[openstack-dev] [neutron][routed-network] Host doesn't connected any segments when creating port
Miguel Lavalle
miguel at mlavalle.com
Fri Nov 4 16:18:38 UTC 2016
Hi Zhi,
Both L2 provider networks and routed networks can have one or many
segments. In the case of a L2 provider network, all the segments in it
constitute a contiguous L2 domain. In contrast, in routed networks, each
segment in it is a separate L2 domain. One consequence of this is that in
L2 provider networks the subnets are associated to the network, whereas in
routed networks, the subnets are associated to the segments. In both cases,
though, you can have as many subnets as you want or need.
As for the gateway question, you are correct: you are going to need routers
/ gateways in your infrastructure.
Regards
Miguel
On Wed, Nov 2, 2016 at 9:38 PM, zhi <changzhi1990 at gmail.com> wrote:
> Hi, Miguel.
>
> Thanks for your reply.
>
> This is my thought about routed network. Please review it and give me some
> comments, thanks.
>
> In general L2 provider network, maybe one network to one subnet. If in
> real deployment, we has to create many provider networks because one
> network to one subnets. But in routed network, one network can contain more
> than one subnet. So in real deployment, we can create only one network,
> this network we created can contain many many subnets. Does my thought was
> right?
>
> According to your reply, I think that if we create a routed network with
> two subnets, one is 10.1.0.0/24 and the other is 10.1.1.0/24. Except your
> solution, in real deployment, we need to create two gateway (10.1.0.1 and
> 10.1.1.1) in physical network, isn't it?
>
> Hope for your reply. :)
>
>
> Thanks
> Zhi Chang
>
> 2016-11-02 22:49 GMT+08:00 Miguel Lavalle <miguel at mlavalle.com>:
>
>> Hi Zhi,
>>
>> In routed networks, the routing among the segments has to be provided by
>> a router external to Neutron. It has to be provided by the deployment's
>> networking infrastructure. In the summit presentation you watched, I used
>> this Vagrant environment for the demo portion:
>> https://github.com/miguellavalle/routednetworksvagrant. Specifically,
>> look here: https://github.com/miguellavalle/routednetworksvagrant/blob/
>> master/Vagrantfile#L188. As you can see, I create a VM, "iprouter", to
>> act as the router between the two segments I use in the demo: one segment
>> on vlan tag 2016 in physnet1 and another segment on vlan tag 2016 in
>> physnet2. Please also look here how I enable the routing in the "iprouter"
>> Linux: https://github.com/miguellavalle/routednetworksvagrant/blob/
>> master/provisioning/setup-iprouter.sh.
>>
>> Of course, in a real deployment you would use a hardware router connected
>> to all the network's segments
>>
>> Hope this helps
>>
>> Miguel
>>
>> On Tue, Nov 1, 2016 at 4:42 AM, zhi <changzhi1990 at gmail.com> wrote:
>>
>>> Hi, shihanzhang and Neil, Thanks for your comments.
>>>
>>> In your comments. I think that Neutron router or physical network should
>>> provide routing these two subnets, doesn't it? Does my thought was right?
>>>
>>> I tried to connect these two subnets with a Neutron router but I met a
>>> strange problem. I did some operations like this:
>>>
>>> stack at devstack:~$ neutron net-list
>>> +---------------------------------------------------------+-
>>> ----------+-------------------------------------------------
>>> ---------------------------+
>>> | id |
>>> name | subnets
>>> |
>>> +---------------------------------------------------------+-
>>> ----------+-------------------------------------------------
>>> ---------------------------+
>>> | 6596da30-d7c6-4c39-b87c-295daad44123 | multinet |
>>> a998ac2b-2f50-44f1-9c1a-f4f3684ef63c 10.1.1.0/24 |
>>> |
>>> | | 26bcdfd3-6393-425e-963e-1ace6ef74e0c 10.1.0.0/24 |
>>> | 662de35c-f7a7-47cd-ba18-e5a2470935f0 | net |
>>> 9754dfe9-be48-4a38-b690-5c48cf371ba3 10.10.10.0/24 |
>>> +----------------------------------------------------------+
>>> ----------+-------------------------------------------------
>>> ---------------------------+
>>> stack at devstack:~$ neutron router-port-list
>>> c488238d-06d7-4b85-9fa1-e0913e5bcf13
>>>
>>> stack at devstack:~$ neutron router-interface-add
>>> c488238d-06d7-4b85-9fa1-e0913e5bcf13 a998ac2b-2f50-44f1-9c1a-f4f368
>>> 4ef63c
>>> Added interface 680eb2b6-b445-4790-9610-80154dd6d909 to router
>>> c488238d-06d7-4b85-9fa1-e0913e5bcf13.
>>> stack at devstack:~$ neutron router-port-list
>>> c488238d-06d7-4b85-9fa1-e0913e5bcf13
>>> +----------------------------------------------------------+
>>> --------+-----------------------+---------------------------
>>> --------------------------------------------------------+
>>> | id |
>>> name | mac_address | fixed_ips
>>> |
>>> +----------------------------------------------------------+
>>> --------+------------------------+--------------------------
>>> --------------------------------------------------------+
>>> | 680eb2b6-b445-4790-9610-80154dd6d909 | | fa:16:3e:47:2e:8f
>>> | {"subnet_id": "26bcdfd3-6393-425e-963e-1ace6ef74e0c", "ip_address": "
>>> 10.1.0.10"} |
>>> +----------------------------------------------------------+
>>> ---------+----------------------+---------------------------
>>> --------------------------------------------------------+
>>>
>>>
>>> After adding a port interface ( subnet 10.1.1.0/24 ) to the router,
>>> Why does the port's IP address was 10.1.0.10 ? Why not it should be
>>> 10.1.1.x/24 ?
>>>
>>>
>>>
>>> Thanks
>>> Zhi Chang
>>>
>>> 2016-11-01 17:19 GMT+08:00 shihanzhang <ayshihanzhang at 126.com>:
>>>
>>>> agree with Neil.
>>>>
>>>> thanks
>>>> shihanzhang
>>>>
>>>>
>>>>
>>>> 在 2016-11-01 17:13:54,"Neil Jerram" <neil at tigera.io> 写道:
>>>>
>>>> Hi Zhi Chang,
>>>>
>>>> I believe the answer is that the physical network (aka fabric) should
>>>> provide routing between those two subnets. This routing between segments is
>>>> implicit in the idea of a multi-segment network, and is entirely
>>>> independent of routing between virtual _networks_ (which is done by a
>>>> Neutron router object connecting those networks).
>>>>
>>>> Hope that helps!
>>>> Neil
>>>>
>>>>
>>>> *From: *zhi
>>>> *Sent: *Tuesday, 1 November 2016 07:50
>>>> *To: *OpenStack Development Mailing List (not for usage questions)
>>>> *Reply To: *OpenStack Development Mailing List (not for usage
>>>> questions)
>>>> *Subject: *Re: [openstack-dev] [neutron][routed-network] Host doesn't
>>>> connected any segments when creating port
>>>>
>>>> Hi, shihanzhang.
>>>>
>>>> I still have a question about routed network. I have two subnets. One
>>>> is 10.1.0.0/24 and the other is 10.1.1.0/24. I create two instances in
>>>> each host.
>>>> Such as 10.1.0.10 and 10.1.1.10.
>>>>
>>>> My question is, how does 10.1.0.10 connect to 10.1.1.10 ? There is no
>>>> any gateway( 10.1.0.1 and 10.1.1.1 ) in each subnet.
>>>>
>>>>
>>>> Hope four your reply. ;-)
>>>>
>>>>
>>>> Thanks
>>>> Zhi Chang
>>>>
>>>> 2016-11-01 14:31 GMT+08:00 zhi <changzhi1990 at gmail.com>:
>>>>
>>>>> Hi, shihanzhang.
>>>>>
>>>>> Thanks for your advice. Now I can created ports successfully by your
>>>>> advice.
>>>>>
>>>>>
>>>>>
>>>>> Thanks
>>>>> Zhi Chang
>>>>>
>>>>>
>>>>> 2016-11-01 12:50 GMT+08:00 shihanzhang <ayshihanzhang at 126.com>:
>>>>>
>>>>>> Hi Zhi Chang,
>>>>>> Maybe you should add a config option in [ovs] section:
>>>>>> bridge_mappings = public:br-ex, physnet1:br-physnet1 to handle the provider
>>>>>> network 'physnet1'.
>>>>>>
>>>>>> Thanks,
>>>>>> shihanzhang
>>>>>>
>>>>>> At 2016-11-01 11:56:33, "zhi" <changzhi1990 at gmail.com> wrote:
>>>>>>
>>>>>> hi shihanzhang.
>>>>>>
>>>>>> Below is configuration in ml2_conf.ini. Please review it. :)
>>>>>>
>>>>>> stack at devstack:~/neutron/neutron$ cat /etc/neutron/plugins/ml2/ml2_conf.ini
>>>>>> |grep -v "#"|grep -v ^$
>>>>>> [DEFAULT]
>>>>>> [ml2]
>>>>>> tenant_network_types = vxlan
>>>>>> extension_drivers = port_security
>>>>>> mechanism_drivers = openvswitch,linuxbridge
>>>>>> tenant_network_types = vxlan
>>>>>> [ml2_type_flat]
>>>>>> flat_networks = public,public,
>>>>>> [ml2_type_geneve]
>>>>>> vni_ranges = 1:1000
>>>>>> [ml2_type_gre]
>>>>>> tunnel_id_ranges = 1:1000
>>>>>> [ml2_type_vlan]
>>>>>> network_vlan_ranges = physnet1,physnet2
>>>>>> [ml2_type_vxlan]
>>>>>> vni_ranges = 1:1000
>>>>>> [securitygroup]
>>>>>> firewall_driver = neutron.agent.linux.iptables_f
>>>>>> irewall.OVSHybridIptablesFirewallDriver
>>>>>> [agent]
>>>>>> tunnel_types = vxlan
>>>>>> root_helper_daemon = sudo /usr/local/bin/neutron-rootwrap-daemon
>>>>>> /etc/neutron/rootwrap.conf
>>>>>> root_helper = sudo /usr/local/bin/neutron-rootwrap
>>>>>> /etc/neutron/rootwrap.conf
>>>>>> [ovs]
>>>>>> datapath_type = system
>>>>>> bridge_mappings = public:br-ex
>>>>>> tunnel_bridge = br-tun
>>>>>> local_ip = 192.168.10.20
>>>>>>
>>>>>>
>>>>>>
>>>>>> Thanks
>>>>>> Zhi Chang
>>>>>>
>>>>>> 2016-11-01 9:15 GMT+08:00 shihanzhang <ayshihanzhang at 126.com>:
>>>>>>
>>>>>>> hi Zhi chang,
>>>>>>> Could you provide your ml2_conf.ini for ovs agent, I guess the
>>>>>>> reason is that your ovs-agent on host devstack can't handle the related
>>>>>>> segment id.
>>>>>>>
>>>>>>> Thanks,
>>>>>>> shihanzhang
>>>>>>>
>>>>>>> 在 2016-10-31 18:43:36,"zhi" <changzhi1990 at gmail.com> 写道:
>>>>>>>
>>>>>>> Hi, all.
>>>>>>>
>>>>>>> Recently, I watch the OpenStack Summit video named ' Scaling Up
>>>>>>> OpenStack Networking with Routed Networks '. Carl and Miguel made this
>>>>>>> topic. I learned a lot of your topic. Thanks.
>>>>>>>
>>>>>>> But I have some questions about the demo in the topic.
>>>>>>>
>>>>>>> I do some steps according to the topic.
>>>>>>>
>>>>>>> First, creating two networks like this:
>>>>>>>
>>>>>>> neutron net-create multinet --shared --segments type=dict list=true
>>>>>>> provider:physical_network=physnet1,provider:segmentation_id=
>>>>>>> 2016,provider:network_type=vlan provider:physical_network=phys
>>>>>>> net2,provider:segmentation_id=2016,provider:network_type=vlan
>>>>>>>
>>>>>>>
>>>>>>> Second, I get two segments after creating this network. I get these
>>>>>>> segments by using " openstack network segment list ".
>>>>>>>
>>>>>>> Third, I create two subnets by these segments by using this command
>>>>>>> "
>>>>>>>
>>>>>>> neutron subnet-create --ip_version 4 --name multi-segment1-subnet
>>>>>>> [net-id] 10.1.0.0/24 --segment_id [segment-id]
>>>>>>> neutron subnet-create --ip_version 4 --name multi-segment2-subnet
>>>>>>> [net-id] 10.1.1.0/24 --segment_id [segment-id]
>>>>>>> "
>>>>>>>
>>>>>>> At last, I want to create a port with host_id. My local environment
>>>>>>> contains two compute nodes, one is named "devstack" and the other is
>>>>>>> "devstack2". So I use this command " neutron port-create
>>>>>>> --binding:host_id=devstack [net-id] ".
>>>>>>>
>>>>>>> Exception happens in neutron server. The exception says "
>>>>>>>
>>>>>>> Host devstack is not connected to any segments on routed provider
>>>>>>> network [net-id]. It should be connected to one." I can not get this exact
>>>>>>> point about this exception.
>>>>>>>
>>>>>>> Why does the "routed network" have relationship with host?
>>>>>>>
>>>>>>> How they work together between "host info (compute node ?)" and
>>>>>>> "routed network"?
>>>>>>>
>>>>>>> What should I do if I want to get rid of this exception?
>>>>>>>
>>>>>>>
>>>>>>> Hope for your reply. Especially Carl and Miguel. ;-)
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Many Thanks
>>>>>>> Zhi Chang
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ____________________________________________________________
>>>>>>> ______________
>>>>>>> OpenStack Development Mailing List (not for usage questions)
>>>>>>> Unsubscribe: OpenStack-dev-request at lists.op
>>>>>>> enstack.org?subject:unsubscribe
>>>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ____________________________________________________________
>>>>>> ______________
>>>>>> OpenStack Development Mailing List (not for usage questions)
>>>>>> Unsubscribe: OpenStack-dev-request at lists.op
>>>>>> enstack.org?subject:unsubscribe
>>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>>>>
>>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ____________________________________________________________
>>>> ______________
>>>> OpenStack Development Mailing List (not for usage questions)
>>>> Unsubscribe: OpenStack-dev-request at lists.op
>>>> enstack.org?subject:unsubscribe
>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>>
>>>>
>>>
>>> ____________________________________________________________
>>> ______________
>>> OpenStack Development Mailing List (not for usage questions)
>>> Unsubscribe: OpenStack-dev-request at lists.op
>>> enstack.org?subject:unsubscribe
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>
>>>
>>
>> ____________________________________________________________
>> ______________
>> OpenStack Development Mailing List (not for usage questions)
>> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscrib
>> e
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
>>
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20161104/08180e3d/attachment.html>
More information about the OpenStack-dev
mailing list