[Openstack-operators] [Neutron][Linuxbridge] Problem with configuring linux bridge agent with vxlan networks

Sławek Kapłoński slawek at kaplonski.pl
Fri Oct 2 21:04:28 UTC 2015


Hello,

Yes. I was reading mostly
http://docs.openstack.org/networking-guide/scenario_legacy_lb.html
because imho this is what I want now :). I don't want DVR and L3 HA (at
least for now) but only traffic via vxlan between two vms which are
connected to tenant network (it is probably called east-west traffic,
yes?)

-- 
Best regards / Pozdrawiam
Sławek Kapłoński
slawek at kaplonski.pl

On Fri, 02 Oct 2015, Matt Kassawara wrote:

> Did you review the scenarios in the networking guide [1]?
> 
> [1] http://docs.openstack.org/networking-guide/deploy.html
> 
> On Fri, Oct 2, 2015 at 2:41 PM, Sławek Kapłoński <slawek at kaplonski.pl>
> wrote:
> 
> > Hello,
> >
> > I'm trying to configure small openstack infra (one network node, 2
> > compute nodes) with linux bridge and vxlan tenant networks. I don't know
> > what I'm doing wrong but my instances have no connection between
> > each other. On compute hosts I run neutron-plugin-linuxbrigde-agent
> > with config like:
> >
> > ------------------
> > [ml2_type_vxlan]
> > # (ListOpt) Comma-separated list of <vni_min>:<vni_max> tuples
> > # enumerating
> > # ranges of VXLAN VNI IDs that are available for tenant network
> > # allocation.
> > #
> > vni_ranges = 10000:20000
> >
> > # (StrOpt) Multicast group for the VXLAN interface. When configured,
> > # will
> > # enable sending all broadcast traffic to this multicast group. When
> > # left
> > # unconfigured, will disable multicast VXLAN mode.
> > #
> > # vxlan_group =
> > # Example: vxlan_group = 239.1.1.1
> >
> > [securitygroup]
> > # Controls if neutron security group is enabled or not.
> > # It should be false when you use nova security group.
> > enable_security_group = True
> >
> > # Use ipset to speed-up the iptables security groups. Enabling ipset
> > # support
> > # requires that ipset is installed on L2 agent node.
> > enable_ipset = True
> >
> > firewall_driver =
> > neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
> >
> > [ovs]
> > local_ip = 10.1.0.4
> >
> > [agent]
> > tunnel_types = vxlan
> >
> > [linuxbridge]
> > physical_interface_mappings = physnet1:eth1
> >
> > [vxlan]
> > local_ip = 10.1.0.4
> > l2_population = True
> > enable_vxlan = True
> > -------------------
> >
> > Eth1 is my "tunnel network" which should be used for tunnels. When I
> > spawn vms on compute 1 and 2 and after configuring network manually on
> > both vms (dhcp is not working also because of broken tunnels probably)
> > it not pings.
> > Even when I started two instances on same host and they are both
> > connected to one bridge:
> >
> > -------------------
> > root at compute-2:/usr/lib/python2.7/dist-packages/neutron# brctl show
> > bridge name     bridge id               STP enabled     interfaces
> > brq8fe8a32f-e6          8000.ce544d0c0e5d       no
> > tap691a138a-6c
> >                                                         tapbc1e5179-53
> >                                                         vxlan-10052
> > virbr0          8000.5254007611ab       yes             virbr0-nic
> > -------------------
> >
> > those 2 vms are not pinging each other :/
> > I don't have any expeirence with linux bridge in fact (For now I was always
> > using ovs). Maybe someone of You will know what I should check or what I
> > should
> > configure wrong :/ Generally I was installing this openstack according to
> > official openstack documentation but in this docs there is info about
> > ovs+gre
> > tunnels and that is what I changed. I'm using Ubuntu 14.04 and Openstack
> > Kilo
> > installed from cloud archive repo.
> >
> > --
> > Best regards / Pozdrawiam
> > Sławek Kapłoński
> > slawek at kaplonski.pl
> >
> >
> > _______________________________________________
> > OpenStack-operators mailing list
> > OpenStack-operators at lists.openstack.org
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
> >
> >
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20151002/3e4d452d/attachment.pgp>


More information about the OpenStack-operators mailing list