<div dir="ltr"><div class="markdown-here-wrapper" id="markdown-here-wrapper-279365" style="font-size:1em;font-family:Helvetica,arial,freesans,clean,sans-serif;color:rgb(34,34,34);background-color:rgb(255,255,255);border:none;line-height:1.2">
<p style="margin:1em 0px">Thanks all of guys.<br>I have found the root cause. It is related to this bug <a href="https://bugzilla.redhat.com/show_bug.cgi?id=877704" style="color:rgb(51,51,238);text-decoration:none">https://bugzilla.redhat.com/show_bug.cgi?id=877704</a> . The explanation is below</p>
<blockquote style="margin:1em 0px;border-left-width:4px;border-left-style:solid;border-left-color:rgb(221,221,221);padding:0px 1em;color:rgb(119,119,119);quotes:none">
<p style="margin:1em 0px">When netns support is enabled, nat table is placed under a different namespace which doesn't contain the bridge interface inside it. So the value of net.bridge.bridge-nf-call-iptables doesn't affect the rule matching.</p>
</blockquote>
</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Feb 7, 2013 at 1:42 AM, Willard Dennis <span dir="ltr"><<a href="mailto:willarddennis@live.com" target="_blank">willarddennis@live.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div style="font-family:Calibri,'Segoe UI',Meiryo,'Microsoft YaHei UI','Microsoft JhengHei UI','Malgun Gothic','Khmer UI','Nirmala UI',Tunga,'Lao UI',Ebrima,sans-serif;font-size:16px">
<div>Hi Lei,</div><div> </div><div>Perhaps this article I wrote on the <a href="http://packetpushers.net" target="_blank">packetpushers.net</a> blog can be helpful to you --</div><div><a href="http://packetpushers.net/openstack-quantum-network-implementation-in-linux/" target="_blank">http://packetpushers.net/openstack-quantum-network-implementation-in-linux/</a></div>
<div> </div><div>Best,</div><div>Will</div><div><div> </div><div> </div></div> <div style="border-top-color:rgb(225,225,225);border-top-width:1px;border-top-style:solid"> <strong>From:</strong> Lei Zhang<br> <strong>Sent:</strong> February 6, 2013 1:40 AM<br>
<strong>To:</strong> <a href="mailto:openstack@lists.launchpad.net" target="_blank">openstack@lists.launchpad.net</a><br> <strong>Subject:</strong> Re: [Openstack] How the linux bridge work in Quantum<br> </div><div><div class="h5">
<div> </div><div dir="ltr">I am following the steps from <a href="http://d.hatena.ne.jp/enakai00/20121118/1353226066" target="_blank">http://d.hatena.ne.jp/enakai00/20121118/1353226066</a></div></div></div><div class="gmail_extra">
<br><br><div class="gmail_quote"><div><div class="h5">
On Wed, Feb 6, 2013 at 2:36 PM, Lei Zhang <span dir="ltr"><<a href="mailto:zhang.lei.fly@gmail.com" target="_blank">zhang.lei.fly@gmail.com</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;padding-left:1ex;border-left-color:rgb(204,204,204);border-left-width:1px;border-left-style:solid">
<div><div class="h5">
<div dir="ltr"><div style="border:black;color:rgb(34,34,34);line-height:1.2;font-family:Helvetica,arial,freesans,clean,sans-serif;font-size:1em">
<p style="margin:1em 0px">Directly, here is the issue I meet.
</p>
<p style="margin:1em 0px">I start a all-in-one openstack Folsom with Quantum network( using linux bridge plugin)
</p>
<ul style="margin:1em 0px;padding-left:2em">
<li style="margin:1em 0px">First I can not ping outside of the host. Following is the network setting. I think this should be work. But I can ping 10.10.0.1(gate way) in the host</li>
<li style="margin:1em 0px">Second, what's the usage for <code style="margin:0px 0.15em;padding:0px 0.3em;border-radius:3px;border:1px solid rgb(234,234,234);font-family:Consolas,Inconsolata,Courier,monospace;font-size:0.85em;display:inline;white-space:nowrap;background-color:rgb(248,248,248)">ns-1c37cab7-6b</code> <code style="margin:0px 0.15em;padding:0px 0.3em;border-radius:3px;border:1px solid rgb(234,234,234);font-family:Consolas,Inconsolata,Courier,monospace;font-size:0.85em;display:inline;white-space:nowrap;background-color:rgb(248,248,248)">qg-82fef397-e1</code> <code style="margin:0px 0.15em;padding:0px 0.3em;border-radius:3px;border:1px solid rgb(234,234,234);font-family:Consolas,Inconsolata,Courier,monospace;font-size:0.85em;display:inline;white-space:nowrap;background-color:rgb(248,248,248)">qg-82fef397-e1</code>, they are attached on nothing bridge. </li>
</ul>
<pre style="margin:1em 0px;line-height:1.2em;overflow:auto;font-family:Consolas,Inconsolata,Courier,monospace;font-size:1em"><code style="margin:0px 0.15em;padding:0.5em;border-radius:3px;border:1px solid rgb(204,204,204);color:rgb(51,51,51);font-family:Consolas,Inconsolata,Courier,monospace;font-size:0.85em;display:block;white-space:pre-wrap;background-color:rgb(248,248,255)">eth0: public Ethernet <a href="http://10.10.0.0/24eth1" target="_blank">10.10.0.0/24
eth1</a>: private Ethernet <a href="http://192.168.101.0/24eth2" target="_blank">192.168.101.0/24
eth2</a>: manage Ethernet <a href="http://10.12.0.0/24" target="_blank">10.12.0.0/24</a></code></pre>
<pre style="margin:1em 0px;line-height:1.2em;overflow:auto;font-family:Consolas,Inconsolata,Courier,monospace;font-size:1em"><code style="margin:0px 0.15em;padding:0.5em;border-radius:3px;border:1px solid rgb(204,204,204);color:rgb(51,51,51);font-family:Consolas,Inconsolata,Courier,monospace;font-size:0.85em;display:block;white-space:pre-wrap;background-color:rgb(248,248,255)">
[root@all-in-one ~]# brctl show
bridge name bridge id STP enabled interfaces
brq3958ea96-9d 8000.080027f1f512 no eth0
tap82fef397-e1
brq399d07f4-8c 8000.080027b61c6f no eth1.101
tap1c37cab7-6b
tap21afddbd-80
tap629410b3-2d</code></pre>
<p style="margin:1em 0px"><strong>Part of <code style="margin:0px 0.15em;padding:0px 0.3em;border-radius:3px;border:1px solid rgb(234,234,234);font-family:Consolas,Inconsolata,Courier,monospace;font-size:0.85em;display:inline;white-space:nowrap;background-color:rgb(248,248,248)">ip link</code></strong>
</p>
<pre style="margin:1em 0px;line-height:1.2em;overflow:auto;font-family:Consolas,Inconsolata,Courier,monospace;font-size:1em"><code style="margin:0px 0.15em;padding:0.5em;border-radius:3px;border:1px solid rgb(204,204,204);color:rgb(51,51,51);font-family:Consolas,Inconsolata,Courier,monospace;font-size:0.85em;display:block;white-space:pre-wrap;background-color:rgb(248,248,255)">[root@all-in-one ~]# ip link
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:f1:f5:12 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:b6:1c:6f brd ff:ff:ff:ff:ff:ff
10: eth1.101@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 08:00:27:b6:1c:6f brd ff:ff:ff:ff:ff:ff</code></pre>
<p style="margin:1em 0px"><strong> Part of <code style="margin:0px 0.15em;padding:0px 0.3em;border-radius:3px;border:1px solid rgb(234,234,234);font-family:Consolas,Inconsolata,Courier,monospace;font-size:0.85em;display:inline;white-space:nowrap;background-color:rgb(248,248,248)">ip addr</code></strong>
</p>
<pre style="margin:1em 0px;line-height:1.2em;overflow:auto;font-family:Consolas,Inconsolata,Courier,monospace;font-size:1em"><code style="margin:0px 0.15em;padding:0.5em;border-radius:3px;border:1px solid rgb(204,204,204);color:rgb(51,51,51);font-family:Consolas,Inconsolata,Courier,monospace;font-size:0.85em;display:block;white-space:pre-wrap;background-color:rgb(248,248,255)">[root@all-in-one instance-00000005]# ip a
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:f1:f5:12 brd ff:ff:ff:ff:ff:ff
inet6 fe80::a00:27ff:fef1:f512/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:b6:1c:6f brd ff:ff:ff:ff:ff:ff
inet6 fe80::a00:27ff:feb6:1c6f/64 scope link
valid_lft forever preferred_lft forever
8: qr-21afddbd-80: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 22:af:8e:70:bf:43 brd ff:ff:ff:ff:ff:ff
inet <a href="http://192.168.101.1/24" target="_blank">192.168.101.1/24</a> brd 192.168.101.255 scope global qr-21afddbd-80
inet6 fe80::20af:8eff:fe70:bf43/64 scope link
valid_lft forever preferred_lft forever
10: eth1.101@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 08:00:27:b6:1c:6f brd ff:ff:ff:ff:ff:ff
inet6 fe80::a00:27ff:feb6:1c6f/64 scope link
valid_lft forever preferred_lft forever
11: brq399d07f4-8c: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
link/ether 08:00:27:b6:1c:6f brd ff:ff:ff:ff:ff:ff
inet6 fe80::a0ef:23ff:fe72:8085/64 scope link
valid_lft forever preferred_lft forever
12: qg-82fef397-e1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 42:de:03:55:d6:96 brd ff:ff:ff:ff:ff:ff
inet <a href="http://10.10.0.2/24" target="_blank">10.10.0.2/24</a> brd 10.10.0.255 scope global qg-82fef397-e1
inet6 fe80::40de:3ff:fe55:d696/64 scope link
valid_lft forever preferred_lft forever
14: brq3958ea96-9d: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
link/ether 08:00:27:f1:f5:12 brd ff:ff:ff:ff:ff:ff
inet <a href="http://10.10.0.200/24" target="_blank">10.10.0.200/24</a> brd 10.10.0.255 scope global brq3958ea96-9d
inet6 fe80::b4a2:c5ff:fe8c:3b1c/64 scope link
valid_lft forever preferred_lft forever
15: ns-1c37cab7-6b: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 2e:0d:c2:31:23:23 brd ff:ff:ff:ff:ff:ff
inet <a href="http://192.168.101.2/24" target="_blank">192.168.101.2/24</a> brd 192.168.101.255 scope global ns-1c37cab7-6b
inet6 fe80::2c0d:c2ff:fe31:2323/64 scope link
valid_lft forever preferred_lft forever</code></pre>
<p style="margin:1em 0px"><strong> <code style="margin:0px 0.15em;padding:0px 0.3em;border-radius:3px;border:1px solid rgb(234,234,234);font-family:Consolas,Inconsolata,Courier,monospace;font-size:0.85em;display:inline;white-space:nowrap;background-color:rgb(248,248,248)">ip route</code> </strong>
</p>
<pre style="margin:1em 0px;line-height:1.2em;overflow:auto;font-family:Consolas,Inconsolata,Courier,monospace;font-size:1em"><code style="margin:0px 0.15em;padding:0.5em;border-radius:3px;border:1px solid rgb(204,204,204);color:rgb(51,51,51);font-family:Consolas,Inconsolata,Courier,monospace;font-size:0.85em;display:block;white-space:pre-wrap;background-color:rgb(248,248,255)">[root@all-in-one instance-00000005]# ip r
<a href="http://192.168.101.0/24" target="_blank">192.168.101.0/24</a> dev ns-1c37cab7-6b proto kernel scope link src 192.168.101.2
<a href="http://192.168.101.0/24" target="_blank">192.168.101.0/24</a> dev qr-21afddbd-80 proto kernel scope link src 192.168.101.1
<a href="http://10.10.0.0/24" target="_blank">10.10.0.0/24</a> dev qg-82fef397-e1 proto kernel scope link src 10.10.0.2
<a href="http://10.10.0.0/24" target="_blank">10.10.0.0/24</a> dev brq3958ea96-9d proto kernel scope link src 10.10.0.200
<a href="http://10.12.0.0/24" target="_blank">10.12.0.0/24</a> dev eth2 proto kernel scope link src 10.12.0.2
<a href="http://169.254.0.0/16" target="_blank">169.254.0.0/16</a> dev eth1 scope link metric 1003
default via 10.10.0.1 dev brq3958ea96-9d metric 100</code></pre>
</div></div></div></div><div class="im"><div><div><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Feb 6, 2013 at 1:31 PM, Lei Zhang <span dir="ltr"><<a href="mailto:zhang.lei.fly@gmail.com" target="_blank">zhang.lei.fly@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;padding-left:1ex;border-left-color:rgb(204,204,204);border-left-width:1px;border-left-style:solid"><div dir="ltr">Hi all, <div>I am learning the Quantum project. But I am confused about the whole</div>
<div>architecture. Is there any article to explain how the package flow in the </div>
<div>network model, which will help me to debug the network issue.</div>
<div>For example, how the ping package flow from the VMs to the external internet? <span><font color="#888888"><br clear="all"><div><br></div>-- <br><div><span style="font-family:arial,sans-serif;font-size:13px;border-collapse:collapse">Lei Zhang</span></div>
<div><span style="font-family:arial,sans-serif;font-size:13px;border-collapse:collapse"><br></span></div><div><font face="arial, sans-serif">Blog: <a href="http://jeffrey4l.github.com" target="_blank">http://jeffrey4l.github.com</a></font></div>
<div>twitter/weibo: @jeffrey4l</div>
</font></span></div></div>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div><span style="font-family:arial,sans-serif;font-size:13px;border-collapse:collapse">Lei Zhang</span></div><div><span style="font-family:arial,sans-serif;font-size:13px;border-collapse:collapse"><br>
</span></div><div><font face="arial, sans-serif">Blog: <a href="http://jeffrey4l.github.com" target="_blank">http://jeffrey4l.github.com</a></font></div><div>twitter/weibo: @jeffrey4l</div>
</div>
</div></div></div></blockquote></div><div class="im"><br><br clear="all"><div><br></div>-- <br><div><span style="font-family:arial,sans-serif;font-size:13px;border-collapse:collapse">Lei Zhang</span></div><div><span style="font-family:arial,sans-serif;font-size:13px;border-collapse:collapse"><br>
</span></div><div><font face="arial, sans-serif">Blog: <a href="http://jeffrey4l.github.com" target="_blank">http://jeffrey4l.github.com</a></font></div><div>twitter/weibo: @jeffrey4l</div>
</div></div>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div><span style="font-family:arial,sans-serif;font-size:13px;border-collapse:collapse">Lei Zhang</span></div><div><span style="font-family:arial,sans-serif;font-size:13px;border-collapse:collapse"><br>
</span></div><div><font face="arial, sans-serif">Blog: <a href="http://jeffrey4l.github.com" target="_blank">http://jeffrey4l.github.com</a></font></div><div>twitter/weibo: @jeffrey4l</div>
</div>