80::216:3eff:fed2:23a8/64 scope link >> valid_lft forever preferred_lft forever >> >> However I still cannot ping the self IP of the bridge. >> >> Is there anything obvious that I have configured wrong? >> >> Thanks >> >> Densha >> >> >> > These materials might help: >> > >> > 1. Presentation on running LXC on OpenvSwitch at OvS Con: >> > >> > https://www.youtube.com/watch?v=MXewSiDvQl4&t=221s (presentation I >> gave >> at >> > OvS Con). >> > >> > I discuss in the preso that for LXC 2.1+, you now have the option to >> > configure OpenvSwitch for LXC in two different ways. You can >> configure >> it >> > using, as you mentioned, the scripts (and this was the way we had to >> do >> it >> > in LXC 1.0.x and 2.0.x. This method has advantage that VLAN's can >> also >> > be >> > configured pretty easily in these scripts too. >> > >> > lxc.net.0.script.up >> > lxc.net.0.script.down >> > >> > Or, starting from 2.1.x you can also configure it directly in the LXC >> > config using for example these parameters: >> > >> > lxc.net.0.type = veth >> > lxc.net.0.link = ovsbr0 >> > lxc.net.0.flags = up >> > lxc.net.0.name = eth0 >> > >> > which is also discussed here: >> > https://discuss.linuxcontainers.org/t/lxc-2-1-has-been-released/487 >> > >> > 2. Also, my Orabuntu-LXC software projects is specifically designed >> for >> > deploying an entire LXC VLAN-tagged infrastructure on OpenvSwitch with >> > just >> > a single command: >> > >> > https://github.com/gstanden/orabuntu-lxc >> > >> > See if these references above help you set it up, and if not, let me >> know. >> > >> > HTH, Gilbert >> > >> > >> > >> > On Sat, May 12, 2018 at 2:32 AM, <den...@exemail.com.au> wrote: >> > >> >> >> >> I am attempting to use LXC containers with OpenVswitch on Ubuntu >> 18.04 >> >> LTS >> >> server. However, I am unable to work out the syntax for the >> container >> >> settings. The container is failing to start due to unable to create >> the >> >> network. >> >> >> >> I did a vanilla install onto a media play with two NIC cards - enp1s0 >> >> and >> >> enp2s0. >> >> >> >> I installed, created, tested and then destroyed a container using lxc >> to >> >> confirm that lxc was functioning correctly on the server. >> >> >> >> #sudo apt-get install lxc lxc-templates wget bridge-utils >> >> #sudo lxc-checkconfig >> >> #sudo lxc-create -n vm1 -t ubuntu >> >> #sudo lxc-start -n vm1 >> >> #sudo lxc-console -n vm1 >> >> #sudo lxc-stop -n vm1 >> >> #sudo lxc-destroy -n vm1 >> >> >> >> I then removed lxc bridge - lxcbr0 by setting USE_LXC_BRIDGE to false >> in >> >> /etc/default/lxc-net and removed lxcbr0 device and rebooted. >> >> >> >> # sudo ip link set lxcbr0 down >> >> # sudo brctl delbr lxcbr0 >> >> >> >> I then installed openvswitch and created two bridges br-dmz (dmz >> >> containers - 172.18.0.0/24) and br-int (internal containers - >> >> 192.168.0.0/24). I have added physical NIC port enp2s0 to br-int as >> I >> >> have a local WAP installed on that interface. >> >> >> >> #sudo apt-get install openvswitch-switch >> >> #sudo ovs-vsctl add-br br-dmz >> >> #sudo ovs-vsctl add-br br-int >> >> #sudo ovs-vsctl add-port br-int enp2s0 >> >> >> >> #sudo ip addr add 172.18.0.1/24 dev br-dmz >> >> #sudo ip addr add 192.168.10.1/24 dev br-int >> >> >> >> #sudo ovs-vsctl show >> >> c3d9247e-68f1-4ae1-be0e-4bb86fd2c541 >> >> Bridge br-dmz >> >> Port br-dmz >> >> Interface br-dmz >> >> type: internal >> >> Bridge br-int >> >> Port br-int >> >> Interface br-int >> >> type: internal >> >> Port "enp2s0" >> >> Interface "enp2s0" >> >> ovs_version: "2.9.0" >> >> >> >> #ip a >> >> >> >> 5: br-dmz: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group >> >> default qlen 1000 >> >> link/ether 7e:86:2a:79:24:4e brd ff:ff:ff:ff:ff:ff >> >> inet 172.18.0.1/24 scope global br-dmz >> >> valid_lft forever preferred_lft forever >> >> 6: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group >> >> default qlen 1000 >> >> link/ether 00:01:80:82:f8:59 brd ff:ff:ff:ff:ff:ff >> >> inet 192.168.10.1/24 scope global br-int >> >> valid_lft forever preferred_lft forever >> >> >> >> >> >> I created a LXC container VM1 and I would like to attach to br-int >> >> >> >> sudo lxc-create -n vm1 -t ubuntu >> >> >> >> Edit VMs config vi /var/lib/lxc/vm1/config >> >> >> >> lxc.net.0.link = br-int <- from lxcbr0 >> >> lxc.net.0.script.up=/etc/lxc/ifup <- added >> >> lxc.net.0.script.down=/etc/lxc/ifdown <- added >> >> >> >> Created scripts to ifup / ifdown interface >> >> >> >> vi /etc/lxc/ifup >> >> #!/bin/bash >> >> BRIDGE=br-int >> >> ovs-vsctl --may-exist add-br $BRIDGE >> >> ovs-vsctl --if-exists del-port $BRIDGE $5 >> >> ovs-vsctl --may-exist add-port $BRIDGE $5 >> >> >> >> vi /etc/lxc/ifdown >> >> #!/bin/bash >> >> ovsBr=br-int >> >> ovs-vsctl --if-exists del-port ${ovsBr} $5 >> >> >> >> chmod +x /etc/lxc/if* >> >> >> >> When I try to start the container using openvswitch I get the >> following >> >> error. >> >> >> >> sudo lxc-start -n vm1 --logfile log.txt >> >> >> >> lxc-start vm1 20180512072653.582 ERROR lxc_conf - >> >> conf.c:run_buffer:347 >> >> - Script exited with status 1 >> >> lxc-start vm1 20180512072653.610 ERROR lxc_network - >> >> network.c:lxc_create_network_priv:2436 - Failed to create network >> device >> >> lxc-start vm1 20180512072653.610 ERROR lxc_start - >> >> start.c:lxc_spawn:1545 - Failed to create the network >> >> lxc-start vm1 20180512072653.610 ERROR lxc_start - >> >> start.c:__lxc_start:1866 - Failed to spawn container "vm1" >> >> lxc-start vm1 20180512072653.610 ERROR lxc_container - >> >> lxccontainer.c:wait_on_daemonized_start:824 - Received container >> state >> >> "STOPPING" instead of "RUNNING" >> >> >> >> >> >> Any idea what I have missed that is causing the container netwok to >> not >> >> be >> >> created. >> >> >> >> Thanks >> >> >> >> Densha >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> _______________________________________________ >> >> discuss mailing list >> >> disc...@openvswitch.org >> >> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss >> >> >> > >> > >> > >> > -- >> > Gilbert Standen >> > Creator Orabuntu-LXC >> > 914-261-4594 >> > gilb...@orabuntu-lxc.com >> > >> >> >> _______________________________________________ >> discuss mailing list >> disc...@openvswitch.org >> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss >> > > > > -- > Gilbert Standen > Creator Orabuntu-LXC > 914-261-4594 > gilb...@orabuntu-lxc.com > _______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
_______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
