Open Stack

Hi,

you should look into trunks [1]. They work quite well and cover my  
use-case. But as already mentioned you need to switch off port  
security for the trunk.

Regards,
Eugen

[1] https://docs.openstack.org/neutron/pike/admin/config-trunking.html

Zitat von Rodolfo Alonso Hernandez <ralonsoh at redhat.com>:

> Hello Han:
>
> If you are trying to create a bond, you'll need to perform that operation
> inside the VM. The problem, at least for ML2/OVS and ML2/OVN, is that the
> traffic egressing from this interface won't match the MAC address
> configured. This traffic will be dropped because of the ARP spoofing rules
> unless you disable "port_security_enabled". I'm not sure (I've never
> tested) if LACP mode will work in these backends. In any case, what is the
> user case? Isn't it better to make this bond in the host interfaces? [1]
>
> The IP allocation of a port is something that cannot be manually set. This
> value will depend on the DHCP configuration:
>
>    - If the network has a subnet, the Neutron server will try to assign an
>    IP. If you don't have routed provider network, the value will be  
> "immediate"
>    - For routed provider networks (that I don't think is your case), the
>    value will be "deferred" and will depend on the host the port is bound.
>    - If you choose --no-fixed-ip when creating the port, the value will be
>    "none".
>
>
> The functionality you are looking for was implemented in Nova in [2], *but
> this is available in Yoga, not in Victoria*. This feature allows you to
> create an IP-less port and use it to spawn a VM.
>
> Regards.
>
> [1]
> https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/16.2/html/advanced_overcloud_customization/assembly_network-interface-bonding
> [2]https://review.opendev.org/c/openstack/nova/+/669411
>
>
> On Wed, Apr 19, 2023 at 4:27 PM 韩光宇 <hanguangyu2 at gmail.com> wrote:
>
>> Hello,
>>
>> I have a victoria cluster. I am a bit perplexed about OpenStack
>> networking and was wondering if you could enlighten me on the topic.
>>
>> 1. bond
>> When configuring bond interfaces (bond0/1/2/3) in an OpenStack
>> instance, can I follow the same steps as I would on a physical
>> machine? Are there any particular considerations to keep in mind?
>> Also, when it comes to switch configuration, do I configure virtual
>> machine switches directly or are there specific OpenStack interfaces
>> to use?
>>
>> 2.
>> `openstack port create --network net1 --no-fixed-ip port_net1`
>> I was able to obtain a port with an ip_allocation value of "none"
>> using the above command. I noticed that the ip_allocation value can be
>> set to "none", "deferred", or "immediate". Is there a CLI interface to
>> modify the ip_allocation value of a port, for example, changing "none"
>> to "deferred"? Alternatively, what is the recommended method to make
>> this change?
>>
>> 3.
>> Is it possible for users to set IP addresses within an instance
>> system? For example, if I create an instance without an IP address, is
>> there a mechanism that allows me to set an IP address within the
>> instance system, or can I only modify the port bindings or switch
>> ports externally to change the IP address of an instance?
>>
>> Thank you for your attention to this matter.
>> Best regards,
>> Han Guangyu
>>
>>