<div dir="ltr"><div><div><div>Conclusion. Neutron routers under Liberty (Linux Bridge) don't work. Please prove me wrong..... Moving on to manual router creation.<br></div>1: How can I assign a fixed IP to an instance?<br></div>2: If I add routes will they get used? I probably have to create a Port for every route (as Floating IPs do ).<br><br><br></div>------ Session: Trying to create a working router for the 15th time. :-) ----<br><br><br>[root@maersk src]# ifconfig<br>enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500<br> inet 172.22.10.99 netmask 255.255.255.0 broadcast 172.22.10.255<br> inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95 prefixlen 64 scopeid 0x0<global><br> inet6 fe80::ae9e:17ff:feec:5d95 prefixlen 64 scopeid 0x20<link><br> ether ac:9e:17:ec:5d:95 txqueuelen 1000 (Ethernet)<br> RX packets 238 bytes 16020 (15.6 KiB)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 60 bytes 6650 (6.4 KiB)<br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br><br>lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536<br> inet 127.0.0.1 netmask 255.0.0.0<br> inet6 ::1 prefixlen 128 scopeid 0x10<host><br> loop txqueuelen 0 (Local Loopback)<br> RX packets 4985 bytes 1060267 (1.0 MiB)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 4985 bytes 1060267 (1.0 MiB)<br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br><br>virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500<br> inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255<br> ether 52:54:00:33:94:b3 txqueuelen 0 (Ethernet)<br> RX packets 0 bytes 0 (0.0 B)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 0 bytes 0 (0.0 B)<br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br><br>[root@maersk src]# source admin-openrc.sh <br>[root@maersk src]# clear<br><br>[root@maersk src]# neutron net-create public --shared --provider:physical_network public \<br>> --provider:network_type flat<br>Created a new network:<br>+---------------------------+--------------------------------------+<br>| Field | Value |<br>+---------------------------+--------------------------------------+<br>| admin_state_up | True |<br>| id | 9ee73442-5a86-48c0-84da-8f650937fd08 |<br>| mtu | 0 |<br>| name | public |<br>| port_security_enabled | True |<br>| provider:network_type | flat |<br>| provider:physical_network | public |<br>| provider:segmentation_id | |<br>| router:external | False |<br>| shared | True |<br>| status | ACTIVE |<br>| subnets | |<br>| tenant_id | fdf3f98a9b0c4e9e94603d8a84ea41a8 |<br>+---------------------------+--------------------------------------+<br>[root@maersk src]# neutron subnet-create public <a href="http://172.22.10.0/24">172.22.10.0/24</a> --name public \<br>> --allocation-pool start=172.22.10.10,end=172.22.10.90 \<br>> --dns-nameserver 172.22.10.254 --gateway 172.22.10.254 --enable_dhcp False<br>Created a new subnet:<br>+-------------------+--------------------------------------------------+<br>| Field | Value |<br>+-------------------+--------------------------------------------------+<br>| allocation_pools | {"start": "172.22.10.10", "end": "172.22.10.90"} |<br>| cidr | <a href="http://172.22.10.0/24">172.22.10.0/24</a> |<br>| dns_nameservers | 172.22.10.254 |<br>| enable_dhcp | False |<br>| gateway_ip | 172.22.10.254 |<br>| host_routes | |<br>| id | 28683bfe-2410-4f9b-b805-ec3c7aee009a |<br>| ip_version | 4 |<br>| ipv6_address_mode | |<br>| ipv6_ra_mode | |<br>| name | public |<br>| network_id | 9ee73442-5a86-48c0-84da-8f650937fd08 |<br>| subnetpool_id | |<br>| tenant_id | fdf3f98a9b0c4e9e94603d8a84ea41a8 |<br>+-------------------+--------------------------------------------------+<br>[root@maersk src]# ifconfig <br>enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500<br> inet 172.22.10.99 netmask 255.255.255.0 broadcast 172.22.10.255<br> inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95 prefixlen 64 scopeid 0x0<global><br> inet6 fe80::ae9e:17ff:feec:5d95 prefixlen 64 scopeid 0x20<link><br> ether ac:9e:17:ec:5d:95 txqueuelen 1000 (Ethernet)<br> RX packets 5032 bytes 373870 (365.1 KiB)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 2602 bytes 3154215 (3.0 MiB)<br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br><br>lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536<br> inet 127.0.0.1 netmask 255.0.0.0<br> inet6 ::1 prefixlen 128 scopeid 0x10<host><br> loop txqueuelen 0 (Local Loopback)<br> RX packets 46701 bytes 12008341 (11.4 MiB)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 46701 bytes 12008341 (11.4 MiB)<br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br><br>virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500<br> inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255<br> ether 52:54:00:33:94:b3 txqueuelen 0 (Ethernet)<br> RX packets 0 bytes 0 (0.0 B)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 0 bytes 0 (0.0 B)<br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br><br>[root@maersk src]# neutron net-list <br>+--------------------------------------+--------+-----------------------------------------------------+<br>| id | name | subnets |<br>+--------------------------------------+--------+-----------------------------------------------------+<br>| 9ee73442-5a86-48c0-84da-8f650937fd08 | public | 28683bfe-2410-4f9b-b805-ec3c7aee009a <a href="http://172.22.10.0/24">172.22.10.0/24</a> |<br>+--------------------------------------+--------+-----------------------------------------------------+<br>[root@maersk src]# source demo-openrc.sh<br>[root@maersk src]# neutron net-create private<br>Created a new network:<br>+-----------------------+--------------------------------------+<br>| Field | Value |<br>+-----------------------+--------------------------------------+<br>| admin_state_up | True |<br>| id | 573956a6-1378-4100-83c2-db5c3bf9a95c |<br>| mtu | 0 |<br>| name | private |<br>| port_security_enabled | True |<br>| router:external | False |<br>| shared | False |<br>| status | ACTIVE |<br>| subnets | |<br>| tenant_id | 7813be77b1de4196b1c6b77006afa21c |<br>+-----------------------+--------------------------------------+<br>[root@maersk src]# neutron subnet-create private <a href="http://192.168.10.0/24">192.168.10.0/24</a> \<br>> --name private --dns-nameserver 172.22.10.254 --gateway 192.168.10.1<br>Created a new subnet:<br>+-------------------+----------------------------------------------------+<br>| Field | Value |<br>+-------------------+----------------------------------------------------+<br>| allocation_pools | {"start": "192.168.10.2", "end": "192.168.10.254"} |<br>| cidr | <a href="http://192.168.10.0/24">192.168.10.0/24</a> |<br>| dns_nameservers | 172.22.10.254 |<br>| enable_dhcp | True |<br>| gateway_ip | 192.168.10.1 |<br>| host_routes | |<br>| id | 83f4f5e5-13b6-41f2-af07-b96d86847e2b |<br>| ip_version | 4 |<br>| ipv6_address_mode | |<br>| ipv6_ra_mode | |<br>| name | private |<br>| network_id | 573956a6-1378-4100-83c2-db5c3bf9a95c |<br>| subnetpool_id | |<br>| tenant_id | 7813be77b1de4196b1c6b77006afa21c |<br>+-------------------+----------------------------------------------------+<br>[root@maersk src]# ifconfig <br>brq573956a6-13: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450<br> inet6 fe80::6469:36ff:fecc:a4d8 prefixlen 64 scopeid 0x20<link><br> ether da:88:38:4a:06:e1 txqueuelen 0 (Ethernet)<br> RX packets 4 bytes 264 (264.0 B)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 7 bytes 578 (578.0 B)<br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br><br>enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500<br> inet 172.22.10.99 netmask 255.255.255.0 broadcast 172.22.10.255<br> inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95 prefixlen 64 scopeid 0x0<global><br> inet6 fe80::ae9e:17ff:feec:5d95 prefixlen 64 scopeid 0x20<link><br> ether ac:9e:17:ec:5d:95 txqueuelen 1000 (Ethernet)<br> RX packets 5310 bytes 393373 (384.1 KiB)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 2661 bytes 3165497 (3.0 MiB)<br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br><br>lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536<br> inet 127.0.0.1 netmask 255.0.0.0<br> inet6 ::1 prefixlen 128 scopeid 0x10<host><br> loop txqueuelen 0 (Local Loopback)<br> RX packets 50779 bytes 13259383 (12.6 MiB)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 50779 bytes 13259383 (12.6 MiB)<br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br><br>tapbb0ceef0-e6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450<br> inet6 fe80::e816:29ff:fec8:9925 prefixlen 64 scopeid 0x20<link><br> ether ea:16:29:c8:99:25 txqueuelen 1000 (Ethernet)<br> RX packets 7 bytes 578 (578.0 B)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 13 bytes 1066 (1.0 KiB)<br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br><br>virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500<br> inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255<br> ether 52:54:00:33:94:b3 txqueuelen 0 (Ethernet)<br> RX packets 0 bytes 0 (0.0 B)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 0 bytes 0 (0.0 B)<br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br><br>vxlan-92: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450<br> inet6 fe80::d888:38ff:fe4a:6e1 prefixlen 64 scopeid 0x20<link><br> ether da:88:38:4a:06:e1 txqueuelen 0 (Ethernet)<br> RX packets 0 bytes 0 (0.0 B)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 0 bytes 0 (0.0 B)<br> TX errors 0 dropped 16 overruns 0 carrier 0 collisions 0<br><br>[root@maersk src]# source admin-openrc.sh <br>[root@maersk src]# neutron net-update public --router:external <br>Updated network: public<br>[root@maersk src]# source demo-openrc.sh <br>[root@maersk src]# neutron router-create router<br>Created a new router:<br>+-----------------------+--------------------------------------+<br>| Field | Value |<br>+-----------------------+--------------------------------------+<br>| admin_state_up | True |<br>| external_gateway_info | |<br>| id | ff6a61f5-f497-43a1-b245-64ec8e87b488 |<br>| name | router |<br>| routes | |<br>| status | ACTIVE |<br>| tenant_id | 7813be77b1de4196b1c6b77006afa21c |<br>+-----------------------+--------------------------------------+<br>[root@maersk src]# neutron router-interface-add router private<br>Multiple router matches found for name 'router', use an ID to be more specific.<br>[root@maersk src]# neutron router-list <br>+--------------------------------------+--------+-----------------------+<br>| id | name | external_gateway_info |<br>+--------------------------------------+--------+-----------------------+<br>| 5939b796-cae6-4d72-8d34-66e20afb95aa | router | null |<br>| ff6a61f5-f497-43a1-b245-64ec8e87b488 | router | null |<br>+--------------------------------------+--------+-----------------------+<br>[root@maersk src]# neutron router-delete 5939b796-cae6-4d72-8d34-66e20afb95aa <br>Deleted router: 5939b796-cae6-4d72-8d34-66e20afb95aa<br>[root@maersk src]# neutron router-delete ff6a61f5-f497-43a1-b245-64ec8e87b488 <br>Deleted router: ff6a61f5-f497-43a1-b245-64ec8e87b488<br>[root@maersk src]# neutron router-create router<br>Created a new router:<br>+-----------------------+--------------------------------------+<br>| Field | Value |<br>+-----------------------+--------------------------------------+<br>| admin_state_up | True |<br>| external_gateway_info | |<br>| id | a1be1dbd-1a94-4a8c-8093-45a7af89140c |<br>| name | router |<br>| routes | |<br>| status | ACTIVE |<br>| tenant_id | 7813be77b1de4196b1c6b77006afa21c |<br>+-----------------------+--------------------------------------+<br>[root@maersk src]# neutron router-interface-add router private<br>Added interface 74c0d2df-3944-43d7-8be9-2ef0d9242edc to router router.<br>[root@maersk src]# neutron router-gateway-set router public<br>Set gateway for router router<br>[root@maersk src]# source admin-openrc.sh<br>[root@maersk src]# ip netns<br>qrouter-a1be1dbd-1a94-4a8c-8093-45a7af89140c (id: 1)<br>qdhcp-573956a6-1378-4100-83c2-db5c3bf9a95c (id: 0)<br>[root@maersk src]# neutron router-port-list router<br>+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+<br>| id | name | mac_address | fixed_ips |<br>+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+<br>| 21c8decf-e4c8-4467-9266-ca5cfb9c7c20 | | fa:16:3e:d6:29:b4 | {"subnet_id": "28683bfe-2410-4f9b-b805-ec3c7aee009a", "ip_address": "172.22.10.10"} |<br>| 74c0d2df-3944-43d7-8be9-2ef0d9242edc | | fa:16:3e:7b:d6:0f | {"subnet_id": "83f4f5e5-13b6-41f2-af07-b96d86847e2b", "ip_address": "192.168.10.1"} |<br>+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+<br>[root@maersk src]# ping 172.22.10.10<br>PING 172.22.10.10 (172.22.10.10) 56(84) bytes of data.<br>From 172.22.10.99 icmp_seq=1 Destination Host Unreachable<br>From 172.22.10.99 icmp_seq=2 Destination Host Unreachable<br>From 172.22.10.99 icmp_seq=3 Destination Host Unreachable<br>From 172.22.10.99 icmp_seq=4 Destination Host Unreachable<br>From 172.22.10.99 icmp_seq=5 Destination Host Unreachable<br>From 172.22.10.99 icmp_seq=6 Destination Host Unreachable<br>From 172.22.10.99 icmp_seq=7 Destination Host Unreachable<br>From 172.22.10.99 icmp_seq=8 Destination Host Unreachable<br>^C<br>--- 172.22.10.10 ping statistics ---<br>8 packets transmitted, 0 received, +8 errors, 100% packet loss, time 7000ms<br>pipe 4<br>[root@maersk src]# ifconfig <br>brq573956a6-13: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450<br> inet6 fe80::6469:36ff:fecc:a4d8 prefixlen 64 scopeid 0x20<link><br> ether 72:65:0b:f7:66:9c txqueuelen 0 (Ethernet)<br> RX packets 6 bytes 348 (348.0 B)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 8 bytes 648 (648.0 B)<br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br><br>enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500<br> inet 172.22.10.99 netmask 255.255.255.0 broadcast 172.22.10.255<br> inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95 prefixlen 64 scopeid 0x0<global><br> inet6 fe80::ae9e:17ff:feec:5d95 prefixlen 64 scopeid 0x20<link><br> ether ac:9e:17:ec:5d:95 txqueuelen 1000 (Ethernet)<br> RX packets 6360 bytes 464736 (453.8 KiB)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 2867 bytes 3196849 (3.0 MiB)<br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br><br>lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536<br> inet 127.0.0.1 netmask 255.0.0.0<br> inet6 ::1 prefixlen 128 scopeid 0x10<host><br> loop txqueuelen 0 (Local Loopback)<br> RX packets 65582 bytes 17827940 (17.0 MiB)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 65582 bytes 17827940 (17.0 MiB)<br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br><br>tap74c0d2df-39: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450<br> inet6 fe80::7065:bff:fef7:669c prefixlen 64 scopeid 0x20<link><br> ether 72:65:0b:f7:66:9c txqueuelen 1000 (Ethernet)<br> RX packets 10 bytes 864 (864.0 B)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 8 bytes 648 (648.0 B)<br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br><br>tapbb0ceef0-e6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450<br> inet6 fe80::e816:29ff:fec8:9925 prefixlen 64 scopeid 0x20<link><br> ether ea:16:29:c8:99:25 txqueuelen 1000 (Ethernet)<br> RX packets 8 bytes 648 (648.0 B)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 16 bytes 1248 (1.2 KiB)<br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br><br>virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500<br> inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255<br> ether 52:54:00:33:94:b3 txqueuelen 0 (Ethernet)<br> RX packets 0 bytes 0 (0.0 B)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 0 bytes 0 (0.0 B)<br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br><br>vxlan-92: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450<br> inet6 fe80::d888:38ff:fe4a:6e1 prefixlen 64 scopeid 0x20<link><br> ether da:88:38:4a:06:e1 txqueuelen 0 (Ethernet)<br> RX packets 0 bytes 0 (0.0 B)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 0 bytes 0 (0.0 B)<br> TX errors 0 dropped 19 overruns 0 carrier 0 collisions 0<br><br><br><br></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div><div>- Christopher T. Hull<br></div><div>I am presently seeking a new career opportunity Please see career page<br></div><div><a href="http://chrishull.com/career" target="_blank">http://chrishull.com/career</a><br></div><div>333 Orchard Ave, Sunnyvale CA. 94085<br>(415) 385 4865<br></div><div><a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a><br></div><a href="http://chrishull.com" target="_blank">http://chrishull.com</a><br><br></div></div><div><div><br></div></div></div></div></div></div></div></div></div>
<br><div class="gmail_quote">On Wed, Mar 23, 2016 at 4:34 PM, Dan Sneddon <span dir="ltr"><<a href="mailto:dsneddon@redhat.com" target="_blank">dsneddon@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="HOEnZb"><div class="h5">On 03/23/2016 04:06 PM, Christopher Hull wrote:<br>
> Hmmm. Well I'm not using OpenVSwitch. Just LinuxBridge. My CentOS<br>
> 7 install sees emp3s0 where eth0 would usually appear. But this may<br>
> need to be changed to br-ex? The IP address no longer apperas at<br>
> enp3s0, so perhaps that's the issue.<br>
><br>
> When I make changes, I tear down all the networks and rebuild them<br>
> according to instructions. I do this after restarting the machine. I<br>
> wonder if the database needs to be updated as well.<br>
><br>
> su -s /bin/sh -c "neutron-db-manage --config-file<br>
> /etc/neutron/neutron.conf \<br>
> --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron<br>
> systemctl stop neutron-server.service \<br>
> neutron-linuxbridge-agent.service neutron-dhcp-agent.service \<br>
> neutron-metadata-agent.service<br>
> systemctl stop neutron-l3-agent.service<br>
> and restart.<br>
><br>
> Thanks for the help. Yes. It's a bit confusing. Why are router and<br>
> instance ports different? It is for this reason that I figured I could<br>
> just create my own instance/router. But why should I have to? Do<br>
> routers not work unless you use OpenVSwitch? The Liberty install<br>
> instructions (unlike Kilo) don't seem to require installing OpenVSwitch.<br>
><br>
> linux_bridge_agent.ini<br>
> inux_bridge | physical_interface_mappings | public:enp3s0<br>
><br>
> Perhaps br-ex? Or whereever I see my static IP when doing an<br>
> ifconfig :-) Was enp3s0 when CentOS was first installed, but I think<br>
> thats changed somehow.<br>
><br>
> +----------------------------+-----------------------------+--------------------------------------------------------------+<br>
> | linuxbridge_agent: Section | Key |<br>
> Value |<br>
> +----------------------------+-----------------------------+--------------------------------------------------------------+<br>
> | linux_bridge | physical_interface_mappings |<br>
> public:enp3s0 |<br>
> | vxlan | l2_population |<br>
> True |<br>
> | vxlan | local_ip |<br>
> 172.22.10.99 |<br>
> | vxlan | enable_vxlan |<br>
> True |<br>
> | agent | prevent_arp_spoofing |<br>
> True |<br>
> | securitygroup | firewall_driver |<br>
> neutron.agent.linux.iptables_firewall.IptablesFirewallDriver |<br>
> | securitygroup | enable_security_group |<br>
> True |<br>
> +----------------------------+-----------------------------+--------------------------------------------------------------+<br>
><br>
><br>
><br>
> - Christopher T. Hull<br>
> I am presently seeking a new career opportunity Please see career page<br>
> <a href="http://chrishull.com/career" rel="noreferrer" target="_blank">http://chrishull.com/career</a><br>
> 333 Orchard Ave, Sunnyvale CA. 94085<br>
</div></div>> <a href="tel:%28415%29%20385%204865" value="+14153854865">(415) 385 4865</a> <tel:%28415%29%20385%204865><br>
<span class="">> <a href="mailto:chrishull42@gmail.com">chrishull42@gmail.com</a> <mailto:<a href="mailto:chrishull42@gmail.com">chrishull42@gmail.com</a>><br>
> <a href="http://chrishull.com" rel="noreferrer" target="_blank">http://chrishull.com</a><br>
><br>
><br>
><br>
</span><span class="">> On Wed, Mar 23, 2016 at 3:34 PM, Dan Sneddon <<a href="mailto:dsneddon@redhat.com">dsneddon@redhat.com</a><br>
</span><div><div class="h5">> <mailto:<a href="mailto:dsneddon@redhat.com">dsneddon@redhat.com</a>>> wrote:<br>
><br>
> On 03/23/2016 03:05 PM, Christopher Hull wrote:<br>
> > Hi Keven / all;<br>
> ><br>
> > Re: Getting a Neutron Router to work. (set external_network_bridge =<br>
> > blank). Apologies if this got sent twice.<br>
> ><br>
> > Nope, not quite there yet re getting the damn router to work<br>
> (week 3 on<br>
> > this issue).<br>
> ><br>
> > The Liberty install instructions indeed say to set...<br>
> > external_network_bridge =<br>
> ><br>
> > I'm so desperate that I thought the blank space after the = might be<br>
> > the issue. No. Then I noticed these instructions in<br>
> l3_agent.ini itself.<br>
> > -----<br>
> > # When external_network_bridge is set, each L3 agent can be<br>
> associated<br>
> > # with no more than one external network. This value should be set to<br>
> > the UUID<br>
> > # of that external network. To allow L3 agent support multiple<br>
> external<br>
> > # networks, both the external_network_bridge and<br>
> > gateway_external_network_id<br>
> > # must be left empty.<br>
> > # gateway_external_network_id =<br>
> > ----<br>
> ><br>
> > 1: Should gateway_external_network_id = be unoommented?<br>
> > 2: Should I reupdate the database after these changes?<br>
> > su -s /bin/sh -c "neutron-db-manage --config-file<br>
> > /etc/neutron/neutron.conf \<br>
> > --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade<br>
> head" neutron<br>
> ><br>
> > 3: Should external_network_bridge in fact be set to the UUID of the<br>
> > public network?<br>
> ><br>
> > 4. All instances Ports work just fine on public and private network.<br>
> > WHAT is the difference between a Neutron router northbound port<br>
> and an<br>
> > instance port on the public net.<br>
> ><br>
> > Services restarted after config change (just removed space after =<br>
> > actually just in case sloppy Python coding was involved here). In<br>
> > fact, I rebooted the box just to be sure.<br>
> ><br>
> > Making my own instance based router is looking better and better all<br>
> > the time. If Neutron Routers really work, maybe UFO's exist too.<br>
> > :-) j/k<br>
> ><br>
> ><br>
> > Seriously. Thank you for your help. Hope to help the community<br>
> > soon too myself. Trying to get my Gerrit account up and running but<br>
> > the OpenStack.org site won't allow me to sign the Contrib agreement<br>
> > with out getting a server error.<br>
> ><br>
> ><br>
> > ==== Config Details ======<br>
> > Issue Neutron Router Northbound Port won't Ping, is Down<br>
> ><br>
> > [root@maersk src]# ./pluto.py show -p /etc neutron rootwrap.conf<br>
> > ml2_conf.ini l3_agent.ini linuxbridge_agent.ini dhcp_agent.ini<br>
> ><br>
> +-----------------------+------------------------------------+-------------------------------------------------+<br>
> > | neutron: Section | Key |<br>
> > Value |<br>
> ><br>
> +-----------------------+------------------------------------+-------------------------------------------------+<br>
> > | DEFAULT | verbose |<br>
> > True |<br>
> > | DEFAULT | nova_url |<br>
> > <a href="http://controller:8774/v2" rel="noreferrer" target="_blank">http://controller:8774/v2</a> |<br>
> > | DEFAULT | notify_nova_on_port_data_changes |<br>
> > True |<br>
> > | DEFAULT | notify_nova_on_port_status_changes |<br>
> > True |<br>
> > | DEFAULT | auth_strategy |<br>
> > keystone |<br>
> > | DEFAULT | rpc_backend |<br>
> > rabbit |<br>
> > | DEFAULT | allow_overlapping_ips |<br>
> > True |<br>
> > | DEFAULT | service_plugins |<br>
> > router |<br>
> > | DEFAULT | core_plugin |<br>
> > ml2 |<br>
> > | keystone_authtoken | password |<br>
> > mk4968small23buggidntpass |<br>
> > | keystone_authtoken | username |<br>
> > neutron |<br>
> > | keystone_authtoken | project_name |<br>
> > service |<br>
> > | keystone_authtoken | user_domain_id |<br>
> > default |<br>
> > | keystone_authtoken | project_domain_id |<br>
> > default |<br>
> > | keystone_authtoken | auth_plugin |<br>
> > password |<br>
> > | keystone_authtoken | auth_url |<br>
> > <a href="http://controller:35357" rel="noreferrer" target="_blank">http://controller:35357</a> |<br>
> > | keystone_authtoken | auth_uri |<br>
> > <a href="http://controller:5000" rel="noreferrer" target="_blank">http://controller:5000</a> |<br>
> > | database | connection |<br>
> > mysql://neutron:sleestack191@controller/neutron |<br>
> > | nova | password |<br>
> > mk4968small23buggidntpass |<br>
> > | nova | username |<br>
> > nova |<br>
> > | nova | project_name |<br>
> > service |<br>
> > | nova | region_name |<br>
> > RegionOne |<br>
> > | nova | user_domain_id |<br>
> > default |<br>
> > | nova | project_domain_id |<br>
> > default |<br>
> > | nova | auth_plugin |<br>
> > password |<br>
> > | nova | auth_url |<br>
> > <a href="http://controller:35357" rel="noreferrer" target="_blank">http://controller:35357</a> |<br>
> > | oslo_concurrency | lock_path |<br>
> > /var/lib/neutron/tmp |<br>
> > | oslo_messaging_rabbit | rabbit_password |<br>
> > open.g00dke232 |<br>
> > | oslo_messaging_rabbit | rabbit_userid |<br>
> > openstack |<br>
> > | oslo_messaging_rabbit | rabbit_host |<br>
> > controller |<br>
> ><br>
> +-----------------------+------------------------------------+-------------------------------------------------+<br>
> ><br>
> +-------------------+---------------------+--------------------------------------------------------------+<br>
> > | rootwrap: Section | Key |<br>
> > Value |<br>
> ><br>
> +-------------------+---------------------+--------------------------------------------------------------+<br>
> > | DEFAULT | filters_path |<br>
> > /etc/cinder/rootwrap.d,/usr/share/cinder/rootwrap |<br>
> > | DEFAULT | exec_dirs |<br>
> > /sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin |<br>
> > | DEFAULT | use_syslog |<br>
> > False |<br>
> > | DEFAULT | syslog_log_facility |<br>
> > syslog |<br>
> > | DEFAULT | syslog_log_level |<br>
> > ERROR |<br>
> ><br>
> +-------------------+---------------------+--------------------------------------------------------------+<br>
> ><br>
> +-------------------+----------------------+--------------------------+<br>
> > | ml2_conf: Section | Key | Value<br>
> |<br>
> ><br>
> +-------------------+----------------------+--------------------------+<br>
> > | ml2 | extension_drivers | port_security<br>
> |<br>
> > | ml2 | mechanism_drivers |<br>
> linuxbridge,l2population |<br>
> > | ml2 | tenant_network_types | vxlan<br>
> |<br>
> > | ml2 | type_drivers | flat,vlan,vxlan<br>
> |<br>
> > | ml2_type_flat | flat_networks | public<br>
> |<br>
> > | ml2_type_vxlan | vni_ranges | 1:1000<br>
> |<br>
> > | securitygroup | enable_ipset | True<br>
> |<br>
> ><br>
> +-------------------+----------------------+--------------------------+<br>
> ><br>
> +-------------------+--------------------------+-----------------------------------------------------+<br>
> > | l3_agent: Section | Key |<br>
> > Value |<br>
> ><br>
> +-------------------+--------------------------+-----------------------------------------------------+<br>
> > | DEFAULT | external_network_bridge<br>
> > | |<br>
> > | DEFAULT | verbose |<br>
> > True |<br>
> > | DEFAULT | interface_driver |<br>
> > neutron.agent.linux.interface.BridgeInterfaceDriver |<br>
> ><br>
> +-------------------+--------------------------+-----------------------------------------------------+<br>
> ><br>
> +----------------------------+-----------------------------+--------------------------------------------------------------+<br>
> > | linuxbridge_agent: Section | Key |<br>
> > Value |<br>
> ><br>
> +----------------------------+-----------------------------+--------------------------------------------------------------+<br>
> > | linux_bridge | physical_interface_mappings |<br>
> > public:enp3s0 |<br>
> > | vxlan | l2_population |<br>
> > True |<br>
> > | vxlan | local_ip |<br>
> > 172.22.10.99 |<br>
> > | vxlan | enable_vxlan |<br>
> > True |<br>
> > | agent | prevent_arp_spoofing |<br>
> > True |<br>
> > | securitygroup | firewall_driver |<br>
> > neutron.agent.linux.iptables_firewall.IptablesFirewallDriver |<br>
> > | securitygroup | enable_security_group |<br>
> > True |<br>
> ><br>
> +----------------------------+-----------------------------+--------------------------------------------------------------+<br>
> ><br>
> +---------------------+--------------------------+-----------------------------------------------------+<br>
> > | dhcp_agent: Section | Key |<br>
> > Value |<br>
> ><br>
> +---------------------+--------------------------+-----------------------------------------------------+<br>
> > | DEFAULT | dnsmasq_config_file |<br>
> > /etc/neutron/dnsmasq-neutron.conf |<br>
> > | DEFAULT | verbose |<br>
> > True |<br>
> > | DEFAULT | enable_isolated_metadata |<br>
> > True |<br>
> > | DEFAULT | dhcp_driver |<br>
> > neutron.agent.linux.dhcp.Dnsmasq |<br>
> > | DEFAULT | interface_driver |<br>
> > neutron.agent.linux.interface.BridgeInterfaceDriver |<br>
> ><br>
> +---------------------+--------------------------+-----------------------------------------------------+<br>
> ><br>
> ><br>
> ><br>
> ><br>
> ><br>
> ><br>
> ><br>
> ><br>
> ><br>
> ><br>
> > - Christopher T. Hull<br>
> > I am presently seeking a new career opportunity Please see<br>
> career page<br>
> > <a href="http://chrishull.com/career" rel="noreferrer" target="_blank">http://chrishull.com/career</a><br>
> > 333 Orchard Ave, Sunnyvale CA. 94085<br>
</div></div>> > <a href="tel:%28415%29%20385%204865" value="+14153854865">(415) 385 4865</a> <tel:%28415%29%20385%204865><br>
> > <a href="mailto:chrishull42@gmail.com">chrishull42@gmail.com</a> <mailto:<a href="mailto:chrishull42@gmail.com">chrishull42@gmail.com</a>><br>
> <mailto:<a href="mailto:chrishull42@gmail.com">chrishull42@gmail.com</a> <mailto:<a href="mailto:chrishull42@gmail.com">chrishull42@gmail.com</a>>><br>
<span class="">> > <a href="http://chrishull.com" rel="noreferrer" target="_blank">http://chrishull.com</a><br>
> ><br>
> ><br>
> ><br>
> > On Wed, Mar 23, 2016 at 8:50 AM, <<a href="mailto:chrishull42@gmail.com">chrishull42@gmail.com</a> <mailto:<a href="mailto:chrishull42@gmail.com">chrishull42@gmail.com</a>><br>
</span><span class="">> > <mailto:<a href="mailto:chrishull42@gmail.com">chrishull42@gmail.com</a> <mailto:<a href="mailto:chrishull42@gmail.com">chrishull42@gmail.com</a>>>> wrote:<br>
> ><br>
> > Thanks. Will check that.<br>
> > When I create an instance in the public or private nets they ping.<br>
> > Why do router ports behave differently than instance ports? Only<br>
> > the Northbound router port is down and won't ping. Will check<br>
> > settings ASAP thanks<br>
> ><br>
> > Chris.<br>
> ><br>
> > Sent from my iPhone<br>
> ><br>
> > On Mar 23, 2016, at 7:52 AM, Kevin Benton <kevin@benton.pub<br>
</span><span class="">> > <mailto:<a href="mailto:kevin@benton.pub">kevin@benton.pub</a> <mailto:<a href="mailto:kevin@benton.pub">kevin@benton.pub</a>>>> wrote:<br>
> ><br>
> >> Ok. The same settings should apply to Linux bridge.<br>
> >><br>
> >> Make sure you have external_network_bridge defined in your L3<br>
> >> agent as an empty value.<br>
> >><br>
> >> Then your external network should be created with the provider<br>
> >> type of 'flat' and the physical network corresponding to the one<br>
> >> you have defined in your bridge mappings in the L2 agent that<br>
> >> attaches to the bridge going to your external physical network.<br>
> >><br>
> >> On Mar 23, 2016 7:25 AM, <<a href="mailto:chrishull42@gmail.com">chrishull42@gmail.com</a> <mailto:<a href="mailto:chrishull42@gmail.com">chrishull42@gmail.com</a>><br>
</span><span class="">> >> <mailto:<a href="mailto:chrishull42@gmail.com">chrishull42@gmail.com</a> <mailto:<a href="mailto:chrishull42@gmail.com">chrishull42@gmail.com</a>>>> wrote:<br>
> >><br>
> >> Kevin;<br>
> >> Thank you Very much. I'll check. I did a manual Liberty<br>
> >> install so I may have done something wrong. I am using<br>
> >> LinuxBridge (not OpenVSwitch) if that helps. Will post<br>
> >> results to list soon. Would like to be able to use floating<br>
> >> IPs, a more convenient form of ipTables basically.<br>
> >><br>
> >> Chris.<br>
> >><br>
> >> Sent from my iPhone<br>
> >><br>
> >> On Mar 23, 2016, at 7:16 AM, Kevin Benton <kevin@benton.pub<br>
</span><span class="">> >> <mailto:<a href="mailto:kevin@benton.pub">kevin@benton.pub</a> <mailto:<a href="mailto:kevin@benton.pub">kevin@benton.pub</a>>>> wrote:<br>
> >><br>
> >>> Do you have external_network_bridge set to an empty value in<br>
> >>> the l3 agent config? If not, the l3 agent will use a legacy<br>
> >>> mode of wiring up the port and it's status field may not be<br>
> >>> ACTIVE.<br>
> >>><br>
> >>> The routers are tested thousands of times in the gate every<br>
> >>> day, so they work. It's just a matter of getting your<br>
> >>> configuration correct.<br>
> >>><br>
> >>> Yes, you can use a VM to route as well.<br>
> >>><br>
> >>> On Mar 23, 2016 7:06 AM, <<a href="mailto:chrishull42@gmail.com">chrishull42@gmail.com</a> <mailto:<a href="mailto:chrishull42@gmail.com">chrishull42@gmail.com</a>><br>
</span><span class="">> >>> <mailto:<a href="mailto:chrishull42@gmail.com">chrishull42@gmail.com</a> <mailto:<a href="mailto:chrishull42@gmail.com">chrishull42@gmail.com</a>>>> wrote:<br>
> >>><br>
> >>> Hi all;<br>
> >>> It appears that Liberty Neutron routers do not work.<br>
> >>> The Northbound port is always Down.<br>
> >>><br>
> >>> What I'd like to do is dedicate an instance (CentOS) to<br>
> >>> routing between the Public net and other nets. Has<br>
> >>> anyone done this. Setting up the router is trivial.<br>
> >>> But I'm a little worried about interaction with Neutron<br>
> >>> Ports. I need to assign fixed IPs so I can route from<br>
> >>> the Internet to a server instance.<br>
> >>><br>
> >>> Ideas?<br>
> >>><br>
> >>> Thanks<br>
> >>> - Chris.<br>
> >>><br>
> >>> Sent from my iPhone<br>
> >>> _______________________________________________<br>
> >>> OpenStack-operators mailing list<br>
> >>> <a href="mailto:OpenStack-operators@lists.openstack.org">OpenStack-operators@lists.openstack.org</a><br>
> <mailto:<a href="mailto:OpenStack-operators@lists.openstack.org">OpenStack-operators@lists.openstack.org</a>><br>
</span>> >>> <mailto:<a href="mailto:OpenStack-operators@lists.openstack.org">OpenStack-operators@lists.openstack.org</a><br>
<span class="">> <mailto:<a href="mailto:OpenStack-operators@lists.openstack.org">OpenStack-operators@lists.openstack.org</a>>><br>
> >>><br>
> <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators</a><br>
> >>><br>
> ><br>
> ><br>
> ><br>
> > _______________________________________________<br>
> > OpenStack-operators mailing list<br>
> > <a href="mailto:OpenStack-operators@lists.openstack.org">OpenStack-operators@lists.openstack.org</a><br>
</span>> <mailto:<a href="mailto:OpenStack-operators@lists.openstack.org">OpenStack-operators@lists.openstack.org</a>><br>
<span class="">> > <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators</a><br>
> ><br>
><br>
> Definitely the external_network_bridge needs to be explicitly set to<br>
> nothing. That's not the default. I've never had to change the default<br>
> gateway_external_network_id when I set external_network_bridge to a<br>
> blank value.<br>
><br>
> Note that after making changes to external_network_bridge, I've have to<br>
> delete and recreate the router/port/network that was created before<br>
> that change.<br>
><br>
> I assume that your bridge mappings are correct in<br>
> /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini:<br>
><br>
> bridge_mappings =datacentre:br-ex # or whatever you have locally<br>
><br>
> And that the physical_network of the external network matches the<br>
> network name in the bridge_mappings that corresponds to the bridge<br>
> containing the physical interface? Probably your instance ports<br>
> wouldn't work if those things weren't correct, but those are also areas<br>
> where I see failures similar to this.<br>
><br>
> --<br>
> Dan Sneddon | Principal OpenStack Engineer<br>
</span>> <a href="mailto:dsneddon@redhat.com">dsneddon@redhat.com</a> <mailto:<a href="mailto:dsneddon@redhat.com">dsneddon@redhat.com</a>> |<br>
> <a href="http://redhat.com/openstack" rel="noreferrer" target="_blank">redhat.com/openstack</a> <<a href="http://redhat.com/openstack" rel="noreferrer" target="_blank">http://redhat.com/openstack</a>><br>
> <a href="tel:650.254.4025" value="+16502544025">650.254.4025</a> <tel:<a href="tel:650.254.4025" value="+16502544025">650.254.4025</a>> | dsneddon:irc @dxs:twitter<br>
<span class="">><br>
><br>
><br>
><br>
> _______________________________________________<br>
> OpenStack-operators mailing list<br>
> <a href="mailto:OpenStack-operators@lists.openstack.org">OpenStack-operators@lists.openstack.org</a><br>
> <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators</a><br>
><br>
<br>
</span>I didn't mean to confuse you by assuming that you were running Open<br>
vSwitch. You don't have to run Open vSwitch, and some things do work<br>
differently when using Linux bridge.<br>
<br>
If your IP address is no longer on enp3s0, then that might be an<br>
indicator that you have a bridge subsuming enp3s0. In that case, I'm<br>
pretty sure that the physical_interface_mapping should be<br>
public:<bridge>. I spend a lot more time with OVS deployments, though.<br>
<span class="im HOEnZb"><br>
--<br>
Dan Sneddon | Principal OpenStack Engineer<br>
<a href="mailto:dsneddon@redhat.com">dsneddon@redhat.com</a> | <a href="http://redhat.com/openstack" rel="noreferrer" target="_blank">redhat.com/openstack</a><br>
<a href="tel:650.254.4025" value="+16502544025">650.254.4025</a> | dsneddon:irc @dxs:twitter<br>
<br>
</span><div class="HOEnZb"><div class="h5">_______________________________________________<br>
OpenStack-operators mailing list<br>
<a href="mailto:OpenStack-operators@lists.openstack.org">OpenStack-operators@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators</a><br>
</div></div></blockquote></div><br></div>