<div dir="ltr"><div><div>Hi James;<br><br></div>This is incredibly useful!   Thanks a lot for your help.   I did try to reattach Public to Router, same result.  Now looking at the logs (duh) .    See answers inline...  Maybe you can tell what's going on.   See l3-agent log at the end.<br><br><br><br><br><i>Hi Chris,<br><br></i>I saw that too from the previous email, and I guess it’s possible the IP was moved <br>to the bridge automatically. I just haven’t observed that behavior in this case since <br>we don’t IP those interfaces.<br><br>Given that the IP has been moved to the bridge, double check that you are able to ping <br>the gateway of the 172.22.10.x/24 network from the host (if a gateway exists). That <br>appeared to be 172.22.10.254 from previous emails. That will verify that connectivity <br>from the bridge through enp0s3 is good. <br><br><b>[sleestack@maersk ~]$ ping 172.22.10.254<br>PING 172.22.10.254 (172.22.10.254) 56(84) bytes of data.<br>64 bytes from <a href="http://172.22.10.254">172.22.10.254</a>: icmp_seq=1 ttl=255 time=1.09 ms<br>...</b><br><br><br>The current bridges correspond to the public and private networks you setup:<br><br>[root@maersk src]# brctl show<br>bridge name           bridge id        STP enabled     interfaces<br>brq573956a6-13        8000.72650bf7669c    no        tap74c0d2df-39 <- qr-* (inside) router port<br> ^^^ PRIVATE                                         tapbb0ceef0-e6<br>                                                     vxlan-92<br>brq9ee73442-5a        8000.4a157ef499cf    no        enp3s0<br> ^^^ PUBLIC                                          tap788bdea8-02<br>                                                     tapb8f78b33-19<br>                                                     tapbc53b8c7-6a<br>                                                     tapd669011b-bf<br>virbr0        8000.5254003394b3            yes       virbr0-nic<br>  ^^^ Ignore this one<br><br>Your router ports are:<br><br>[root@maersk src]# neutron router-port-list router<br>+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+<br>| id                                   | name | mac_address       | fixed_ips                                                                           |<br>+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+<br>| 21c8decf-e4c8-4467-9266-ca5cfb9c7c20 |      | fa:16:3e:d6:29:b4 | {"subnet_id": "28683bfe-2410-4f9b-b805-ec3c7aee009a", "ip_address": "172.22.10.10"} |<br>| 74c0d2df-3944-43d7-8be9-2ef0d9242edc |      | fa:16:3e:7b:d6:0f | {"subnet_id": "83f4f5e5-13b6-41f2-af07-b96d86847e2b", "ip_address": "192.168.10.1"} |<br>+--------------------------------------+------+-------------------+——————————————————————————————————————————+<br><br>The private port begins with 74c0d2df-39 while the public port begins with 21c8decf-e4. T<br>he private port should be in the private bridge, which it is. The public port should be <br>in the public bridge, and it is not. Normally, that port would be added by Neutron, so <br>the fact that its missing is an issue.<br><br>If you can, please send the output of the following command, where <routerid> equals the <br>actual router ID:<br><br>Ip netns exec qrouter-<routerid> ip addr<br><br><b>[root@maersk src]# ip netns exec qrouter-a1be1dbd-1a94-4a8c-8093-45a7af89140c ip addr  <br>1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN <br>    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00<br>    inet <a href="http://127.0.0.1/8">127.0.0.1/8</a> scope host lo<br>       valid_lft forever preferred_lft forever<br>    inet6 ::1/128 scope host <br>       valid_lft forever preferred_lft forever<br>2: qr-74c0d2df-39@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000<br>    link/ether fa:16:3e:7b:d6:0f brd ff:ff:ff:ff:ff:ff link-netnsid 0<br>    inet <a href="http://192.168.10.1/24">192.168.10.1/24</a> brd 192.168.10.255 scope global qr-74c0d2df-39<br>       valid_lft forever preferred_lft forever<br>    inet6 fe80::f816:3eff:fe7b:d60f/64 scope link <br>       valid_lft forever preferred_lft forever<br>       </b><br><br>You can also try to perform the following:<br><br>neutron router-gateway-clear <routerid><br>neutron router-gateway-set <routerid> public<br><br><b>Great Idea!....<br><br>Tried.  No change.    Great way to diagnoze thngs though.  Thnnks.<br>[root@maersk src]# brctl show<br>bridge name    bridge id        STP enabled    interfaces<br>brq573956a6-13        8000.72650bf7669c    no        tap74c0d2df-39<br>                            tapbb0ceef0-e6<br>                            vxlan-92<br>brq9ee73442-5a        8000.4a157ef499cf    no        enp3s0<br>                            tap788bdea8-02<br>                            tapb8f78b33-19<br>                            tapbc53b8c7-6a<br>                            tapd669011b-bf<br>virbr0        8000.5254003394b3    yes        virbr0-nic<br>[root@maersk src]# neutron router-port-list router<br>+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+<br>| id                                   | name | mac_address       | fixed_ips                                                                           |<br>+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+<br>| 32c71a70-7b97-49d2-a2c1-fa3aee864783 |      | fa:16:3e:12:53:b6 | {"subnet_id": "28683bfe-2410-4f9b-b805-ec3c7aee009a", "ip_address": "172.22.10.16"} |<br>| 74c0d2df-3944-43d7-8be9-2ef0d9242edc |      | fa:16:3e:7b:d6:0f | {"subnet_id": "83f4f5e5-13b6-41f2-af07-b96d86847e2b", "ip_address": "192.168.10.1"} |<br>+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+<br>[root@maersk src]# ping 172.22.10.16<br>PING 172.22.10.16 (172.22.10.16) 56(84) bytes of data.<br>^C<br>--- 172.22.10.16 ping statistics ---<br>3 packets transmitted, 0 received, 100% packet loss, time 1999ms<br><br></b><br>That may be enough to trigger recreating the interface and connecting it to the bridge. <br>Posting the L3 agent/L2 agent log on pastebin/gist if you still have issues could be helpful.<br><br>James<br><br><b>==========<br>Ohhhh........  I wonder what this is?   Doesn't match port?  <br>What is qrouter-a1be1dbd-1a94-4a8c-8093-45a7af89140c?  hmmm<br></b></div><b>Tempted to just delete this file, try again and see what happens.<br></b><div><div><b><br>2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.router_info RuntimeError: <br>2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.router_info Command: ['ip', 'netns', 'add', u'qrouter-a1be1dbd-1a94-4a8c-8093-45a7af89140c']<br>2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.router_info Exit code: 1<br>2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.router_info Stdin: <br>2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.router_info Stdout: <br>2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.router_info Stderr: Cannot create namespace file "/var/run/netns/qrouter-a1be1dbd-1a94-4a8c-8093-45a7af89140c": File exists<br>2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.router_info <br>2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.router_info <br>2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.agent [-] Failed to process compatible router 'a1be1dbd-1a94-4a8c-8093-45a7af89140c'<br>2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.agent Traceback (most recent call last):<br>2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.agent RuntimeError: <br>2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.agent Command: ['ip', 'netns', 'add', u'qrouter-a1be1dbd-1a94-4a8c-8093-45a7af89140c']<br>2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.agent Exit code: 1<br>2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.agent Stdin: <br>2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.agent Stdout: <br>2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.agent Stderr: Cannot create namespace file "/var/run/netns/qrouter-a1be1dbd-1a94-4a8c-8093-45a7af89140c": File exists<br>2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.agent <br>2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.agent <br><br></b><br><br><br></div></div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div><div>- Christopher T. Hull<br></div><div>I am presently seeking a new career opportunity  Please see career page<br></div><div><a href="http://chrishull.com/career" target="_blank">http://chrishull.com/career</a><br></div><div>333 Orchard Ave, Sunnyvale CA. 94085<br>(415) 385 4865<br></div><div><a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a><br></div><a href="http://chrishull.com" target="_blank">http://chrishull.com</a><br><br></div></div><div><div><br></div></div></div></div></div></div></div></div></div>
<br><div class="gmail_quote">On Thu, Mar 24, 2016 at 1:12 PM, James Denton <span dir="ltr"><<a href="mailto:james.denton@rackspace.com" target="_blank">james.denton@rackspace.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">



<div style="word-wrap:break-word">
<div>
<div style="color:rgb(0,0,0);font-size:14px;font-family:Calibri,sans-serif">
Hi Chris,</div>
<div style="color:rgb(0,0,0);font-size:14px;font-family:Calibri,sans-serif">
<br>
</div>
<div style="color:rgb(0,0,0);font-size:14px;font-family:Calibri,sans-serif">
I saw that too from the previous email, and I guess it’s possible the IP was moved to the bridge automatically. I just haven’t observed that behavior in this case since we don’t IP those interfaces.</div>
<div style="color:rgb(0,0,0);font-size:14px;font-family:Calibri,sans-serif">
<br>
</div>
<div style="color:rgb(0,0,0);font-size:14px;font-family:Calibri,sans-serif">
Given that the IP has been moved to the bridge, double check that you are able to ping the gateway of the 172.22.10.x/24 network from the host (if a gateway exists). That appeared to be 172.22.10.254 from previous emails. That will verify that connectivity
 from the bridge through enp0s3 is good. </div>
<div style="color:rgb(0,0,0);font-size:14px;font-family:Calibri,sans-serif">
<br>
</div>
<div style="color:rgb(0,0,0);font-size:14px;font-family:Calibri,sans-serif">
The current bridges correspond to the public and private networks you setup:</div>
<div style="color:rgb(0,0,0);font-size:14px;font-family:Calibri,sans-serif">
<br>
</div>
<div style="color:rgb(0,0,0);font-size:14px;font-family:Calibri,sans-serif">
<font face="Courier"><span style="font-size:medium">[root@maersk src]# brctl show</span><br>
<span style="font-size:medium">bridge name           bridge id        STP enabled     interfaces</span><br>
<span style="font-size:medium">brq573956a6-13        8000.72650bf7669c    no        tap74c0d2df-39 <- qr-* (inside) router port</span><br>
<span style="font-size:medium"> ^^^ PRIVATE                                         tapbb0ceef0-e6</span><br>
<span style="font-size:medium">                                                     vxlan-92</span><br>
<span style="font-size:medium">brq9ee73442-5a        8000.4a157ef499cf    no        enp3s0</span><br>
<span style="font-size:medium"> ^^^ PUBLIC                                          tap788bdea8-02</span><br>
<span style="font-size:medium">                                                     tapb8f78b33-19</span><br>
<span style="font-size:medium">                                                     tapbc53b8c7-6a</span><br>
<span style="font-size:medium">                                                     tapd669011b-bf</span><br>
<span style="font-size:medium">virbr0        8000.5254003394b3            yes       virbr0-nic</span></font><br style="font-family:-webkit-standard">
</div>
<div style="color:rgb(0,0,0);font-size:14px;font-family:Calibri,sans-serif">
<span style="font-family:-webkit-standard;font-size:medium">  ^^^ Ignore this one</span></div>
<div style="color:rgb(0,0,0);font-size:14px;font-family:Calibri,sans-serif">
<span style="font-family:-webkit-standard;font-size:medium"><br>
</span></div>
<div style="color:rgb(0,0,0);font-size:14px;font-family:Calibri,sans-serif">
<span style="font-family:-webkit-standard;font-size:medium">Your router ports are:</span></div>
<div style="color:rgb(0,0,0);font-size:14px;font-family:Calibri,sans-serif">
<span style="font-family:-webkit-standard;font-size:medium"><br>
</span></div>
<div style="color:rgb(0,0,0);font-size:14px;font-family:Calibri,sans-serif">
<font face="Courier">[root@maersk src]# neutron router-port-list router<br>
+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+<br>
| id                                   | name | mac_address       | fixed_ips                                                                           |<br>
+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+<br>
| 21c8decf-e4c8-4467-9266-ca5cfb9c7c20 |      | fa:16:3e:d6:29:b4 | {"subnet_id": "28683bfe-2410-4f9b-b805-ec3c7aee009a", "ip_address": "172.22.10.10"} |<br>
| 74c0d2df-3944-43d7-8be9-2ef0d9242edc |      | fa:16:3e:7b:d6:0f | {"subnet_id": "83f4f5e5-13b6-41f2-af07-b96d86847e2b", "ip_address": "192.168.10.1"} |<br>
+--------------------------------------+------+-------------------+——————————————————————————————————————————+</font></div>
<div style="color:rgb(0,0,0);font-size:14px;font-family:Calibri,sans-serif">
<br>
</div>
<div style="color:rgb(0,0,0);font-size:14px"><font style="font-family:Calibri,sans-serif" face="Calibri,sans-serif">The private port begins with </font><span style="font-family:Courier">74c0d2df-39</span><font style="font-family:Calibri,sans-serif" face="Calibri">
 while the public port begins with </font><span style="font-family:Courier">21c8decf-e4.
</span><font face="Calibri">The private port should be in the private bridge, which it is. The public port should be in the public bridge, and it is
<span style="font-weight:bold"><i>not</i></span>. Normally, that port would be added by Neutron, so the fact that its missing is an issue.</font></div>
<div style="color:rgb(0,0,0);font-size:14px"><font face="Calibri"><br>
</font></div>
<div><font face="Calibri">If you can, please send the output of the following command, where <routerid> equals the actual router ID:</font></div>
<div><font face="Calibri"><br>
</font></div>
<div><font face="Courier">Ip netns exec qrouter-<routerid> ip addr</font></div>
<div><font face="Calibri"><br>
</font></div>
<div>You can also try to perform the following:</div>
<div><br>
</div>
<div><font face="Courier">neutron router-gateway-clear <routerid></font></div>
<div><font face="Courier">neutron router-gateway-set <routerid> public</font></div>
<div style="color:rgb(0,0,0);font-size:14px;font-family:Calibri,sans-serif">
<br>
</div>
<div style="color:rgb(0,0,0);font-size:14px;font-family:Calibri,sans-serif">
<div>
<div>That may be enough to trigger recreating the interface and connecting it to the bridge. Posting the L3 agent/L2 agent log on pastebin/gist if you still have issues could be helpful.</div>
<div><br>
</div>
<div>James</div>
<div><br>
</div>
<div>
<div>
<div>
<div>
<div></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div style="color:rgb(0,0,0);font-size:14px;font-family:Calibri,sans-serif">
<br>
</div>
<span style="color:rgb(0,0,0);font-size:14px;font-family:Calibri,sans-serif">
<div style="font-family:Calibri;font-size:12pt;text-align:left;color:black;BORDER-BOTTOM:medium none;BORDER-LEFT:medium none;PADDING-BOTTOM:0in;PADDING-LEFT:0in;PADDING-RIGHT:0in;BORDER-TOP:#b5c4df 1pt solid;BORDER-RIGHT:medium none;PADDING-TOP:3pt">
<span style="font-weight:bold">From: </span>Christopher Hull <<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a>><br>
<span style="font-weight:bold">Date: </span>Thursday, March 24, 2016 at 2:05 PM<br>
<span style="font-weight:bold">To: </span>James Denton <<a href="mailto:james.denton@rackspace.com" target="_blank">james.denton@rackspace.com</a>>, Christopher Hull <<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a>><br>
<span style="font-weight:bold">Cc: </span>Dan Sneddon <<a href="mailto:dsneddon@redhat.com" target="_blank">dsneddon@redhat.com</a>>, openstack-operators <<a href="mailto:openstack-operators@lists.openstack.org" target="_blank">openstack-operators@lists.openstack.org</a>><br>
<span style="font-weight:bold">Subject: </span>Re: [Openstack-operators] Manual router setup<br>
</div>
<div><br>
</div>
<div>
<div>
<div dir="ltr">
<div>
<div>
<div>Hmmm.   Curiously enough, I now see this.   This was not the case prior to the creation of the nets and subnets in OpenStack.    OpenStack somehow did this.<br>
<br>
brq9ee73442-5a: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500<br>
---->>>>>>  inet 172.22.10.99  <<<<<------- <br>
        netmask 255.255.255.0  broadcast 172.22.10.255<br>
        inet6 2602:306:31fd:1020:4815:7eff:fef4:99cf  prefixlen 64  scopeid 0x0<global><br>
        inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95  prefixlen 64  scopeid 0x0<global><br>
        inet6 fe80::70b5:65ff:fea6:c5d9  prefixlen 64  scopeid 0x20<link><br>
        ether 4a:15:7e:f4:99:cf  txqueuelen 0  (Ethernet)<br>
        RX packets 188163  bytes 10141407 (9.6 MiB)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 14734  bytes 27696525 (26.4 MiB)<br>
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0<br>
<br>
enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500<br>
Used to be here.<br>
        inet6 fe80::ae9e:17ff:feec:5d95  prefixlen 64  scopeid 0x20<link><br>
        ether ac:9e:17:ec:5d:95  txqueuelen 1000  (Ethernet)<br>
        RX packets 947280  bytes 1081759456 (1.0 GiB)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 504788  bytes 63547204 (60.6 MiB)<br>
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0<br>
<br>
</div>
So perhaps I need to change the setting in...<br>
<br>
| linuxbridge_agent<br>
| linux_bridge               | physical_interface_mappings | public:enp3s0   <br>
<br>
</div>
to public:brq9ee73442-5a    ?<br>
<br>
</div>
-Chris<br>
<br>
<br>
<div>
<div><br>
</div>
</div>
</div>
<div class="gmail_extra"><br clear="all">
<div>
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div>
<div>- Christopher T. Hull<br>
</div>
<div>I am presently seeking a new career opportunity  Please see career page<br>
</div>
<div><a href="http://chrishull.com/career" target="_blank">http://chrishull.com/career</a><br>
</div>
<div>333 Orchard Ave, Sunnyvale CA. 94085<br>
<a href="tel:%28415%29%20385%204865" value="+14153854865" target="_blank">(415) 385 4865</a><br>
</div>
<div><a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a><br>
</div>
<a href="http://chrishull.com" target="_blank">http://chrishull.com</a><br>
<br>
</div>
</div>
<div>
<div><br>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<div class="gmail_quote">On Thu, Mar 24, 2016 at 11:58 AM, Christopher Hull <span dir="ltr">
<<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">
<div>
<div>
<div>Hi James;<br>
<br>
</div>
As further proof that I'm just learning this stuff.  :-)   Been a dev for decades, but this industry is vast.   Would like to gather an end to end understanding of how LinuxBridge, etc works sometime.   Meanwhile, here is the current state of my system as per
 your input.<br>
<br>
</div>
... This looks bad.    I'm assuming "enabled = no" isn't right.  :-)   Have not yet moved static IP to br-?? from ephXXX (traditionally known as eth0) yet.<br>
<br>
</div>
Please let me know what you see.  Thanks!  :-)<br>
<div><br>
[root@maersk src]# brctl show<br>
bridge name    bridge id        STP enabled    interfaces<br>
brq573956a6-13        8000.72650bf7669c    no        tap74c0d2df-39<br>
                            tapbb0ceef0-e6<br>
                            vxlan-92<br>
brq9ee73442-5a        8000.4a157ef499cf    no        enp3s0<br>
                            tap788bdea8-02<br>
                            tapb8f78b33-19<br>
                            tapbc53b8c7-6a<br>
                            tapd669011b-bf<br>
virbr0        8000.5254003394b3    yes        virbr0-nic<br>
<br>
<br>
<div><br>
[<span style="font-family:monospace,monospace"><font size="2">root@maersk src]# ./pluto.py list -p /etc 
<br>
List of all Openstack conf files found under: /etc<br>
+----------------------------+-----------------------------------------------------+<br>
| Name                       | Full Path                                           |<br>
+----------------------------+-----------------------------------------------------+<br>
| glance-registry.conf       | /etc/glance/glance-registry.conf                    |<br>
| dnsmasq-neutron.conf       | /etc/neutron/dnsmasq-neutron.conf                   |<br>
| ml2_conf_ofa.ini           | /etc/neutron/plugins/ml2/ml2_conf_ofa.ini           |<br>
| glance-cache.conf          | /etc/glance/glance-cache.conf                       |<br>
| ml2_conf_fslsdn.ini        | /etc/neutron/plugins/ml2/ml2_conf_fslsdn.ini        |<br>
| restproxy.ini              | /etc/neutron/plugins/ml2/restproxy.ini              |<br>
| dhcp_agent.ini             | /etc/neutron/dhcp_agent.ini                         |<br>
| neutron.conf               | /etc/neutron/neutron.conf                           |<br>
| keystone.conf              | /etc/keystone/keystone.conf                         |<br>
| sriov_agent.ini            | /etc/neutron/plugins/ml2/sriov_agent.ini            |<br>
| logging.conf               | /etc/keystone/logging.conf                          |<br>
| glance-api.conf            | /etc/glance/glance-api.conf                         |<br>
| cinder.conf                | /etc/cinder/cinder.conf                             |<br>
| metadata_agent.ini         | /etc/neutron/metadata_agent.ini                     |<br>
| glance-scrubber.conf       | /etc/glance/glance-scrubber.conf                    |<br>
| api-paste.ini              | /etc/cinder/api-paste.ini                           |<br>
| linuxbridge_agent.ini      | /etc/neutron/plugins/ml2/linuxbridge_agent.ini      |<br>
| rootwrap.conf              | /etc/cinder/rootwrap.conf                           |<br>
| ml2_conf_sriov.ini         | /etc/neutron/plugins/ml2/ml2_conf_sriov.ini         |<br>
| l3_agent.ini               | /etc/neutron/l3_agent.ini                           |<br>
| ml2_conf.ini               | /etc/neutron/plugins/ml2/ml2_conf.ini               |<br>
| nova.conf                  | /etc/nova/nova.conf                                 |<br>
| plugin.ini                 | /etc/neutron/plugin.ini                             |<br>
| ml2_conf_brocade_fi_ni.ini | /etc/neutron/plugins/ml2/ml2_conf_brocade_fi_ni.ini |<br>
| ml2_conf_brocade.ini       | /etc/neutron/plugins/ml2/ml2_conf_brocade.ini       |<br>
+----------------------------+-----------------------------------------------------+<br>
[root@maersk src]# ./pluto.py show  -p /etc   linuxbridge_agent.ini  ml2_conf.ini ml2_conf_sriov.ini  
<br>
<span>+----------------------------+-----------------------------+--------------------------------------------------------------+<br>
| linuxbridge_agent: Section | Key                         | Value                                                        |<br>
+----------------------------+-----------------------------+--------------------------------------------------------------+<br>
| linux_bridge               | physical_interface_mappings | public:enp3s0                                                |<br>
| vxlan                      | l2_population               | True                                                         |<br>
| vxlan                      | local_ip                    | 172.22.10.99                                                 |<br>
| vxlan                      | enable_vxlan                | True                                                         |<br>
| agent                      | prevent_arp_spoofing        | True                                                         |<br>
| securitygroup              | firewall_driver             | neutron.agent.linux.iptables_firewall.IptablesFirewallDriver |<br>
| securitygroup              | enable_security_group       | True                                                         |<br>
+----------------------------+-----------------------------+--------------------------------------------------------------+<br>
</span><span>+-------------------+----------------------+--------------------------+<br>
| ml2_conf: Section | Key                  | Value                    |<br>
+-------------------+----------------------+--------------------------+<br>
| ml2               | extension_drivers    | port_security            |<br>
| ml2               | mechanism_drivers    | linuxbridge,l2population |<br>
| ml2               | tenant_network_types | vxlan                    |<br>
| ml2               | type_drivers         | flat,vlan,vxlan          |<br>
| ml2_type_flat     | flat_networks        | public                   |<br>
<br>
| ml2_type_vxlan    | vni_ranges           | 1:1000                   |<br>
| securitygroup     | enable_ipset         | True                     |<br>
+-------------------+----------------------+--------------------------+<br>
</span>+-------------------------+-----+-------+<br>
| ml2_conf_sriov: Section | Key | Value |<br>
+-------------------------+-----+-------+<br>
+-------------------------+-----+-------+<br>
<br>
</font></span><br>
<br>
[root@maersk src]# ip addr  <br>
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN <br>
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00<br>
    inet <a href="http://127.0.0.1/8" target="_blank">127.0.0.1/8</a> scope host lo<br>
       valid_lft forever preferred_lft forever<br>
    inet6 ::1/128 scope host <br>
       valid_lft forever preferred_lft forever<br>
2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master brq9ee73442-5a state UP qlen 1000<br>
    link/ether ac:9e:17:ec:5d:95 brd ff:ff:ff:ff:ff:ff<br>
    inet6 fe80::ae9e:17ff:feec:5d95/64 scope link <br>
       valid_lft forever preferred_lft forever<br>
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN <br>
    link/ether 52:54:00:33:94:b3 brd ff:ff:ff:ff:ff:ff<br>
    inet <a href="http://192.168.122.1/24" target="_blank">192.168.122.1/24</a> brd 192.168.122.255 scope global virbr0<br>
       valid_lft forever preferred_lft forever<br>
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 500<br>
    link/ether 52:54:00:33:94:b3 brd ff:ff:ff:ff:ff:ff<br>
6: tapbb0ceef0-e6@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc pfifo_fast master brq573956a6-13 state UP qlen 1000<br>
    link/ether ea:16:29:c8:99:25 brd ff:ff:ff:ff:ff:ff link-netnsid 0<br>
    inet6 fe80::e816:29ff:fec8:9925/64 scope link <br>
       valid_lft forever preferred_lft forever<br>
7: vxlan-92: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master brq573956a6-13 state UNKNOWN
<br>
    link/ether da:88:38:4a:06:e1 brd ff:ff:ff:ff:ff:ff<br>
    inet6 fe80::d888:38ff:fe4a:6e1/64 scope link <br>
       valid_lft forever preferred_lft forever<br>
8: brq573956a6-13: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP
<br>
    link/ether 72:65:0b:f7:66:9c brd ff:ff:ff:ff:ff:ff<br>
    inet6 fe80::6469:36ff:fecc:a4d8/64 scope link <br>
       valid_lft forever preferred_lft forever<br>
9: tap74c0d2df-39@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc pfifo_fast master brq573956a6-13 state UP qlen 1000<br>
    link/ether 72:65:0b:f7:66:9c brd ff:ff:ff:ff:ff:ff link-netnsid 1<br>
    inet6 fe80::7065:bff:fef7:669c/64 scope link <br>
       valid_lft forever preferred_lft forever<br>
10: brq9ee73442-5a: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
<br>
    link/ether 4a:15:7e:f4:99:cf brd ff:ff:ff:ff:ff:ff<br>
    inet <a href="http://172.22.10.99/24" target="_blank">172.22.10.99/24</a> brd 172.22.10.255 scope global brq9ee73442-5a<br>
       valid_lft forever preferred_lft forever<br>
    inet6 2602:306:31fd:1020:4815:7eff:fef4:99cf/64 scope global mngtmpaddr dynamic
<br>
       valid_lft 2591681sec preferred_lft 604481sec<br>
    inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95/64 scope global <br>
       valid_lft 2536726sec preferred_lft 549526sec<br>
    inet6 fe80::70b5:65ff:fea6:c5d9/64 scope link <br>
       valid_lft forever preferred_lft forever<br>
11: tapb8f78b33-19: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master brq9ee73442-5a state UNKNOWN qlen 500<br>
    link/ether fe:16:3e:bc:ab:07 brd ff:ff:ff:ff:ff:ff<br>
    inet6 fe80::fc16:3eff:febc:ab07/64 scope link <br>
       valid_lft forever preferred_lft forever<br>
13: tap788bdea8-02: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master brq9ee73442-5a state UNKNOWN qlen 500<br>
    link/ether fe:16:3e:11:ae:9e brd ff:ff:ff:ff:ff:ff<br>
    inet6 fe80::fc16:3eff:fe11:ae9e/64 scope link <br>
       valid_lft forever preferred_lft forever<br>
15: tapbc53b8c7-6a@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master brq9ee73442-5a state UP qlen 1000<br>
    link/ether 4a:15:7e:f4:99:cf brd ff:ff:ff:ff:ff:ff link-netnsid 2<br>
    inet6 fe80::4815:7eff:fef4:99cf/64 scope link <br>
       valid_lft forever preferred_lft forever<br>
16: tapd669011b-bf: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master brq9ee73442-5a state UNKNOWN qlen 500<br>
    link/ether fe:16:3e:52:6d:b4 brd ff:ff:ff:ff:ff:ff<br>
    inet6 fe80::fc16:3eff:fe52:6db4/64 scope link <br>
       valid_lft forever preferred_lft forever<br>
<br>
<br>
</div>
</div>
</div>
<div class="gmail_extra"><span><br clear="all">
<div>
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div>
<div>- Christopher T. Hull<br>
</div>
<div>I am presently seeking a new career opportunity  Please see career page<br>
</div>
<div><a href="http://chrishull.com/career" target="_blank">http://chrishull.com/career</a><br>
</div>
<div>333 Orchard Ave, Sunnyvale CA. 94085<br>
<a href="tel:%28415%29%20385%204865" value="+14153854865" target="_blank">(415) 385 4865</a><br>
</div>
<div><a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a><br>
</div>
<a href="http://chrishull.com" target="_blank">http://chrishull.com</a><br>
<br>
</div>
</div>
<div>
<div><br>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
</span>
<div>
<div>
<div class="gmail_quote">On Thu, Mar 24, 2016 at 10:21 AM, Christopher Hull <span dir="ltr">
<<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">
<div>
<div>
<div>James;<br>
</div>
Hey you know...  I seem to remember zeroing out "eth0" IP 0.0.0.0 and setting the static IP on br-ex under Kilo and everything worked.  That was using OVS.   Perhaps I do the same, as you suggest, with LinuxBridge.   Wow.   Thanks.   Will try.   And if this
 doesn't work I'll respond with the diagnostic output you requested.<br>
<br>
</div>
Thanks to all of you;<br>
</div>
-Chris<br>
<br>
</div>
<div class="gmail_extra"><span><br clear="all">
<div>
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div>
<div>- Christopher T. Hull<br>
</div>
<div>I am presently seeking a new career opportunity  Please see career page<br>
</div>
<div><a href="http://chrishull.com/career" target="_blank">http://chrishull.com/career</a><br>
</div>
<div>333 Orchard Ave, Sunnyvale CA. 94085<br>
<a href="tel:%28415%29%20385%204865" value="+14153854865" target="_blank">(415) 385 4865</a><br>
</div>
<div><a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a><br>
</div>
<a href="http://chrishull.com" target="_blank">http://chrishull.com</a><br>
<br>
</div>
</div>
<div>
<div><br>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
</span>
<div>
<div>
<div class="gmail_quote">On Wed, Mar 23, 2016 at 5:57 PM, James Denton <span dir="ltr">
<<a href="mailto:james.denton@rackspace.com" target="_blank">james.denton@rackspace.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div style="word-wrap:break-word">
<div>
<div style="color:rgb(0,0,0);font-family:Calibri,sans-serif;font-size:14px">Hi Christopher,</div>
<div style="color:rgb(0,0,0);font-family:Calibri,sans-serif;font-size:14px"><br>
</div>
<div style="color:rgb(0,0,0);font-family:Calibri,sans-serif;font-size:14px">Routers work under Liberty and LinuxBridge just fine, in my experience, so don’t be too quick to give up on them. I promise you’ll have a tougher go at it, at this point, using another
 virtual machine as a router.</div>
<div style="color:rgb(0,0,0);font-family:Calibri,sans-serif;font-size:14px"><br>
</div>
<div style="color:rgb(0,0,0);font-family:Calibri,sans-serif;font-size:14px">Some tips:</div>
<div style="color:rgb(0,0,0);font-family:Calibri,sans-serif;font-size:14px"><br>
</div>
<ol style="color:rgb(0,0,0);font-family:Calibri,sans-serif;font-size:14px">
<li>Use the ‘ip’ command rather than ‘ifconfig’. Output of ‘ip addr’ would be more helpful here.</li><li>Use ‘brctl show’ to see the virtual bridges and their members. That output would be helpful here as well. </li></ol>
<div>
<div>
<div style="color:rgb(0,0,0);font-family:Calibri,sans-serif;font-size:14px">
<div><br>
</div>
<div>You have an IP configured on interface enp3s0, and I can’t tell what you have set as the physical interface mappings in the ML2/LinuxBridge agent config. On older email I see this:</div>
<div>
<div></div>
</div>
</div>
<div style="color:rgb(0,0,0);font-family:Calibri,sans-serif;font-size:14px"><span style="font-family:'arial black',sans-serif;font-size:small"><br>
</span></div>
<div style="color:rgb(0,0,0);font-family:Calibri,sans-serif;font-size:14px"><span style="font-family:'arial black',sans-serif;font-size:small">>> physical_interface_mappings | public:enp3s0 </span></div>
<div style="color:rgb(0,0,0);font-family:Calibri,sans-serif;font-size:14px"><span style="font-family:'arial black',sans-serif;font-size:small"><br>
</span></div>
<div><font face="Calibri">If that’s still the case, you’re going to have a hard time. The LinuxBridge agent expects to put the enp3s0 interface into the respective brq-* bridge that corresponds to the public (flat) network. Once the interface is in the bridge,
 you may lose connectivity to/from any address on that interface. At that point, your host will be unable to communicate with the router's gateway interface also in the bridge, and probably any external host. In this configuration, you may consider moving the
 IP from enp3s0 to the brq-* bridge temporarily. That should work. Give it a try and let me know.</font></div>
<div><font face="Calibri"><br>
</font></div>
<div><font face="Calibri">James</font></div>
<div style="color:rgb(0,0,0);font-family:Calibri,sans-serif;font-size:14px">
<div>
<div>
<div>
<div></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div style="color:rgb(0,0,0);font-family:Calibri,sans-serif;font-size:14px"><br>
</div>
<span style="color:rgb(0,0,0);font-family:Calibri,sans-serif;font-size:14px">
<div style="font-family:Calibri;font-size:12pt;text-align:left;color:black;BORDER-BOTTOM:medium none;BORDER-LEFT:medium none;PADDING-BOTTOM:0in;PADDING-LEFT:0in;PADDING-RIGHT:0in;BORDER-TOP:#b5c4df 1pt solid;BORDER-RIGHT:medium none;PADDING-TOP:3pt">
<span style="font-weight:bold">From: </span>Christopher Hull <<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a>><br>
<span style="font-weight:bold">Date: </span>Wednesday, March 23, 2016 at 7:21 PM<br>
<span style="font-weight:bold">To: </span>Dan Sneddon <<a href="mailto:dsneddon@redhat.com" target="_blank">dsneddon@redhat.com</a>><br>
<span style="font-weight:bold">Cc: </span>openstack-operators <<a href="mailto:openstack-operators@lists.openstack.org" target="_blank">openstack-operators@lists.openstack.org</a>><br>
<span style="font-weight:bold">Subject: </span>Re: [Openstack-operators] Manual router setup<br>
</div>
<div>
<div>
<div><br>
</div>
<div>
<div>
<div dir="ltr">
<div>
<div>
<div>Conclusion.  Neutron routers under Liberty (Linux Bridge) don't work.   Please prove me wrong.....  Moving on to manual router creation.<br>
</div>
1: How can I assign a fixed IP to an instance?<br>
</div>
2: If I add routes will they get used?  I probably have to create a Port for every route (as Floating IPs do ).<br>
<br>
<br>
</div>
------   Session:  Trying to create a working router for the 15th time. :-)  ----<br>
<br>
<br>
[root@maersk src]# ifconfig<br>
enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500<br>
        inet 172.22.10.99  netmask 255.255.255.0  broadcast 172.22.10.255<br>
        inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95  prefixlen 64  scopeid 0x0<global><br>
        inet6 fe80::ae9e:17ff:feec:5d95  prefixlen 64  scopeid 0x20<link><br>
        ether ac:9e:17:ec:5d:95  txqueuelen 1000  (Ethernet)<br>
        RX packets 238  bytes 16020 (15.6 KiB)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 60  bytes 6650 (6.4 KiB)<br>
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0<br>
<br>
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536<br>
        inet 127.0.0.1  netmask 255.0.0.0<br>
        inet6 ::1  prefixlen 128  scopeid 0x10<host><br>
        loop  txqueuelen 0  (Local Loopback)<br>
        RX packets 4985  bytes 1060267 (1.0 MiB)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 4985  bytes 1060267 (1.0 MiB)<br>
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0<br>
<br>
virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500<br>
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255<br>
        ether 52:54:00:33:94:b3  txqueuelen 0  (Ethernet)<br>
        RX packets 0  bytes 0 (0.0 B)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 0  bytes 0 (0.0 B)<br>
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0<br>
<br>
[root@maersk src]# source admin-openrc.sh <br>
[root@maersk src]# clear<br>
<br>
[root@maersk src]# neutron net-create public --shared --provider:physical_network public \<br>
>    --provider:network_type flat<br>
Created a new network:<br>
+---------------------------+--------------------------------------+<br>
| Field                     | Value                                |<br>
+---------------------------+--------------------------------------+<br>
| admin_state_up            | True                                 |<br>
| id                        | 9ee73442-5a86-48c0-84da-8f650937fd08 |<br>
| mtu                       | 0                                    |<br>
| name                      | public                               |<br>
| port_security_enabled     | True                                 |<br>
| provider:network_type     | flat                                 |<br>
| provider:physical_network | public                               |<br>
| provider:segmentation_id  |                                      |<br>
| router:external           | False                                |<br>
| shared                    | True                                 |<br>
| status                    | ACTIVE                               |<br>
| subnets                   |                                      |<br>
| tenant_id                 | fdf3f98a9b0c4e9e94603d8a84ea41a8     |<br>
+---------------------------+--------------------------------------+<br>
[root@maersk src]# neutron subnet-create public <a href="http://172.22.10.0/24" target="_blank">
172.22.10.0/24</a> --name public \<br>
>    --allocation-pool start=172.22.10.10,end=172.22.10.90 \<br>
>    --dns-nameserver 172.22.10.254 --gateway 172.22.10.254 --enable_dhcp False<br>
Created a new subnet:<br>
+-------------------+--------------------------------------------------+<br>
| Field             | Value                                            |<br>
+-------------------+--------------------------------------------------+<br>
| allocation_pools  | {"start": "172.22.10.10", "end": "172.22.10.90"} |<br>
| cidr              | <a href="http://172.22.10.0/24" target="_blank">172.22.10.0/24</a>                                   |<br>
| dns_nameservers   | 172.22.10.254                                    |<br>
| enable_dhcp       | False                                            |<br>
| gateway_ip        | 172.22.10.254                                    |<br>
| host_routes       |                                                  |<br>
| id                | 28683bfe-2410-4f9b-b805-ec3c7aee009a             |<br>
| ip_version        | 4                                                |<br>
| ipv6_address_mode |                                                  |<br>
| ipv6_ra_mode      |                                                  |<br>
| name              | public                                           |<br>
| network_id        | 9ee73442-5a86-48c0-84da-8f650937fd08             |<br>
| subnetpool_id     |                                                  |<br>
| tenant_id         | fdf3f98a9b0c4e9e94603d8a84ea41a8                 |<br>
+-------------------+--------------------------------------------------+<br>
[root@maersk src]# ifconfig  <br>
enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500<br>
        inet 172.22.10.99  netmask 255.255.255.0  broadcast 172.22.10.255<br>
        inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95  prefixlen 64  scopeid 0x0<global><br>
        inet6 fe80::ae9e:17ff:feec:5d95  prefixlen 64  scopeid 0x20<link><br>
        ether ac:9e:17:ec:5d:95  txqueuelen 1000  (Ethernet)<br>
        RX packets 5032  bytes 373870 (365.1 KiB)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 2602  bytes 3154215 (3.0 MiB)<br>
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0<br>
<br>
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536<br>
        inet 127.0.0.1  netmask 255.0.0.0<br>
        inet6 ::1  prefixlen 128  scopeid 0x10<host><br>
        loop  txqueuelen 0  (Local Loopback)<br>
        RX packets 46701  bytes 12008341 (11.4 MiB)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 46701  bytes 12008341 (11.4 MiB)<br>
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0<br>
<br>
virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500<br>
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255<br>
        ether 52:54:00:33:94:b3  txqueuelen 0  (Ethernet)<br>
        RX packets 0  bytes 0 (0.0 B)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 0  bytes 0 (0.0 B)<br>
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0<br>
<br>
[root@maersk src]# neutron net-list  <br>
+--------------------------------------+--------+-----------------------------------------------------+<br>
| id                                   | name   | subnets                                             |<br>
+--------------------------------------+--------+-----------------------------------------------------+<br>
| 9ee73442-5a86-48c0-84da-8f650937fd08 | public | 28683bfe-2410-4f9b-b805-ec3c7aee009a
<a href="http://172.22.10.0/24" target="_blank">172.22.10.0/24</a> |<br>
+--------------------------------------+--------+-----------------------------------------------------+<br>
[root@maersk src]# source demo-openrc.sh<br>
[root@maersk src]# neutron net-create private<br>
Created a new network:<br>
+-----------------------+--------------------------------------+<br>
| Field                 | Value                                |<br>
+-----------------------+--------------------------------------+<br>
| admin_state_up        | True                                 |<br>
| id                    | 573956a6-1378-4100-83c2-db5c3bf9a95c |<br>
| mtu                   | 0                                    |<br>
| name                  | private                              |<br>
| port_security_enabled | True                                 |<br>
| router:external       | False                                |<br>
| shared                | False                                |<br>
| status                | ACTIVE                               |<br>
| subnets               |                                      |<br>
| tenant_id             | 7813be77b1de4196b1c6b77006afa21c     |<br>
+-----------------------+--------------------------------------+<br>
[root@maersk src]# neutron subnet-create private <a href="http://192.168.10.0/24" target="_blank">
192.168.10.0/24</a> \<br>
>      --name private --dns-nameserver 172.22.10.254 --gateway 192.168.10.1<br>
Created a new subnet:<br>
+-------------------+----------------------------------------------------+<br>
| Field             | Value                                              |<br>
+-------------------+----------------------------------------------------+<br>
| allocation_pools  | {"start": "192.168.10.2", "end": "192.168.10.254"} |<br>
| cidr              | <a href="http://192.168.10.0/24" target="_blank">192.168.10.0/24</a>                                    |<br>
| dns_nameservers   | 172.22.10.254                                      |<br>
| enable_dhcp       | True                                               |<br>
| gateway_ip        | 192.168.10.1                                       |<br>
| host_routes       |                                                    |<br>
| id                | 83f4f5e5-13b6-41f2-af07-b96d86847e2b               |<br>
| ip_version        | 4                                                  |<br>
| ipv6_address_mode |                                                    |<br>
| ipv6_ra_mode      |                                                    |<br>
| name              | private                                            |<br>
| network_id        | 573956a6-1378-4100-83c2-db5c3bf9a95c               |<br>
| subnetpool_id     |                                                    |<br>
| tenant_id         | 7813be77b1de4196b1c6b77006afa21c                   |<br>
+-------------------+----------------------------------------------------+<br>
[root@maersk src]# ifconfig  <br>
brq573956a6-13: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450<br>
        inet6 fe80::6469:36ff:fecc:a4d8  prefixlen 64  scopeid 0x20<link><br>
        ether da:88:38:4a:06:e1  txqueuelen 0  (Ethernet)<br>
        RX packets 4  bytes 264 (264.0 B)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 7  bytes 578 (578.0 B)<br>
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0<br>
<br>
enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500<br>
        inet 172.22.10.99  netmask 255.255.255.0  broadcast 172.22.10.255<br>
        inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95  prefixlen 64  scopeid 0x0<global><br>
        inet6 fe80::ae9e:17ff:feec:5d95  prefixlen 64  scopeid 0x20<link><br>
        ether ac:9e:17:ec:5d:95  txqueuelen 1000  (Ethernet)<br>
        RX packets 5310  bytes 393373 (384.1 KiB)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 2661  bytes 3165497 (3.0 MiB)<br>
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0<br>
<br>
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536<br>
        inet 127.0.0.1  netmask 255.0.0.0<br>
        inet6 ::1  prefixlen 128  scopeid 0x10<host><br>
        loop  txqueuelen 0  (Local Loopback)<br>
        RX packets 50779  bytes 13259383 (12.6 MiB)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 50779  bytes 13259383 (12.6 MiB)<br>
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0<br>
<br>
tapbb0ceef0-e6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450<br>
        inet6 fe80::e816:29ff:fec8:9925  prefixlen 64  scopeid 0x20<link><br>
        ether ea:16:29:c8:99:25  txqueuelen 1000  (Ethernet)<br>
        RX packets 7  bytes 578 (578.0 B)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 13  bytes 1066 (1.0 KiB)<br>
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0<br>
<br>
virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500<br>
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255<br>
        ether 52:54:00:33:94:b3  txqueuelen 0  (Ethernet)<br>
        RX packets 0  bytes 0 (0.0 B)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 0  bytes 0 (0.0 B)<br>
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0<br>
<br>
vxlan-92: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450<br>
        inet6 fe80::d888:38ff:fe4a:6e1  prefixlen 64  scopeid 0x20<link><br>
        ether da:88:38:4a:06:e1  txqueuelen 0  (Ethernet)<br>
        RX packets 0  bytes 0 (0.0 B)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 0  bytes 0 (0.0 B)<br>
        TX errors 0  dropped 16 overruns 0  carrier 0  collisions 0<br>
<br>
[root@maersk src]# source admin-openrc.sh <br>
[root@maersk src]# neutron net-update public --router:external  <br>
Updated network: public<br>
[root@maersk src]# source demo-openrc.sh <br>
[root@maersk src]# neutron router-create router<br>
Created a new router:<br>
+-----------------------+--------------------------------------+<br>
| Field                 | Value                                |<br>
+-----------------------+--------------------------------------+<br>
| admin_state_up        | True                                 |<br>
| external_gateway_info |                                      |<br>
| id                    | ff6a61f5-f497-43a1-b245-64ec8e87b488 |<br>
| name                  | router                               |<br>
| routes                |                                      |<br>
| status                | ACTIVE                               |<br>
| tenant_id             | 7813be77b1de4196b1c6b77006afa21c     |<br>
+-----------------------+--------------------------------------+<br>
[root@maersk src]# neutron router-interface-add router private<br>
Multiple router matches found for name 'router', use an ID to be more specific.<br>
[root@maersk src]# neutron router-list  <br>
+--------------------------------------+--------+-----------------------+<br>
| id                                   | name   | external_gateway_info |<br>
+--------------------------------------+--------+-----------------------+<br>
| 5939b796-cae6-4d72-8d34-66e20afb95aa | router | null                  |<br>
| ff6a61f5-f497-43a1-b245-64ec8e87b488 | router | null                  |<br>
+--------------------------------------+--------+-----------------------+<br>
[root@maersk src]# neutron router-delete  5939b796-cae6-4d72-8d34-66e20afb95aa  <br>
Deleted router: 5939b796-cae6-4d72-8d34-66e20afb95aa<br>
[root@maersk src]# neutron router-delete  ff6a61f5-f497-43a1-b245-64ec8e87b488  <br>
Deleted router: ff6a61f5-f497-43a1-b245-64ec8e87b488<br>
[root@maersk src]# neutron router-create router<br>
Created a new router:<br>
+-----------------------+--------------------------------------+<br>
| Field                 | Value                                |<br>
+-----------------------+--------------------------------------+<br>
| admin_state_up        | True                                 |<br>
| external_gateway_info |                                      |<br>
| id                    | a1be1dbd-1a94-4a8c-8093-45a7af89140c |<br>
| name                  | router                               |<br>
| routes                |                                      |<br>
| status                | ACTIVE                               |<br>
| tenant_id             | 7813be77b1de4196b1c6b77006afa21c     |<br>
+-----------------------+--------------------------------------+<br>
[root@maersk src]# neutron router-interface-add router private<br>
Added interface 74c0d2df-3944-43d7-8be9-2ef0d9242edc to router router.<br>
[root@maersk src]# neutron router-gateway-set router public<br>
Set gateway for router router<br>
[root@maersk src]# source admin-openrc.sh<br>
[root@maersk src]# ip netns<br>
qrouter-a1be1dbd-1a94-4a8c-8093-45a7af89140c (id: 1)<br>
qdhcp-573956a6-1378-4100-83c2-db5c3bf9a95c (id: 0)<br>
[root@maersk src]# neutron router-port-list router<br>
+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+<br>
| id                                   | name | mac_address       | fixed_ips                                                                           |<br>
+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+<br>
| 21c8decf-e4c8-4467-9266-ca5cfb9c7c20 |      | fa:16:3e:d6:29:b4 | {"subnet_id": "28683bfe-2410-4f9b-b805-ec3c7aee009a", "ip_address": "172.22.10.10"} |<br>
| 74c0d2df-3944-43d7-8be9-2ef0d9242edc |      | fa:16:3e:7b:d6:0f | {"subnet_id": "83f4f5e5-13b6-41f2-af07-b96d86847e2b", "ip_address": "192.168.10.1"} |<br>
+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+<br>
[root@maersk src]# ping 172.22.10.10<br>
PING 172.22.10.10 (172.22.10.10) 56(84) bytes of data.<br>
From 172.22.10.99 icmp_seq=1 Destination Host Unreachable<br>
From 172.22.10.99 icmp_seq=2 Destination Host Unreachable<br>
From 172.22.10.99 icmp_seq=3 Destination Host Unreachable<br>
From 172.22.10.99 icmp_seq=4 Destination Host Unreachable<br>
From 172.22.10.99 icmp_seq=5 Destination Host Unreachable<br>
From 172.22.10.99 icmp_seq=6 Destination Host Unreachable<br>
From 172.22.10.99 icmp_seq=7 Destination Host Unreachable<br>
From 172.22.10.99 icmp_seq=8 Destination Host Unreachable<br>
^C<br>
--- 172.22.10.10 ping statistics ---<br>
8 packets transmitted, 0 received, +8 errors, 100% packet loss, time 7000ms<br>
pipe 4<br>
[root@maersk src]# ifconfig  <br>
brq573956a6-13: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450<br>
        inet6 fe80::6469:36ff:fecc:a4d8  prefixlen 64  scopeid 0x20<link><br>
        ether 72:65:0b:f7:66:9c  txqueuelen 0  (Ethernet)<br>
        RX packets 6  bytes 348 (348.0 B)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 8  bytes 648 (648.0 B)<br>
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0<br>
<br>
enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500<br>
        inet 172.22.10.99  netmask 255.255.255.0  broadcast 172.22.10.255<br>
        inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95  prefixlen 64  scopeid 0x0<global><br>
        inet6 fe80::ae9e:17ff:feec:5d95  prefixlen 64  scopeid 0x20<link><br>
        ether ac:9e:17:ec:5d:95  txqueuelen 1000  (Ethernet)<br>
        RX packets 6360  bytes 464736 (453.8 KiB)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 2867  bytes 3196849 (3.0 MiB)<br>
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0<br>
<br>
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536<br>
        inet 127.0.0.1  netmask 255.0.0.0<br>
        inet6 ::1  prefixlen 128  scopeid 0x10<host><br>
        loop  txqueuelen 0  (Local Loopback)<br>
        RX packets 65582  bytes 17827940 (17.0 MiB)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 65582  bytes 17827940 (17.0 MiB)<br>
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0<br>
<br>
tap74c0d2df-39: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450<br>
        inet6 fe80::7065:bff:fef7:669c  prefixlen 64  scopeid 0x20<link><br>
        ether 72:65:0b:f7:66:9c  txqueuelen 1000  (Ethernet)<br>
        RX packets 10  bytes 864 (864.0 B)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 8  bytes 648 (648.0 B)<br>
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0<br>
<br>
tapbb0ceef0-e6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450<br>
        inet6 fe80::e816:29ff:fec8:9925  prefixlen 64  scopeid 0x20<link><br>
        ether ea:16:29:c8:99:25  txqueuelen 1000  (Ethernet)<br>
        RX packets 8  bytes 648 (648.0 B)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 16  bytes 1248 (1.2 KiB)<br>
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0<br>
<br>
virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500<br>
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255<br>
        ether 52:54:00:33:94:b3  txqueuelen 0  (Ethernet)<br>
        RX packets 0  bytes 0 (0.0 B)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 0  bytes 0 (0.0 B)<br>
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0<br>
<br>
vxlan-92: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450<br>
        inet6 fe80::d888:38ff:fe4a:6e1  prefixlen 64  scopeid 0x20<link><br>
        ether da:88:38:4a:06:e1  txqueuelen 0  (Ethernet)<br>
        RX packets 0  bytes 0 (0.0 B)<br>
        RX errors 0  dropped 0  overruns 0  frame 0<br>
        TX packets 0  bytes 0 (0.0 B)<br>
        TX errors 0  dropped 19 overruns 0  carrier 0  collisions 0<br>
<br>
<br>
<br>
</div>
<div class="gmail_extra"><br clear="all">
<div>
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div>
<div>- Christopher T. Hull<br>
</div>
<div>I am presently seeking a new career opportunity  Please see career page<br>
</div>
<div><a href="http://chrishull.com/career" target="_blank">http://chrishull.com/career</a><br>
</div>
<div>333 Orchard Ave, Sunnyvale CA. 94085<br>
<a href="tel:%28415%29%20385%204865" value="+14153854865" target="_blank">(415) 385 4865</a><br>
</div>
<div><a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a><br>
</div>
<a href="http://chrishull.com" target="_blank">http://chrishull.com</a><br>
<br>
</div>
</div>
<div>
<div><br>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<div class="gmail_quote">On Wed, Mar 23, 2016 at 4:34 PM, Dan Sneddon <span dir="ltr">
<<a href="mailto:dsneddon@redhat.com" target="_blank">dsneddon@redhat.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div>
<div>On 03/23/2016 04:06 PM, Christopher Hull wrote:<br>
> Hmmm.   Well I'm not using OpenVSwitch.  Just LinuxBridge.   My CentOS<br>
> 7 install sees emp3s0 where eth0 would usually appear.   But this may<br>
> need to be changed to br-ex?  The IP address no longer apperas at<br>
> enp3s0, so perhaps that's the issue.<br>
><br>
> When I make changes, I tear down all the networks and rebuild them<br>
> according to instructions.   I do this after restarting the machine.  I<br>
> wonder if the database needs to be updated as well.<br>
><br>
> su -s /bin/sh -c "neutron-db-manage --config-file<br>
> /etc/neutron/neutron.conf \<br>
>   --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron<br>
> systemctl stop neutron-server.service \<br>
>   neutron-linuxbridge-agent.service neutron-dhcp-agent.service \<br>
>   neutron-metadata-agent.service<br>
> systemctl stop neutron-l3-agent.service<br>
> and restart.<br>
><br>
> Thanks for the help.   Yes.  It's a bit confusing.   Why are router and<br>
> instance ports different?  It is for this reason that I figured I could<br>
> just create my own instance/router.  But why should I have to?    Do<br>
> routers not work unless you use OpenVSwitch?   The Liberty install<br>
> instructions (unlike Kilo) don't seem to require installing OpenVSwitch.<br>
><br>
> linux_bridge_agent.ini<br>
> inux_bridge               | physical_interface_mappings | public:enp3s0<br>
><br>
> Perhaps br-ex?   Or whereever I see my static IP when doing an<br>
> ifconfig  :-)  Was enp3s0 when CentOS was first installed, but I think<br>
> thats changed somehow.<br>
><br>
> +----------------------------+-----------------------------+--------------------------------------------------------------+<br>
> | linuxbridge_agent: Section | Key                         |<br>
> Value                                                        |<br>
> +----------------------------+-----------------------------+--------------------------------------------------------------+<br>
> | linux_bridge               | physical_interface_mappings |<br>
> public:enp3s0                                                |<br>
> | vxlan                      | l2_population               |<br>
> True                                                         |<br>
> | vxlan                      | local_ip                    |<br>
> 172.22.10.99                                                 |<br>
> | vxlan                      | enable_vxlan                |<br>
> True                                                         |<br>
> | agent                      | prevent_arp_spoofing        |<br>
> True                                                         |<br>
> | securitygroup              | firewall_driver             |<br>
> neutron.agent.linux.iptables_firewall.IptablesFirewallDriver |<br>
> | securitygroup              | enable_security_group       |<br>
> True                                                         |<br>
> +----------------------------+-----------------------------+--------------------------------------------------------------+<br>
><br>
><br>
><br>
> - Christopher T. Hull<br>
> I am presently seeking a new career opportunity  Please see career page<br>
> <a href="http://chrishull.com/career" rel="noreferrer" target="_blank">http://chrishull.com/career</a><br>
> 333 Orchard Ave, Sunnyvale CA. 94085<br>
</div>
</div>
> <a href="tel:%28415%29%20385%204865" value="+14153854865" target="_blank">(415) 385 4865</a> <tel:%28415%29%20385%204865><br>
<span>> <a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a> <mailto:<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a>><br>
> <a href="http://chrishull.com" rel="noreferrer" target="_blank">http://chrishull.com</a><br>
><br>
><br>
><br>
</span><span>> On Wed, Mar 23, 2016 at 3:34 PM, Dan Sneddon <<a href="mailto:dsneddon@redhat.com" target="_blank">dsneddon@redhat.com</a><br>
</span>
<div>
<div>> <mailto:<a href="mailto:dsneddon@redhat.com" target="_blank">dsneddon@redhat.com</a>>> wrote:<br>
><br>
>     On 03/23/2016 03:05 PM, Christopher Hull wrote:<br>
>     > Hi Keven / all;<br>
>     ><br>
>     > Re: Getting a Neutron Router to work.  (set external_network_bridge =<br>
>     > blank).  Apologies if this got sent twice.<br>
>     ><br>
>     > Nope, not quite there yet re getting the damn router to work<br>
>     (week 3 on<br>
>     > this issue).<br>
>     ><br>
>     > The Liberty install instructions indeed say to set...<br>
>     > external_network_bridge =<br>
>     ><br>
>     > I'm so desperate that I thought the blank space after the = might be<br>
>     > the issue.  No.   Then I noticed these instructions in<br>
>     l3_agent.ini itself.<br>
>     > -----<br>
>     > # When external_network_bridge is set, each L3 agent can be<br>
>     associated<br>
>     > # with no more than one external network. This value should be set to<br>
>     > the UUID<br>
>     > # of that external network. To allow L3 agent support multiple<br>
>     external<br>
>     > # networks, both the external_network_bridge and<br>
>     > gateway_external_network_id<br>
>     > # must be left empty.<br>
>     > # gateway_external_network_id =<br>
>     > ----<br>
>     ><br>
>     > 1: Should gateway_external_network_id = be unoommented?<br>
>     > 2: Should I reupdate the database after these changes?<br>
>     > su -s /bin/sh -c "neutron-db-manage --config-file<br>
>     > /etc/neutron/neutron.conf \<br>
>     >   --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade<br>
>     head" neutron<br>
>     ><br>
>     > 3: Should external_network_bridge in fact be set to the UUID of the<br>
>     > public network?<br>
>     ><br>
>     > 4. All instances Ports work just fine on public and private network.<br>
>     > WHAT is the difference between a Neutron router northbound port<br>
>     and an<br>
>     > instance port on the public net.<br>
>     ><br>
>     > Services restarted after config change (just removed space after =<br>
>     > actually just in case sloppy Python coding was involved here).  In<br>
>     > fact, I rebooted the box just to be sure.<br>
>     ><br>
>     > Making my own instance based router is looking better and better all<br>
>     > the time.   If Neutron Routers really work, maybe UFO's exist too.<br>
>     > :-)   j/k<br>
>     ><br>
>     ><br>
>     > Seriously.  Thank you for your help.     Hope to help the community<br>
>     > soon too myself.  Trying to get my Gerrit account up and running but<br>
>     > the OpenStack.org site won't allow me to sign the Contrib agreement<br>
>     > with out getting a server error.<br>
>     ><br>
>     ><br>
>     > ====  Config Details ======<br>
>     > Issue   Neutron Router Northbound Port won't Ping, is Down<br>
>     ><br>
>     > [root@maersk src]# ./pluto.py show  -p /etc neutron  rootwrap.conf<br>
>     > ml2_conf.ini l3_agent.ini linuxbridge_agent.ini dhcp_agent.ini<br>
>     ><br>
>     +-----------------------+------------------------------------+-------------------------------------------------+<br>
>     > | neutron: Section      | Key                                |<br>
>     > Value                                           |<br>
>     ><br>
>     +-----------------------+------------------------------------+-------------------------------------------------+<br>
>     > | DEFAULT               | verbose                            |<br>
>     > True                                            |<br>
>     > | DEFAULT               | nova_url                           |<br>
>     > <a href="http://controller:8774/v2" rel="noreferrer" target="_blank">http://controller:8774/v2</a>                       |<br>
>     > | DEFAULT               | notify_nova_on_port_data_changes   |<br>
>     > True                                            |<br>
>     > | DEFAULT               | notify_nova_on_port_status_changes |<br>
>     > True                                            |<br>
>     > | DEFAULT               | auth_strategy                      |<br>
>     > keystone                                        |<br>
>     > | DEFAULT               | rpc_backend                        |<br>
>     > rabbit                                          |<br>
>     > | DEFAULT               | allow_overlapping_ips              |<br>
>     > True                                            |<br>
>     > | DEFAULT               | service_plugins                    |<br>
>     > router                                          |<br>
>     > | DEFAULT               | core_plugin                        |<br>
>     > ml2                                             |<br>
>     > | keystone_authtoken    | password                           |<br>
>     > mk4968small23buggidntpass                       |<br>
>     > | keystone_authtoken    | username                           |<br>
>     > neutron                                         |<br>
>     > | keystone_authtoken    | project_name                       |<br>
>     > service                                         |<br>
>     > | keystone_authtoken    | user_domain_id                     |<br>
>     > default                                         |<br>
>     > | keystone_authtoken    | project_domain_id                  |<br>
>     > default                                         |<br>
>     > | keystone_authtoken    | auth_plugin                        |<br>
>     > password                                        |<br>
>     > | keystone_authtoken    | auth_url                           |<br>
>     > <a href="http://controller:35357" rel="noreferrer" target="_blank">http://controller:35357</a>                         |<br>
>     > | keystone_authtoken    | auth_uri                           |<br>
>     > <a href="http://controller:5000" rel="noreferrer" target="_blank">http://controller:5000</a>                          |<br>
>     > | database              | connection                         |<br>
>     > mysql://neutron:sleestack191@controller/neutron |<br>
>     > | nova                  | password                           |<br>
>     > mk4968small23buggidntpass                       |<br>
>     > | nova                  | username                           |<br>
>     > nova                                            |<br>
>     > | nova                  | project_name                       |<br>
>     > service                                         |<br>
>     > | nova                  | region_name                        |<br>
>     > RegionOne                                       |<br>
>     > | nova                  | user_domain_id                     |<br>
>     > default                                         |<br>
>     > | nova                  | project_domain_id                  |<br>
>     > default                                         |<br>
>     > | nova                  | auth_plugin                        |<br>
>     > password                                        |<br>
>     > | nova                  | auth_url                           |<br>
>     > <a href="http://controller:35357" rel="noreferrer" target="_blank">http://controller:35357</a>                         |<br>
>     > | oslo_concurrency      | lock_path                          |<br>
>     > /var/lib/neutron/tmp                            |<br>
>     > | oslo_messaging_rabbit | rabbit_password                    |<br>
>     > open.g00dke232                                  |<br>
>     > | oslo_messaging_rabbit | rabbit_userid                      |<br>
>     > openstack                                       |<br>
>     > | oslo_messaging_rabbit | rabbit_host                        |<br>
>     > controller                                      |<br>
>     ><br>
>     +-----------------------+------------------------------------+-------------------------------------------------+<br>
>     ><br>
>     +-------------------+---------------------+--------------------------------------------------------------+<br>
>     > | rootwrap: Section | Key                 |<br>
>     > Value                                                        |<br>
>     ><br>
>     +-------------------+---------------------+--------------------------------------------------------------+<br>
>     > | DEFAULT           | filters_path        |<br>
>     > /etc/cinder/rootwrap.d,/usr/share/cinder/rootwrap            |<br>
>     > | DEFAULT           | exec_dirs           |<br>
>     > /sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin |<br>
>     > | DEFAULT           | use_syslog          |<br>
>     > False                                                        |<br>
>     > | DEFAULT           | syslog_log_facility |<br>
>     > syslog                                                       |<br>
>     > | DEFAULT           | syslog_log_level    |<br>
>     > ERROR                                                        |<br>
>     ><br>
>     +-------------------+---------------------+--------------------------------------------------------------+<br>
>     ><br>
>     +-------------------+----------------------+--------------------------+<br>
>     > | ml2_conf: Section | Key                  | Value<br>
>         |<br>
>     ><br>
>     +-------------------+----------------------+--------------------------+<br>
>     > | ml2               | extension_drivers    | port_security<br>
>         |<br>
>     > | ml2               | mechanism_drivers    |<br>
>     linuxbridge,l2population |<br>
>     > | ml2               | tenant_network_types | vxlan<br>
>         |<br>
>     > | ml2               | type_drivers         | flat,vlan,vxlan<br>
>         |<br>
>     > | ml2_type_flat     | flat_networks        | public<br>
>          |<br>
>     > | ml2_type_vxlan    | vni_ranges           | 1:1000<br>
>          |<br>
>     > | securitygroup     | enable_ipset         | True<br>
>          |<br>
>     ><br>
>     +-------------------+----------------------+--------------------------+<br>
>     ><br>
>     +-------------------+--------------------------+-----------------------------------------------------+<br>
>     > | l3_agent: Section | Key                      |<br>
>     > Value                                               |<br>
>     ><br>
>     +-------------------+--------------------------+-----------------------------------------------------+<br>
>     > | DEFAULT           | external_network_bridge<br>
>     > |                                                     |<br>
>     > | DEFAULT           | verbose                  |<br>
>     > True                                                |<br>
>     > | DEFAULT           | interface_driver         |<br>
>     > neutron.agent.linux.interface.BridgeInterfaceDriver |<br>
>     ><br>
>     +-------------------+--------------------------+-----------------------------------------------------+<br>
>     ><br>
>     +----------------------------+-----------------------------+--------------------------------------------------------------+<br>
>     > | linuxbridge_agent: Section | Key                         |<br>
>     > Value                                                        |<br>
>     ><br>
>     +----------------------------+-----------------------------+--------------------------------------------------------------+<br>
>     > | linux_bridge               | physical_interface_mappings |<br>
>     > public:enp3s0                                                |<br>
>     > | vxlan                      | l2_population               |<br>
>     > True                                                         |<br>
>     > | vxlan                      | local_ip                    |<br>
>     > 172.22.10.99                                                 |<br>
>     > | vxlan                      | enable_vxlan                |<br>
>     > True                                                         |<br>
>     > | agent                      | prevent_arp_spoofing        |<br>
>     > True                                                         |<br>
>     > | securitygroup              | firewall_driver             |<br>
>     > neutron.agent.linux.iptables_firewall.IptablesFirewallDriver |<br>
>     > | securitygroup              | enable_security_group       |<br>
>     > True                                                         |<br>
>     ><br>
>     +----------------------------+-----------------------------+--------------------------------------------------------------+<br>
>     ><br>
>     +---------------------+--------------------------+-----------------------------------------------------+<br>
>     > | dhcp_agent: Section | Key                      |<br>
>     > Value                                               |<br>
>     ><br>
>     +---------------------+--------------------------+-----------------------------------------------------+<br>
>     > | DEFAULT             | dnsmasq_config_file      |<br>
>     > /etc/neutron/dnsmasq-neutron.conf                   |<br>
>     > | DEFAULT             | verbose                  |<br>
>     > True                                                |<br>
>     > | DEFAULT             | enable_isolated_metadata |<br>
>     > True                                                |<br>
>     > | DEFAULT             | dhcp_driver              |<br>
>     > neutron.agent.linux.dhcp.Dnsmasq                    |<br>
>     > | DEFAULT             | interface_driver         |<br>
>     > neutron.agent.linux.interface.BridgeInterfaceDriver |<br>
>     ><br>
>     +---------------------+--------------------------+-----------------------------------------------------+<br>
>     ><br>
>     ><br>
>     ><br>
>     ><br>
>     ><br>
>     ><br>
>     ><br>
>     ><br>
>     ><br>
>     ><br>
>     > - Christopher T. Hull<br>
>     > I am presently seeking a new career opportunity  Please see<br>
>     career page<br>
>     > <a href="http://chrishull.com/career" rel="noreferrer" target="_blank">http://chrishull.com/career</a><br>
>     > 333 Orchard Ave, Sunnyvale CA. 94085<br>
</div>
</div>
>     > <a href="tel:%28415%29%20385%204865" value="+14153854865" target="_blank">
(415) 385 4865</a> <tel:%28415%29%20385%204865><br>
>     > <a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a> <mailto:<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a>><br>
>     <mailto:<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a> <mailto:<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a>>><br>
<span>>     > <a href="http://chrishull.com" rel="noreferrer" target="_blank">http://chrishull.com</a><br>
>     ><br>
>     ><br>
>     ><br>
>     > On Wed, Mar 23, 2016 at 8:50 AM, <<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a> <mailto:<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a>><br>
</span><span>>     > <mailto:<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a> <mailto:<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a>>>> wrote:<br>
>     ><br>
>     >     Thanks. Will check that.<br>
>     >     When I create an instance in the public or private nets they ping.<br>
>     >     Why do router ports behave differently than instance ports?  Only<br>
>     >     the Northbound router port is down and won't ping.   Will check<br>
>     >     settings ASAP thanks<br>
>     ><br>
>     >     Chris.<br>
>     ><br>
>     >     Sent from my iPhone<br>
>     ><br>
>     >     On Mar 23, 2016, at 7:52 AM, Kevin Benton <<a href="mailto:kevin@benton.pub" target="_blank">kevin@benton.pub</a><br>
</span><span>>     >     <mailto:<a href="mailto:kevin@benton.pub" target="_blank">kevin@benton.pub</a> <mailto:<a href="mailto:kevin@benton.pub" target="_blank">kevin@benton.pub</a>>>> wrote:<br>
>     ><br>
>     >>     Ok. The same settings should apply to Linux bridge.<br>
>     >><br>
>     >>     Make sure you have external_network_bridge defined in your L3<br>
>     >>     agent as an empty value.<br>
>     >><br>
>     >>     Then your external network should be created with the provider<br>
>     >>     type of 'flat' and the physical network corresponding to the one<br>
>     >>     you have defined in your bridge mappings in the L2 agent  that<br>
>     >>     attaches to the bridge going to your external physical network.<br>
>     >><br>
>     >>     On Mar 23, 2016 7:25 AM, <<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a> <mailto:<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a>><br>
</span><span>>     >>     <mailto:<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a> <mailto:<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a>>>> wrote:<br>
>     >><br>
>     >>         Kevin;<br>
>     >>         Thank you Very much.  I'll check.   I did a manual Liberty<br>
>     >>         install so I may have done something wrong.  I am using<br>
>     >>         LinuxBridge (not OpenVSwitch) if that helps.  Will post<br>
>     >>         results to list soon.  Would like to be able to use floating<br>
>     >>         IPs, a more convenient form of ipTables basically.<br>
>     >><br>
>     >>         Chris.<br>
>     >><br>
>     >>         Sent from my iPhone<br>
>     >><br>
>     >>         On Mar 23, 2016, at 7:16 AM, Kevin Benton <<a href="mailto:kevin@benton.pub" target="_blank">kevin@benton.pub</a><br>
</span><span>>     >>         <mailto:<a href="mailto:kevin@benton.pub" target="_blank">kevin@benton.pub</a> <mailto:<a href="mailto:kevin@benton.pub" target="_blank">kevin@benton.pub</a>>>> wrote:<br>
>     >><br>
>     >>>         Do you have external_network_bridge set to an empty value in<br>
>     >>>         the l3 agent config? If not, the l3 agent will use a legacy<br>
>     >>>         mode of wiring up the port and it's status field may not be<br>
>     >>>         ACTIVE.<br>
>     >>><br>
>     >>>         The routers are tested thousands of times in the gate every<br>
>     >>>         day, so they work. It's just a matter of getting your<br>
>     >>>         configuration correct.<br>
>     >>><br>
>     >>>         Yes, you can use a VM to route as well.<br>
>     >>><br>
>     >>>         On Mar 23, 2016 7:06 AM, <<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a> <mailto:<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a>><br>
</span><span>>     >>>         <mailto:<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a> <mailto:<a href="mailto:chrishull42@gmail.com" target="_blank">chrishull42@gmail.com</a>>>> wrote:<br>
>     >>><br>
>     >>>             Hi all;<br>
>     >>>             It appears that Liberty Neutron routers do not work.<br>
>     >>>             The Northbound port is always Down.<br>
>     >>><br>
>     >>>             What I'd like to do is dedicate an instance (CentOS) to<br>
>     >>>             routing between the Public net and other nets.  Has<br>
>     >>>             anyone done this.  Setting up the router is trivial.<br>
>     >>>             But I'm a little worried about interaction with Neutron<br>
>     >>>             Ports.  I need to assign fixed IPs so I can route from<br>
>     >>>             the Internet to a server instance.<br>
>     >>><br>
>     >>>             Ideas?<br>
>     >>><br>
>     >>>             Thanks<br>
>     >>>             - Chris.<br>
>     >>><br>
>     >>>             Sent from my iPhone<br>
>     >>>             _______________________________________________<br>
>     >>>             OpenStack-operators mailing list<br>
>     >>>             <a href="mailto:OpenStack-operators@lists.openstack.org" target="_blank">OpenStack-operators@lists.openstack.org</a><br>
>     <mailto:<a href="mailto:OpenStack-operators@lists.openstack.org" target="_blank">OpenStack-operators@lists.openstack.org</a>><br>
</span>>     >>>             <mailto:<a href="mailto:OpenStack-operators@lists.openstack.org" target="_blank">OpenStack-operators@lists.openstack.org</a><br>
<span>>     <mailto:<a href="mailto:OpenStack-operators@lists.openstack.org" target="_blank">OpenStack-operators@lists.openstack.org</a>>><br>
>     >>><br>
>      <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators" rel="noreferrer" target="_blank">
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators</a><br>
>     >>><br>
>     ><br>
>     ><br>
>     ><br>
>     > _______________________________________________<br>
>     > OpenStack-operators mailing list<br>
>     > <a href="mailto:OpenStack-operators@lists.openstack.org" target="_blank">
OpenStack-operators@lists.openstack.org</a><br>
</span>>     <mailto:<a href="mailto:OpenStack-operators@lists.openstack.org" target="_blank">OpenStack-operators@lists.openstack.org</a>><br>
<span>>     > <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators" rel="noreferrer" target="_blank">
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators</a><br>
>     ><br>
><br>
>     Definitely the external_network_bridge needs to be explicitly set to<br>
>     nothing. That's not the default. I've never had to change the default<br>
>     gateway_external_network_id when I set external_network_bridge to a<br>
>     blank value.<br>
><br>
>     Note that after making changes to external_network_bridge, I've have to<br>
>     delete and recreate the router/port/network that was created before<br>
>     that change.<br>
><br>
>     I assume that your bridge mappings are correct in<br>
>     /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini:<br>
><br>
>     bridge_mappings =datacentre:br-ex  # or whatever you have locally<br>
><br>
>     And that the physical_network of the external network matches the<br>
>     network name in the bridge_mappings that corresponds to the bridge<br>
>     containing the physical interface? Probably your instance ports<br>
>     wouldn't work if those things weren't correct, but those are also areas<br>
>     where I see failures similar to this.<br>
><br>
>     --<br>
>     Dan Sneddon         |  Principal OpenStack Engineer<br>
</span>>     <a href="mailto:dsneddon@redhat.com" target="_blank">dsneddon@redhat.com</a> <mailto:<a href="mailto:dsneddon@redhat.com" target="_blank">dsneddon@redhat.com</a>> |<br>
>     <a href="http://redhat.com/openstack" rel="noreferrer" target="_blank">redhat.com/openstack</a> <<a href="http://redhat.com/openstack" rel="noreferrer" target="_blank">http://redhat.com/openstack</a>><br>
>     <a href="tel:650.254.4025" value="+16502544025" target="_blank">650.254.4025</a> <tel:<a href="tel:650.254.4025" value="+16502544025" target="_blank">650.254.4025</a>>        |  dsneddon:irc   @dxs:twitter<br>
<span>><br>
><br>
><br>
><br>
> _______________________________________________<br>
> OpenStack-operators mailing list<br>
> <a href="mailto:OpenStack-operators@lists.openstack.org" target="_blank">OpenStack-operators@lists.openstack.org</a><br>
> <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators" rel="noreferrer" target="_blank">
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators</a><br>
><br>
<br>
</span>I didn't mean to confuse you by assuming that you were running Open<br>
vSwitch. You don't have to run Open vSwitch, and some things do work<br>
differently when using Linux bridge.<br>
<br>
If your IP address is no longer on enp3s0, then that might be an<br>
indicator that you have a bridge subsuming enp3s0. In that case, I'm<br>
pretty sure that the physical_interface_mapping should be<br>
public:<bridge>. I spend a lot more time with OVS deployments, though.<br>
<span><br>
--<br>
Dan Sneddon         |  Principal OpenStack Engineer<br>
<a href="mailto:dsneddon@redhat.com" target="_blank">dsneddon@redhat.com</a> |  <a href="http://redhat.com/openstack" rel="noreferrer" target="_blank">
redhat.com/openstack</a><br>
<a href="tel:650.254.4025" value="+16502544025" target="_blank">650.254.4025</a>        |  dsneddon:irc   @dxs:twitter<br>
<br>
</span>
<div>
<div>_______________________________________________<br>
OpenStack-operators mailing list<br>
<a href="mailto:OpenStack-operators@lists.openstack.org" target="_blank">OpenStack-operators@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators</a><br>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</div>
</div>
</span></div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</span>
</div>

</blockquote></div><br></div>