<div dir="ltr"><div>On 7 July 2015 at 21:00, Martinx - ジェームズ <span dir="ltr"><<a href="mailto:thiagocmartinsc@gmail.com" target="_blank">thiagocmartinsc@gmail.com</a>></span> wrote:<br></div><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><div><div class="h5"><div class="gmail_extra"><div class="gmail_quote">On 7 July 2015 at 20:51, Martinx - ジェームズ <span dir="ltr"><<a href="mailto:thiagocmartinsc@gmail.com" target="_blank">thiagocmartinsc@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr">Guys,<div><br></div><div>I have an "all-in-one" OpenStack Juno setup, with LinuxBridges, where I'm planning to use it with two tagged networks.</div><div><br></div><div>Like this:</div><div><br></div><div>For "Instance #1", "brctl show" returns:</div><div><br></div><div>----</div><div><div>root@openstack-1:~# brctl show</div><div>bridge name bridge id STP enabled interfaces</div></div><div><br></div><div><div>brqfac384d5-cd 8000.ecf4bbd0417a no eth2.100</div><div> tap47417a6d-3b</div><div>----<br></div></div><div><br></div><div>For "Instance #2", "brctl show" returns:</div><div><br></div><div>----</div><div><div>bridge name bridge id STP enabled interfaces</div></div><div><br></div><div><div>brq50721b16-1c 8000.ecf4bbd0417a no eth2.101<br></div><div> tap15f2960f-54</div></div><div>----</div><div><br></div><div>"Instance #1" works as expected, I can see the the packets arriving inside the Instance attached to the TAP "tap15f2960f-54".</div><div><br></div><div>Also, I can run "tcpdump -c 100 -eni tap15f2960f-54" or "tcpdump -c 100 -eni brq50721b16-1c" to see the packets.</div><div><br></div><div>BUT, my second "Instance #2" doesn't receive the packets!!</div><div><br></div><div><br></div><div># "Wire"</div><div><br></div><div>If I run "tcpdump -c 100 -eni eth2", I can see both "vlan 100" and "vlan 101" packets arriving.</div><div><br></div><div># vlan 100 - okay</div><div>If I run "tcpdump -c 100 -eni brqfac384d5-cd", as I said before, I can see the packets.</div><div><br></div><div>If I run "tcpdump -c 100 -eni tap47417a6d-3b", as I said before, I can see the packets.</div><div><br></div><div># vlan 101 - not okay</div><div>If I run "tcpdump -c 100 -eni brq50721b16-1c", I can see the packets.</div><div><br></div><div>If I run "tcpdump -c 100 -eni tap15f2960f-54", BOOM! I am unable to see the packets!!</div><div><br></div><div>--</div><div><br></div><div><br></div><div>Why the packets are being dropped between "brq50721b16-1c" and "tap15f2960f-54" ???</div><div><br></div><div>"ifconfig tap15f2960f-54" shows packets being dropped.</div><div><br></div><div>"ifconfig tap47417a6d-3b" shows 0 packets being dropped.</div><div><br></div><div><br></div><div>I already double checked everything!! Also, I tried to raise txqueue, checked ebtabled, iptables... I have no clue about whats going on here...</div><div><br></div><div>I really appreciate any help!</div><div><br></div><div>Thanks!</div><div>Thiago</div></div>
</blockquote></div><br></div></div></div><div class="gmail_extra">BTW, the symptoms are weird... After a reboot (and starting the Intance #2 with bigger txqueue from the beginning), I'm not seeing the packets being dropped @ the tap interface but, they to not arrive anyway...<div><br></div><div>I would love to know what can cause the packets arriving the "brqXXX-yy" interface but not its "tapXXX-YY"... Very weird...</div><div><br></div><div>Thanks in advance!</div></div></div></blockquote></div></div><div class="gmail_extra"><br></div><div class="gmail_extra"><div class="gmail_extra">Also, I'm not using any kind of Security Groups or Firewall, my "ml2_conf.ini" looks likes this:</div><div class="gmail_extra"><br></div><div class="gmail_extra">---</div><div class="gmail_extra">.......</div><div class="gmail_extra">[ml2_type_flat]</div><div class="gmail_extra">flat_networks = external</div><div class="gmail_extra"><br></div><div class="gmail_extra">[ml2_type_vlan]</div><div class="gmail_extra">network_vlan_ranges = physvlan2</div><div class="gmail_extra"><br></div><div class="gmail_extra">[securitygroup]</div><div class="gmail_extra">enable_security_group = False</div><div class="gmail_extra">enable_ipset = False</div><div class="gmail_extra">firewall_driver = neutron.agent.firewall.NoopFirewallDriver</div><div class="gmail_extra"><br></div><div class="gmail_extra">[agent]</div><div class="gmail_extra">tunnel_types = vxlan</div><div class="gmail_extra"><br></div><div class="gmail_extra">[vxlan]</div><div class="gmail_extra">enable_vxlan = True</div><div class="gmail_extra">local_ip = 10.0.1.31</div><div class="gmail_extra">l2_population = True</div><div class="gmail_extra"><br></div><div class="gmail_extra">[l2pop]</div><div class="gmail_extra">agent_boot_time = 180</div><div class="gmail_extra"><br></div><div class="gmail_extra">[linux_bridge]</div><div class="gmail_extra">physical_interface_mappings = external:eth1,vxlan:dummy0,physvlan2:eth2</div><div class="gmail_extra">---</div><div class="gmail_extra"><br></div><div class="gmail_extra">Nova also doesn't make use of any firewall driver. So, the iptables rules here are just the bare minimal.</div><div class="gmail_extra"><br></div><div class="gmail_extra">My eth0 is the first network interface, it is the default gateway of the host itself (Horizon, APIs, etc, runs on top of eth0).</div><div class="gmail_extra"><br></div><div class="gmail_extra">The vxlan on top of a dummy0 interface works fine for this "all-in-one" deployment.</div><div class="gmail_extra"><br></div><div class="gmail_extra">The Instances attached to the "physvlan2:100:101" have two interfaces, vritual eth0 is vxlan, virtual eth1 is attached to physvlan2 (100 or 101), they can ping the Internet without problems.</div><div class="gmail_extra"><br></div><div class="gmail_extra">Thanks,</div><div class="gmail_extra">Thiago</div></div></div>