[Openstack] Mitaka Neutron DVR namespace not communicating with DHCP and LbaaS namespace with VLAN isolation

Brian Haley brian.haley at hpe.com
Tue Feb 14 15:16:35 UTC 2017 

On 02/13/2017 12:26 PM, kevin parrikar wrote:
> hello All,
> I just installed Mitaka release with DVR and ml2+OVS,everything looks fine .
>
> vms are getting ip address,floating IP address is working,vms can talk to lbaas
> namespace
>
> How ever:
>
> Communication from qrouter-namespace to lbass and dhcp namespace are not
>  working,because of that floating ip assigned on lbaas is not working.I am not
> sure whats is broken,we are using VLAN segmentation,Even tried using GRE but
> that didnt make any difference.
>
> i am new to DVR and in my juno environment without DVR, DHCP namespace can talk
> to lbaas and router namespace.
>
> on one of the compute node:
>
>
> ip netns exec qrouter-602e4399-1949-4f7f-9351-0921064a111b ip l
>
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
> group default
>     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> 20: qr-0d106417-3b: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue
> state UNKNOWN mode DEFAULT group default

Are you running into an MTU issue?  I see 9000 here which is not typical, in 
newton this is usually 1450 w/VXLAN overlay to account for overhead.

Something like ping should still work though, so the first things I'd check are:

1) Is there a complete ARP entry in that router namespace for the DHCP IP? 
Maybe you need to enable l2pop?

2) If the packet is making it out of the namespace and onto the bridge, is there 
an iptables rule possibly dropping the packet?

Swami and I (haleyb) are typically on the #openstack-neutron channel if we don't 
respond to email quickly.

-Brian


> ovs-vsctl list-ifaces br-int
> fg-70b8f7d1-1e
> int-br-floating
> int-br-prv
> qr-0d106417-3b
> qr-d1b616f7-45
> qvo61d4d7d2-83
> qvoc1f28f85-f6
>
>  ovs-vsctl show |grep  -A 2 qr-0d106417-3b
>         Port "qr-0d106417-3b"
>             tag: 1
>             Interface "qr-0d106417-3b"
>                 type: internal
>         Port "qvo61d4d7d2-83"
>
> any idea why DVR is not able to talk to qdhcp and qlbaas ,but vms can talk to
> both namespaces.
>
> Regards,
> Kevi
>
>
> _______________________________________________
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to     : openstack at lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>

More information about the Openstack mailing list