Open Stack

That's quite how it's supposed to work; however, I'm just now working on
getting full scenario testing for that implementation in the gate so it's
possible there may be bugs with it.

There is an open patch here to fix some forwarding issues caused by the MAC
address: https://review.openstack.org/#/c/436541/
And this patch was just recently back-ported to Newton so you will need to
make sure you have it included or else the port won't be attached into the
bridge, which is what you may be seeing:
https://review.openstack.org/#/c/434442/

Once you have that latter patch installed, you should see something like
the following:

[tap-parentdevice] -> [bridge-for-net1]

[tap-subport] -> [bridge-for-net2]


Then if you run "ip -d link show", you should see an entry showing
tap-subport is a child of tap-parentdevice with some output like the
following (tap182c5831-5b is the child, tapd84f2134-06 is the parent, and
VLAN 10 is the subport segmentation ID):

46: tap182c5831-5b at tapd84f2134-06: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu
1450 qdisc noqueue master brq0b3b6476-3b state UP mode DEFAULT group
default qlen 1000
    link/ether fa:16:3e:f3:e5:a6 brd ff:ff:ff:ff:ff:ff promiscuity 1
    vlan protocol 802.1Q id 10 <REORDER_HDR>
    bridge_slave state forwarding priority 32 cost 100 hairpin off guard
off root_block off fastleave off learning on flood on addrgenmode eui64



If you run tcpdump on bridge-for-net2 or bridge-for-net1 you shouldn't ever
see the VLAN segmentation ID for the subport. The only place you should see
it is if you run tcpdump on the parent port itself.


Let me know if any of that needs clarification.

Cheers,
Kevin Benton

On Wed, Feb 22, 2017 at 7:14 AM, Charles 'Boyo <charlesboyo at gmail.com>
wrote:

> Hello all.
>
> I recently setup the trunk-port plugin in a Newton environment using ML2
> LinuxBridge and VLAN segmentation.
>
> In my setup, the parent-port is a VLAN network (net1) with VLAN-ID 104
> while the child-port is attached to another network (net2) with VLAN-ID 50.
> The physnet (br-vlan) is attached to eth1 on the compute host.
>
> On starting an instance with the parent-port, I observe that the
> child-port in plumbed atop the parent such that traffic through it is
> double-tagged 104 + 50 as observed from the underlying host physical
> network (eth1) even though there is another bridge setup for net2 with
> VLAN-ID 50.
>
> The above description matches how VLAN sub-interfaces are usually setup
> with Linux bridging but it isn't what I want to achieve here. My
> requirement is that the child-port is attached in such a way as to have
> it's traffic exit the physnet with a single VLAN tag of 50. Is that even
> possible with the current approach to implementing trunk-port on Linux
> bridges?
>
> In my understanding, having created a VLAN 50 sub-interface on the physnet
> (br-vlan) for the net2 bridge, all VLAN 50 traffic is shunted to net2 by
> the Linux bridging code so communication with the external VLAN 50 network
> must be via the net2 bridge. Would that mean the parent-port must be
> attached to a flat network directly connected to the br-vlan physnet?
>
> Regards,
>
> Charles
>
> _______________________________________________
> OpenStack-operators mailing list
> OpenStack-operators at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20170222/d9955f42/attachment.html>