[Openstack] (announce) neutron/openvswitch debugging utility

George Shuklin george.shuklin at gmail.com
Sun Dec 1 23:41:51 UTC 2013


Good day.

While debugging neutron setup on compute nodes I found debugging process 
rather annoying - almost half of the path happens outside normal 
interfaces (f.e. all traffic in patch interfaces can't be monitored with 
tcpdump).

I wrote a small shell utility, which allow to generate fake ICMP packets 
in neutron GRE tunnels. It create veth interface, plug in in the 
(specified) bridge, add openflow rule to openvswitch to add (specified) 
GRE label and send to (specified) out port. It allows to see if GRE set 
up working correctly without other components of neutron. It bypass ARP 
broadcast part and 'just send unicast packets'.

github for the packet: https://github.com/amarao/gre-tun-probe

How to use on compute nodes:

check existing rules for OVS:
# ovs-ofctl dump-flows br-tun
(skip)
cookie=0x0, duration=199273.231s, table=21, n_packets=190524, 
n_bytes=8002008, idle_age=0, hard_age=65534, priority=1,dl_vlan=1 
actions=strip_vlan,set_tunnel:0x1,output:2
(skip)

set_tunnel:0x1 - is 'our' tunnel number, and output - is output port.

To forcefully emulate traffic from guests:

./gre-tun-probe br-tun 0x1 2
or
./gre-tun-probe br-tun 0x1 2 192.168.1.1 192.168.1.2 10:0b:a9:bd:26:a8 100
(send 100 packets from 192.168.1.1 to 192.168.1.2 with dest. mac 
10:0b:a9:bd:26:a8 via bridge br-tun with gre label 0x1 in output port #2).

It relies on nping utility, which is shipped with recent version of nmap 
(recent: newer than precise), some upgrade may require.

Any comments and suggestions are welcome.





More information about the Openstack mailing list