Re: [Openstack] OpenVSwitch inside Instance no ARP passthrough

z <bd...@whitestack.com>; OpenStack Mailing List <openstack@lists.openstack.org> Cc: doka...@gmx.com Betreff: Re: [Openstack] OpenVSwitch inside Instance no ARP passthrough Hi Mathias, the fact that you've seen ARP request-reply says that connectivity itself is correct. I think the problem with f

Re: [Openstack] OpenVSwitch inside Instance no ARP passthrough

Hi Mathias, the fact that you've seen ARP request-reply says that connectivity itself is correct. I think the problem with flows configuration inside bridge, which is controlled by ODL. Unfortunately, I never had an experience with ODL and can't comment what it do and how. You can print

Re: [Openstack] OpenVSwitch inside Instance no ARP passthrough

Dear Volodymyr, Benjamin, thanks a lot for your tipps and patience ... but still facing the same problem :/ So I need to bother you again ... I think its something totally stupid, basic I do wrong ... Let me summarize what I did so far: - Update OpenStack to pike (devstack All in Single VM

Re: [Openstack] OpenVSwitch inside Instance no ARP passthrough

Hi Mathias, I'm not so fluent with OVS, but I would recommend to join bridges using special "ports" like Port ovsbr1-patch Interface ovsbr1-patch type: patch options: {peer=ovsbr2-patch} and vice versa, keeping "native" configuration of "port OVSbr1" and "port OVSbr2"

Re: [Openstack] OpenVSwitch inside Instance no ARP passthrough

Mathias, Just to clarify: Which interface in which VM are you pinging from, and which interface in which VM are you pinging to? Also, if i recall correctly, in Mitaka, besides disabling port security, you had to disable ARP spoofing prevention for a scenario like this to work. In ml2_conf.ini:

Re: [Openstack] OpenVSwitch inside Instance no ARP passthrough

Dear Benjamin, Volodymyr, good question ;) ... I like to experiment with some kind of "Firewall NFV" ... but in the first step, I want to build a Router VM between two networks (and later extend it with some flow rules) ... OpenStack, in my case, is more a foundation to build a "test

Re: [Openstack] OpenVSwitch inside Instance no ARP passthrough

Dear Mathias, Could you attach a diagram of your network configuration and of what you are trying to achieve? Are you trying to install OVS inside a VM? If so, why? Greetings, Benjamin On Thu, Feb 1, 2018 at 8:30 AM, Volodymyr Litovka wrote: > Dear Mathias, > > if I correctly

Re: [Openstack] OpenVSwitch inside Instance no ARP passthrough

Dear Mathias, if I correctly understand your configuration, you're using bridges inside VM and it configuration looks a bit strange: 1) you use two different bridges (OVSbr1/192.168.120.x and OVSbr2/192.168.110.x) and there is no patch between them so they're separate 2) while ARP requests

Re: [Openstack] OpenVSwitch inside Instance no ARP passthrough

Dear Volodymyr, all, thanks for your fast answer ... but I'm still facing the same problem, still can't ping the instance with configured and up OVS bridge ... may because I'm quite new to OpenStack and OpenVswitch and didn't see the problem ;) My setup is devstack Mitaka in single machine

Re: [Openstack] OpenVSwitch inside Instance no ARP passthrough

Hi Mathias, whether you have all corresponding bridges and patches between them as described in openvswitch_agent.ini using integration_bridge tunnel_bridge int_peer_patch_port tun_peer_patch_port bridge_mappings parameters? And make sure, that service "neutron-ovs-cleanup" is in use during