[Openstack] [Neutron] asymetric DHCP brokenness on tenant GRE networks
Jonathan Proulx
jon at jonproulx.com
Wed Jan 29 15:21:43 UTC 2014
HI All,
DHCP requests from instances with interfaces on OVS/GRE based tenant
networks are showing up on the tap device on the compute node but
never make it to the physical network device (tcpdump -i ehtX proto
gre).
If I manually configure an address all seems well & I can for example
ping from the qdhcp namespace on the network note to the instance.
This suggests to me that all the OVS plumbing is properly in place.
My next suspicion is iptables, which look OK to me as well, or at
least look like they do for the VLAN based provider networks that have
functioning DHCP (note 10.0.1.100 is the dhcp-agent's address on this
network):
Chain neutron-openvswi-o78facbbc-b (2 references)
target prot opt source destination
RETURN udp -- anywhere anywhere udp
spt:bootpc dpt:bootps
neutron-openvswi-s78facbbc-b all -- anywhere anywhere
DROP udp -- anywhere anywhere udp
spt:bootps dpt:bootpc
DROP all -- anywhere anywhere state INVALID
RETURN all -- anywhere anywhere state
RELATED,ESTABLISHED
RETURN all -- anywhere anywhere
neutron-openvswi-sg-fallback all -- anywhere anywhere
root at nova-50:~# iptables -L neutron-openvswi-i78facbbc-b
Chain neutron-openvswi-i78facbbc-b (1 references)
target prot opt source destination
DROP all -- anywhere anywhere state INVALID
RETURN all -- anywhere anywhere state
RELATED,ESTABLISHED
RETURN udp -- anywhere anywhere udp
multiport dports 1:65535
RETURN tcp -- anywhere anywhere tcp
multiport dports tcpmux:65535
RETURN tcp -- anywhere anywhere tcp dpt:ssh
RETURN icmp -- anywhere anywhere
RETURN udp -- 10.0.1.100 anywhere udp
spt:bootps dpt:bootpc
neutron-openvswi-sg-fallback all -- anywhere anywhere
Anyone see what I'm missing or have a suggestion on where I should look next?
More information about the Openstack
mailing list