Thanks for the reply. It was very informative. 

In my case I have 2 sub-interfaces on a single bond. One I am using as kolla_extrrnal_vip_interface for TLS configuration.

Another one I intended to use as provider network interface. 

Issue is after successful kolla deploy, VM is not getting IP successfully through DHCP. This is making me wonder if my approach was right ?? Or do I need to put the br-ex directly on bond itself still.

Any help and suggestion here is appreciated.

PS: I have other 2 bond interfaces dedicated for kolla_internal_vip_interface/network_interface  and storage network. 

Thanks,
Roshan

On Thu, Feb 11, 2021, 2:15 PM Mark Goddard <mark@stackhpc.com> wrote:
On Tue, 9 Feb 2021 at 15:35, roshan anvekar <roshananvekar@gmail.com> wrote:
>
> Is it a hard requirement for br-ex to be configured on physical interface itself?? Or is it okay to configure it on a sub-interface too??
Hi Roshan,
* if you plug an interface into a bridge (OVS or Linux), then you will
no longer be able to use the IP configuration on that interface. That
is likely why you've lost access to the gateway.
* as Sean said, if you are using VLAN provider networks then plugging
a VLAN interface into br-ex will result in double encapsulation. You
can plug the bond in directly, and still make use of a VLAN interface
on the bond for the external API.
Mark
>
> Thanks in advance.
>
> ---------- Forwarded message ---------
> From: roshan anvekar <roshananvekar@gmail.com>
> Date: Tue, Feb 9, 2021, 5:54 PM
> Subject: [stein][neutron][vlan provider network] How to configure br-ex on virtual interface
> To: OpenStack Discuss <openstack-discuss@lists.openstack.org>
>
>
> Hello,
>
> Below is my scenario.
>
> I am trying to use a single physical bonded interface ( example: bond1) both for external TLS access traffic and for provider network too ( These are 2 different vlan networks with separate vlan ids) . Bond0 is used as api_interface for management traffic. Bond2 is used for storage traffic.
>
> For this I created 2 virtual interfaces on this bond1 and used it accordingly while deploying through kolla-ansible.
>
> Before deployment the gateways for both vlan networks were accessible.
>
> Post deployment I see that qdhcp-id router is created on one of the controllers. Post creation of this DHCP agent, the gateway is inaccessible.
>
> Also the vms created are not getting IPs through DHCP agent so failing to be accessible.
>
> I had configured br-ex on virtual interface of provider vlan network and not on physical interface directly.
>
> Please let me know if I am going wrong in my network configurations.
>
> Regards,
> Roshan
>
>
>