<div dir="ltr">I don't know if it will help but, tcpdump shows:<div><br></div><div>NOTE: I re-created the "stack", so, the IDs have changed but, the problem remains...<br><div><br></div><div>For "brq44b54ac7-c4":</div><div><br></div><div>---</div><div>time tcpdump -c 100 -eni brq44b54ac7-c4<br></div><div><br></div><div>...... NORMAL TRAFFIC (I guess)....</div><div>......</div><div><div>02:12:38.415680 1c:df:0f:ef:bd:1b > 1c:df:0f:ef:b9:1b, ethertype IPv4 (0x0800), length 363: 192.168.4.66.62521 > 192.168.13.16.18457: Flags [P.], seq 439562052:439562361, ack 3427842886, win 22919, length 309</div><div>02:12:38.417826 1c:df:0f:ef:b9:1b > 1c:df:0f:ef:bd:1b, ethertype IPv4 (0x0800), length 235: 192.168.13.16.18457 > 192.168.4.101.63781: Flags [P.], seq 54:235, ack 1727, win 513, length 181</div></div><div>......</div><div><br></div><div><div>real 0m0.874s</div><div>user 0m0.004s</div><div>sys 0m0.000s</div></div><div>---</div><div><br></div><div>For its "tap0b5eb746-ed":</div></div><div><br></div><div>---</div><div>....</div><div><div>02:14:06.915717 1c:df:0f:ef:b9:1b > 01:00:5e:00:00:05, ethertype IPv4 (0x0800), length 134: 192.168.25.2 > <a href="http://224.0.0.5">224.0.0.5</a>: OSPFv2, Hello, length 84</div><div>02:14:08.505713 f4:ac:c1:ba:7b:83 > 01:00:0c:cc:cc:cd, 802.3, length 64: LLC, dsap SNAP (0xaa) Individual, ssap SNAP (0xaa) Command, ctrl 0x03: oui Cisco (0x00000c), pid PVST (0x010b): STP 802.1w, Rapid STP, Flags [Learn, Forward], bridge-id 6a4d.f4:ac:c1:ba:7b:80.8003, length 42</div></div><div>...</div><div><div><br></div><div>real 2m20.069s</div><div>user 0m0.004s</div><div>sys 0m0.016s</div></div><div>---</div><div><br></div><div>"brctl show" returns:</div><div><br></div><div>---</div><div>...</div><div><div>brq44b54ac7-c4 8000.ecf4bbd0417b no eth2.101</div><div> tap0b5eb746-ed</div></div><div>...</div><div>---</div><div><br></div><div><br></div><div>The first tcpdump takes about 1 second, the second, more than 2 minutes! And the lines are very different...</div><div><br></div><div>I'm stucked... Since the "Instance #1" works, and its "duplicated configuration - Instance #2", doesn't... I'm only changing the vlan id! :-/</div><div><br></div><div>Switch configurations are okay, since I can see the packets arriving @ eth2 normally.</div><div><br></div><div>Maybe it is time to go back to OVS instead of Linux Bridges... :-(</div><div><br></div><div>Thanks,</div><div>Thiago</div></div><div class="gmail_extra"><br><div class="gmail_quote">On 7 July 2015 at 21:37, Martinx - ジェームズ <span dir="ltr"><<a href="mailto:thiagocmartinsc@gmail.com" target="_blank">thiagocmartinsc@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div class="h5"><div>On 7 July 2015 at 21:00, Martinx - ジェームズ <span dir="ltr"><<a href="mailto:thiagocmartinsc@gmail.com" target="_blank">thiagocmartinsc@gmail.com</a>></span> wrote:<br></div><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><div><div><div class="gmail_extra"><div class="gmail_quote">On 7 July 2015 at 20:51, Martinx - ジェームズ <span dir="ltr"><<a href="mailto:thiagocmartinsc@gmail.com" target="_blank">thiagocmartinsc@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr">Guys,<div><br></div><div>I have an "all-in-one" OpenStack Juno setup, with LinuxBridges, where I'm planning to use it with two tagged networks.</div><div><br></div><div>Like this:</div><div><br></div><div>For "Instance #1", "brctl show" returns:</div><div><br></div><div>----</div><div><div>root@openstack-1:~# brctl show</div><div>bridge name bridge id STP enabled interfaces</div></div><div><br></div><div><div>brqfac384d5-cd 8000.ecf4bbd0417a no eth2.100</div><div> tap47417a6d-3b</div><div>----<br></div></div><div><br></div><div>For "Instance #2", "brctl show" returns:</div><div><br></div><div>----</div><div><div>bridge name bridge id STP enabled interfaces</div></div><div><br></div><div><div>brq50721b16-1c 8000.ecf4bbd0417a no eth2.101<br></div><div> tap15f2960f-54</div></div><div>----</div><div><br></div><div>"Instance #1" works as expected, I can see the the packets arriving inside the Instance attached to the TAP "tap15f2960f-54".</div><div><br></div><div>Also, I can run "tcpdump -c 100 -eni tap15f2960f-54" or "tcpdump -c 100 -eni brq50721b16-1c" to see the packets.</div><div><br></div><div>BUT, my second "Instance #2" doesn't receive the packets!!</div><div><br></div><div><br></div><div># "Wire"</div><div><br></div><div>If I run "tcpdump -c 100 -eni eth2", I can see both "vlan 100" and "vlan 101" packets arriving.</div><div><br></div><div># vlan 100 - okay</div><div>If I run "tcpdump -c 100 -eni brqfac384d5-cd", as I said before, I can see the packets.</div><div><br></div><div>If I run "tcpdump -c 100 -eni tap47417a6d-3b", as I said before, I can see the packets.</div><div><br></div><div># vlan 101 - not okay</div><div>If I run "tcpdump -c 100 -eni brq50721b16-1c", I can see the packets.</div><div><br></div><div>If I run "tcpdump -c 100 -eni tap15f2960f-54", BOOM! I am unable to see the packets!!</div><div><br></div><div>--</div><div><br></div><div><br></div><div>Why the packets are being dropped between "brq50721b16-1c" and "tap15f2960f-54" ???</div><div><br></div><div>"ifconfig tap15f2960f-54" shows packets being dropped.</div><div><br></div><div>"ifconfig tap47417a6d-3b" shows 0 packets being dropped.</div><div><br></div><div><br></div><div>I already double checked everything!! Also, I tried to raise txqueue, checked ebtabled, iptables... I have no clue about whats going on here...</div><div><br></div><div>I really appreciate any help!</div><div><br></div><div>Thanks!</div><div>Thiago</div></div>
</blockquote></div><br></div></div></div><div class="gmail_extra">BTW, the symptoms are weird... After a reboot (and starting the Intance #2 with bigger txqueue from the beginning), I'm not seeing the packets being dropped @ the tap interface but, they to not arrive anyway...<div><br></div><div>I would love to know what can cause the packets arriving the "brqXXX-yy" interface but not its "tapXXX-YY"... Very weird...</div><div><br></div><div>Thanks in advance!</div></div></div></blockquote></div></div><div class="gmail_extra"><br></div></div></div><div class="gmail_extra"><div class="gmail_extra">Also, I'm not using any kind of Security Groups or Firewall, my "ml2_conf.ini" looks likes this:</div><div class="gmail_extra"><br></div><div class="gmail_extra">---</div><div class="gmail_extra">.......</div><div class="gmail_extra">[ml2_type_flat]</div><div class="gmail_extra">flat_networks = external</div><div class="gmail_extra"><br></div><div class="gmail_extra">[ml2_type_vlan]</div><div class="gmail_extra">network_vlan_ranges = physvlan2</div><div class="gmail_extra"><br></div><div class="gmail_extra">[securitygroup]</div><div class="gmail_extra">enable_security_group = False</div><div class="gmail_extra">enable_ipset = False</div><div class="gmail_extra">firewall_driver = neutron.agent.firewall.NoopFirewallDriver</div><div class="gmail_extra"><br></div><div class="gmail_extra">[agent]</div><div class="gmail_extra">tunnel_types = vxlan</div><div class="gmail_extra"><br></div><div class="gmail_extra">[vxlan]</div><div class="gmail_extra">enable_vxlan = True</div><div class="gmail_extra">local_ip = 10.0.1.31</div><div class="gmail_extra">l2_population = True</div><div class="gmail_extra"><br></div><div class="gmail_extra">[l2pop]</div><div class="gmail_extra">agent_boot_time = 180</div><div class="gmail_extra"><br></div><div class="gmail_extra">[linux_bridge]</div><div class="gmail_extra">physical_interface_mappings = external:eth1,vxlan:dummy0,physvlan2:eth2</div><div class="gmail_extra">---</div><div class="gmail_extra"><br></div><div class="gmail_extra">Nova also doesn't make use of any firewall driver. So, the iptables rules here are just the bare minimal.</div><div class="gmail_extra"><br></div><div class="gmail_extra">My eth0 is the first network interface, it is the default gateway of the host itself (Horizon, APIs, etc, runs on top of eth0).</div><div class="gmail_extra"><br></div><div class="gmail_extra">The vxlan on top of a dummy0 interface works fine for this "all-in-one" deployment.</div><div class="gmail_extra"><br></div><div class="gmail_extra">The Instances attached to the "physvlan2:100:101" have two interfaces, vritual eth0 is vxlan, virtual eth1 is attached to physvlan2 (100 or 101), they can ping the Internet without problems.</div><div class="gmail_extra"><br></div><div class="gmail_extra">Thanks,</div><div class="gmail_extra">Thiago</div></div></div>
</blockquote></div><br></div>