<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 14 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:SimSun;
panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
{font-family:SimSun;
panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"\@SimSun";
panose-1:2 1 6 0 3 1 1 1 1 1;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoPlainText, li.MsoPlainText, div.MsoPlainText
{mso-style-priority:99;
mso-style-link:"Plain Text Char";
margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
span.PlainTextChar
{mso-style-name:"Plain Text Char";
mso-style-priority:99;
mso-style-link:"Plain Text";
font-family:"Calibri","sans-serif";}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoPlainText>Yes. You should see the similar flow table entries like this one,<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>sudo ovs-ofctl dump-flows br-int<o:p></o:p></p><p class=MsoPlainText>NXST_FLOW reply (xid=0x4):<o:p></o:p></p><p class=MsoPlainText> cookie=0x0, duration=82162.227s, table=0, n_packets=219, n_bytes=23483, idle_age=11936, hard_age=65534, priority=3,in_port=1,<span style='color:red'>dl_vlan=120 </span>actions=mod_vlan_vid:1,NORMAL<o:p></o:p></p><p class=MsoPlainText> cookie=0x0, duration=82174.601s, table=0, n_packets=52271, n_bytes=7173176, idle_age=61, hard_age=65534, priority=2,in_port=1 actions=drop<o:p></o:p></p><p class=MsoPlainText> cookie=0x0, duration=82176.97s, table=0, n_packets=2110, n_bytes=188772, idle_age=1618, hard_age=65534, priority=1 actions=NORMAL<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>dl_vlan=120 is the vlan number you configured in your ml2 init file. For some reason, this is not been configured in your flow table entry. The actual code that generates this flow entry configuration is at,<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>/opt/stack/neutron/neutron/plugins/openvswitch/agent/ovs_neutron_agent.py<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>Also Neutron log file should have the following CLI log,<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>2014-04-28 11:23:56.860 DEBUG neutron.agent.linux.utils [-]<o:p></o:p></p><p class=MsoPlainText>Running command: ['sudo', '/usr/local/bin/neutron-rootwrap', '/etc/neutron/rootwrap.con<o:p></o:p></p><p class=MsoPlainText>f', 'ovs-ofctl', 'add-flow', 'br-int', 'hard_timeout=0,idle_timeout=0,priority=3,in_port=1,<o:p></o:p></p><p class=MsoPlainText>dl_vlan=120,actions=mod_vlan_vid:1,normal'] from (pid=11102)<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>HTH<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>Dennis Qin<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>-----Original Message-----<br>From: Erich Weiler [mailto:weiler@soe.ucsc.edu] <br>Sent: Friday, April 25, 2014 11:23 AM<br>To: openstack<br>Subject: [Openstack] Open vSwitch not working as expected...?</p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>Hi Y'all,<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>I recently began rebuilding my OpenStack installation under the latest icehouse release, and everything is almost working, but I'm having issues with Open vSwitch, at least on the compute nodes.<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>I'm use the ML2 plugin and VLAN tenant isolation. I have this in my /etc/neutron/plugin.ini file<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>----------<o:p></o:p></p><p class=MsoPlainText>[ovs]<o:p></o:p></p><p class=MsoPlainText>bridge_mappings = physnet1:br-eth1<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>[ml2]<o:p></o:p></p><p class=MsoPlainText>type_drivers = vlan<o:p></o:p></p><p class=MsoPlainText>tenant_network_types = vlan<o:p></o:p></p><p class=MsoPlainText>mechanism_drivers = openvswitch<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText># Example: mechanism_drivers = linuxbridge,brocade<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>[ml2_type_flat]<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>[ml2_type_vlan]<o:p></o:p></p><p class=MsoPlainText>network_vlan_ranges = physnet1:200:209<o:p></o:p></p><p class=MsoPlainText>----------<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>My switchports that the nodes connect to are configured as trunks, allowing VLANs 200-209 to flow over them.<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>My network that the VMs should be connecting to is:<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText># neutron net-show cbse-net<o:p></o:p></p><p class=MsoPlainText>+---------------------------+--------------------------------------+<o:p></o:p></p><p class=MsoPlainText>| Field | Value |<o:p></o:p></p><p class=MsoPlainText>+---------------------------+--------------------------------------+<o:p></o:p></p><p class=MsoPlainText>| admin_state_up | True |<o:p></o:p></p><p class=MsoPlainText>| id | 23028b15-fb12-4a9f-9fba-02f165a52d44 |<o:p></o:p></p><p class=MsoPlainText>| name | cbse-net |<o:p></o:p></p><p class=MsoPlainText>| provider:network_type | vlan |<o:p></o:p></p><p class=MsoPlainText>| provider:physical_network | physnet1 |<o:p></o:p></p><p class=MsoPlainText>| provider:segmentation_id | 200 |<o:p></o:p></p><p class=MsoPlainText>| router:external | False |<o:p></o:p></p><p class=MsoPlainText>| shared | False |<o:p></o:p></p><p class=MsoPlainText>| status | ACTIVE |<o:p></o:p></p><p class=MsoPlainText>| subnets | dd25433a-b21d-475d-91e4-156b00f25047 |<o:p></o:p></p><p class=MsoPlainText>| tenant_id | 7c1980078e044cb08250f628cbe73d29 |<o:p></o:p></p><p class=MsoPlainText>+---------------------------+--------------------------------------+<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText># neutron subnet-show dd25433a-b21d-475d-91e4-156b00f25047<o:p></o:p></p><p class=MsoPlainText>+------------------+--------------------------------------------------+<o:p></o:p></p><p class=MsoPlainText>| Field | Value |<o:p></o:p></p><p class=MsoPlainText>+------------------+--------------------------------------------------+<o:p></o:p></p><p class=MsoPlainText>| allocation_pools | {"start": "10.200.0.2", "end": "10.200.255.254"} |<o:p></o:p></p><p class=MsoPlainText>| cidr | 10.200.0.0/16 |<o:p></o:p></p><p class=MsoPlainText>| dns_nameservers | 128.114.48.44 |<o:p></o:p></p><p class=MsoPlainText>| enable_dhcp | True |<o:p></o:p></p><p class=MsoPlainText>| gateway_ip | 10.200.0.1 |<o:p></o:p></p><p class=MsoPlainText>| host_routes | |<o:p></o:p></p><p class=MsoPlainText>| id | dd25433a-b21d-475d-91e4-156b00f25047 |<o:p></o:p></p><p class=MsoPlainText>| ip_version | 4 |<o:p></o:p></p><p class=MsoPlainText>| name | |<o:p></o:p></p><p class=MsoPlainText>| network_id | 23028b15-fb12-4a9f-9fba-02f165a52d44 |<o:p></o:p></p><p class=MsoPlainText>| tenant_id | 7c1980078e044cb08250f628cbe73d29 |<o:p></o:p></p><p class=MsoPlainText>+------------------+--------------------------------------------------+<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>So those VMs on that network should send packets that would be tagged with VLAN 200.<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>I launch an instance, then look at the compute node with the instance on it. It doesn't get a DHCP address, so it can't talk to the neutron node with the dnsmasq server running on it. I configure the VM's interface to be a static IP on VLAN200, 10.200.0.30, and netmask 255.255.0.0. I have another node set up on VLAN 200 on my switch to test with<o:p></o:p></p><p class=MsoPlainText>(10.200.0.50) that is a real bare-metal server.<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>I can't ping my bare-metal server. I see the packets getting to eth1 on my compute node, but stopping there. Then I figure out that the packets are *not being tagged* for VLAN 200 as they leave the compute node!! So <o:p></o:p></p><p class=MsoPlainText>the switch is dropping them. As a test I configure the switchport <o:p></o:p></p><p class=MsoPlainText>with "native vlan 200", and voila, the ping works.<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>So, Open vSwitch is not getting that it needs to tag the packets for VLAN 200. A little diagnostics on the compute node:<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText> ovs-ofctl dump-flows br-int<o:p></o:p></p><p class=MsoPlainText>NXST_FLOW reply (xid=0x4):<o:p></o:p></p><p class=MsoPlainText> cookie=0x0, duration=966.803s, table=0, n_packets=0, n_bytes=0, idle_age=966, priority=0 actions=NORMAL<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>Shouldn't that show some VLAN tagging?<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>and a tcpdump on eth1 on the compute node:<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText># tcpdump -e -n -vv -i eth1 | grep -i arp<o:p></o:p></p><p class=MsoPlainText>tcpdump: WARNING: eth1: no IPv4 address assigned<o:p></o:p></p><p class=MsoPlainText>tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size<o:p></o:p></p><p class=MsoPlainText>65535 bytes<o:p></o:p></p><p class=MsoPlainText>11:21:50.462447 fa:16:3e:94:b3:63 > Broadcast, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 10.200.0.50 tell 10.200.0.30, length 28<o:p></o:p></p><p class=MsoPlainText>11:21:51.462968 fa:16:3e:94:b3:63 > Broadcast, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 10.200.0.50 tell 10.200.0.30, length 28<o:p></o:p></p><p class=MsoPlainText>11:21:52.462330 fa:16:3e:94:b3:63 > Broadcast, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 10.200.0.50 tell 10.200.0.30, length 28<o:p></o:p></p><p class=MsoPlainText>11:21:53.462311 fa:16:3e:94:b3:63 > Broadcast, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 10.200.0.50 tell 10.200.0.30, length 28<o:p></o:p></p><p class=MsoPlainText>11:21:54.463169 fa:16:3e:94:b3:63 > Broadcast, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 10.200.0.50 tell 10.200.0.30, length 28<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>That tcpdump also confirms the ARP packets are not being tagged 200 as they leave the physical interface.<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>This worked before when I was testing icehouse RC1, I don't know what changed with Open vSwitch... Anyone have any ideas?<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>Thanks as always for the help!! This list has been very helpful.<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>cheers,<o:p></o:p></p><p class=MsoPlainText>erich<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>_______________________________________________<o:p></o:p></p><p class=MsoPlainText>Mailing list: <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack"><span style='color:windowtext;text-decoration:none'>http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</span></a><o:p></o:p></p><p class=MsoPlainText>Post to : <a href="mailto:openstack@lists.openstack.org"><span style='color:windowtext;text-decoration:none'>openstack@lists.openstack.org</span></a><o:p></o:p></p><p class=MsoPlainText>Unsubscribe : <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack"><span style='color:windowtext;text-decoration:none'>http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</span></a><o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p></div></body></html>