[Openstack-operators] [Neutron][Linuxbridge] Problem with configuring linux bridge agent with vxlan networks
Mike Lowe
jomlowe at iu.edu
Fri Oct 2 22:12:50 UTC 2015
One thing that I always forget is iptables rules to allow the udp port 8472 vxlan packets in.
> On Oct 2, 2015, at 4:41 PM, Sławek Kapłoński <slawek at kaplonski.pl> wrote:
>
> Hello,
>
> I'm trying to configure small openstack infra (one network node, 2
> compute nodes) with linux bridge and vxlan tenant networks. I don't know
> what I'm doing wrong but my instances have no connection between
> each other. On compute hosts I run neutron-plugin-linuxbrigde-agent
> with config like:
>
> ------------------
> [ml2_type_vxlan]
> # (ListOpt) Comma-separated list of <vni_min>:<vni_max> tuples
> # enumerating
> # ranges of VXLAN VNI IDs that are available for tenant network
> # allocation.
> #
> vni_ranges = 10000:20000
>
> # (StrOpt) Multicast group for the VXLAN interface. When configured,
> # will
> # enable sending all broadcast traffic to this multicast group. When
> # left
> # unconfigured, will disable multicast VXLAN mode.
> #
> # vxlan_group =
> # Example: vxlan_group = 239.1.1.1
>
> [securitygroup]
> # Controls if neutron security group is enabled or not.
> # It should be false when you use nova security group.
> enable_security_group = True
>
> # Use ipset to speed-up the iptables security groups. Enabling ipset
> # support
> # requires that ipset is installed on L2 agent node.
> enable_ipset = True
>
> firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
>
> [ovs]
> local_ip = 10.1.0.4
>
> [agent]
> tunnel_types = vxlan
>
> [linuxbridge]
> physical_interface_mappings = physnet1:eth1
>
> [vxlan]
> local_ip = 10.1.0.4
> l2_population = True
> enable_vxlan = True
> -------------------
>
> Eth1 is my "tunnel network" which should be used for tunnels. When I
> spawn vms on compute 1 and 2 and after configuring network manually on
> both vms (dhcp is not working also because of broken tunnels probably)
> it not pings.
> Even when I started two instances on same host and they are both
> connected to one bridge:
>
> -------------------
> root at compute-2:/usr/lib/python2.7/dist-packages/neutron# brctl show
> bridge name bridge id STP enabled interfaces
> brq8fe8a32f-e6 8000.ce544d0c0e5d no tap691a138a-6c
> tapbc1e5179-53
> vxlan-10052
> virbr0 8000.5254007611ab yes virbr0-nic
> -------------------
>
> those 2 vms are not pinging each other :/
> I don't have any expeirence with linux bridge in fact (For now I was always
> using ovs). Maybe someone of You will know what I should check or what I should
> configure wrong :/ Generally I was installing this openstack according to
> official openstack documentation but in this docs there is info about ovs+gre
> tunnels and that is what I changed. I'm using Ubuntu 14.04 and Openstack Kilo
> installed from cloud archive repo.
>
> --
> Best regards / Pozdrawiam
> Sławek Kapłoński
> slawek at kaplonski.pl
>
> _______________________________________________
> OpenStack-operators mailing list
> OpenStack-operators at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2312 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20151002/a3327808/attachment.bin>
More information about the OpenStack-operators
mailing list