[Openstack] quantum: two ips one vif
Jason Ford
jason at chatinara.com
Tue Oct 23 21:12:00 UTC 2012
This seems broke unless I have something weird going on in my ovs setup. I can get quantum to assign the second IP address to the instance but when trying to do anything to that second IP, traffic is blocked by something. I have verified that iptables is updated on the hypervisor and I can see flows in OVS inbound but no replies. I can even see the traffic making it to the instance as well via tcpdump and also see the replies going out for the initial ARP as well from inside the instance. The ARP never seems to make it into OVS as a flow. Is Quantum missing a configuration for a flow somewhere or is there something more I should look for? Does it work for anyone else or did I hit a bug?
jason
----- Original Message -----
From: "Dan Wendlandt" <dan at nicira.com>
To: "Jason Ford" <jason at chatinara.com>
Cc: openstack at lists.launchpad.net
Sent: Tuesday, October 23, 2012 12:55:42 AM
Subject: Re: [Openstack] quantum: two ips one vif
by default, quantum will give a port one IP address from any v4 subnet
associated with the network, and one from any v6 subnet associated
with the subnet. However, you can create your own port with multiple
subnets, and then boot a VM with that port. You can create a port
with IPs from different subnets by using the --fixed-ip option twice,
each time specifying a different subnet. See example below.
Dan
nicira at com-dev:~/devstack$ quantum subnet-list -c id -c network_id -c cidr
+-------------+--------------------------------------+--------------------------------------+
| cidr | id | network_id
|
+-------------+--------------------------------------+--------------------------------------+
| 10.0.0.0/16 | a26f5605-8400-45ef-82cc-ec62fae37a33 |
9f930f56-ca54-41b9-bb68-688f009e2f75 |
| 20.0.0.0/24 | f1278823-d6e3-4237-ad55-7f2fe286994c |
9f930f56-ca54-41b9-bb68-688f009e2f75 |
+-------------+--------------------------------------+--------------------------------------+
nicira at com-dev:~/devstack$ quantum port-create --fixed-ip
subnet_id=a26f5605-8400-45ef-82cc-ec62fae37a33 --fixed-ip
subnet_id=f1278823-d6e3-4237-ad55-7f2fe286994c
9f930f56-ca54-41b9-bb68-688f009e2f75
Created a new port:
+----------------+---------------------------------------------------------------------------------+
| Field | Value
|
+----------------+---------------------------------------------------------------------------------+
| admin_state_up | True
|
| device_id |
|
| device_owner |
|
| fixed_ips | {"subnet_id":
"a26f5605-8400-45ef-82cc-ec62fae37a33", "ip_address": "10.0.0.3"} |
| | {"subnet_id":
"f1278823-d6e3-4237-ad55-7f2fe286994c", "ip_address": "20.0.0.3"} |
| id | 79f20e6f-7b95-44b0-90e6-bd0296c7aa54
|
| mac_address | fa:16:3e:05:69:ba
|
| name |
|
| network_id | 9f930f56-ca54-41b9-bb68-688f009e2f75
|
| status | ACTIVE
|
| tenant_id | b02686b6c8c44c75bd7459710ed81edb
|
+----------------+---------------------------------------------------------------------------------+
nicira at com-dev:~/devstack$ nova image-list
+--------------------------------------+---------------------------------+--------+--------+
| ID | Name
| Status | Server |
+--------------------------------------+---------------------------------+--------+--------+
| 5809a3fe-2c27-4d87-80c0-963ec1f92d0f | cirros-0.3.0-x86_64-uec
| ACTIVE | |
| e9a03bac-1e46-4d98-973d-2efc0f10d4d2 |
cirros-0.3.0-x86_64-uec-kernel | ACTIVE | |
| 28ad71a6-b120-4d75-a8cc-1aabe248edfa |
cirros-0.3.0-x86_64-uec-ramdisk | ACTIVE | |
+--------------------------------------+---------------------------------+--------+--------+
nicira at com-dev:~/devstack$ nova boot --image
5809a3fe-2c27-4d87-80c0-963ec1f92d0f --flavor 1 --nic
port-id=79f20e6f-7b95-44b0-90e6-bd0296c7aa54 vm1
+------------------------+--------------------------------------+
| Property | Value |
+------------------------+--------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-STS:power_state | 0 |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| accessIPv4 | |
| accessIPv6 | |
| adminPass | 68GLMZmLrsJ5 |
| config_drive | |
| created | 2012-10-23T04:52:02Z |
| flavor | m1.tiny |
| hostId | |
| id | 10afbdc8-1ded-4a90-bbe4-0b245776a408 |
| image | cirros-0.3.0-x86_64-uec |
| key_name | None |
| metadata | {} |
| name | vm1 |
| progress | 0 |
| security_groups | [{u'name': u'default'}] |
| status | BUILD |
| tenant_id | b02686b6c8c44c75bd7459710ed81edb |
| updated | 2012-10-23T04:52:02Z |
| user_id | 6596c5e8318047d2859ee1bc5aef5c26 |
+------------------------+--------------------------------------+
nicira at com-dev:~/devstack$ nova list
+--------------------------------------+------+--------+-------------------------+
| ID | Name | Status | Networks
|
+--------------------------------------+------+--------+-------------------------+
| 10afbdc8-1ded-4a90-bbe4-0b245776a408 | vm1 | BUILD |
net1=10.0.0.3, 20.0.0.3 |
+--------------------------------------+------+--------+-------------------------+
On Mon, Oct 22, 2012 at 7:09 PM, Jason Ford <jason at chatinara.com> wrote:
> Stackers,
>
> I am testing out quantum with vlans using a hardware based firewall as a gateway. I am using openvswitch with the quantum openvswitch agent and nova-compute running on the compute node. I also have one management node with everything else on it.
>
> I am able to spin up a vm and assign an ip address via dhcp to my instance. It shows up in quantum port-list as well as quantum net-list and is able to route traffic in and out of my vlan'd network. I have a requirement to assign another fixed IP (not floating) from a new vlan to the same virtual interface on the instance. When I create another subnet in quantum, that works. How do I assign an ip address from the new subnet to the same openvswitch port via quantum?
>
> jason
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to : openstack at lists.launchpad.net
> Unsubscribe : https://launchpad.net/~openstack
> More help : https://help.launchpad.net/ListHelp
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Dan Wendlandt
Nicira, Inc: www.nicira.com
twitter: danwendlandt
~~~~~~~~~~~~~~~~~~~~~~~~~~~
More information about the Openstack
mailing list