[Openstack-operators] Manual router setup
Christopher Hull
chrishull42 at gmail.com
Thu Mar 24 18:58:37 UTC 2016
Hi James;
As further proof that I'm just learning this stuff. :-) Been a dev for
decades, but this industry is vast. Would like to gather an end to end
understanding of how LinuxBridge, etc works sometime. Meanwhile, here is
the current state of my system as per your input.
... This looks bad. I'm assuming "enabled = no" isn't right. :-) Have
not yet moved static IP to br-?? from ephXXX (traditionally known as eth0)
yet.
Please let me know what you see. Thanks! :-)
[root at maersk src]# brctl show
bridge name bridge id STP enabled interfaces
brq573956a6-13 8000.72650bf7669c no tap74c0d2df-39
tapbb0ceef0-e6
vxlan-92
brq9ee73442-5a 8000.4a157ef499cf no enp3s0
tap788bdea8-02
tapb8f78b33-19
tapbc53b8c7-6a
tapd669011b-bf
virbr0 8000.5254003394b3 yes virbr0-nic
[root at maersk src]# ./pluto.py list -p /etc
List of all Openstack conf files found under: /etc
+----------------------------+-----------------------------------------------------+
| Name | Full
Path |
+----------------------------+-----------------------------------------------------+
| glance-registry.conf |
/etc/glance/glance-registry.conf |
| dnsmasq-neutron.conf |
/etc/neutron/dnsmasq-neutron.conf |
| ml2_conf_ofa.ini |
/etc/neutron/plugins/ml2/ml2_conf_ofa.ini |
| glance-cache.conf |
/etc/glance/glance-cache.conf |
| ml2_conf_fslsdn.ini |
/etc/neutron/plugins/ml2/ml2_conf_fslsdn.ini |
| restproxy.ini |
/etc/neutron/plugins/ml2/restproxy.ini |
| dhcp_agent.ini |
/etc/neutron/dhcp_agent.ini |
| neutron.conf |
/etc/neutron/neutron.conf |
| keystone.conf |
/etc/keystone/keystone.conf |
| sriov_agent.ini |
/etc/neutron/plugins/ml2/sriov_agent.ini |
| logging.conf |
/etc/keystone/logging.conf |
| glance-api.conf |
/etc/glance/glance-api.conf |
| cinder.conf |
/etc/cinder/cinder.conf |
| metadata_agent.ini |
/etc/neutron/metadata_agent.ini |
| glance-scrubber.conf |
/etc/glance/glance-scrubber.conf |
| api-paste.ini |
/etc/cinder/api-paste.ini |
| linuxbridge_agent.ini |
/etc/neutron/plugins/ml2/linuxbridge_agent.ini |
| rootwrap.conf |
/etc/cinder/rootwrap.conf |
| ml2_conf_sriov.ini |
/etc/neutron/plugins/ml2/ml2_conf_sriov.ini |
| l3_agent.ini |
/etc/neutron/l3_agent.ini |
| ml2_conf.ini |
/etc/neutron/plugins/ml2/ml2_conf.ini |
| nova.conf |
/etc/nova/nova.conf |
| plugin.ini |
/etc/neutron/plugin.ini |
| ml2_conf_brocade_fi_ni.ini |
/etc/neutron/plugins/ml2/ml2_conf_brocade_fi_ni.ini |
| ml2_conf_brocade.ini |
/etc/neutron/plugins/ml2/ml2_conf_brocade.ini |
+----------------------------+-----------------------------------------------------+
[root at maersk src]# ./pluto.py show -p /etc linuxbridge_agent.ini
ml2_conf.ini ml2_conf_sriov.ini
+----------------------------+-----------------------------+--------------------------------------------------------------+
| linuxbridge_agent: Section | Key |
Value |
+----------------------------+-----------------------------+--------------------------------------------------------------+
| linux_bridge | physical_interface_mappings |
public:enp3s0 |
| vxlan | l2_population |
True |
| vxlan | local_ip |
172.22.10.99 |
| vxlan | enable_vxlan |
True |
| agent | prevent_arp_spoofing |
True |
| securitygroup | firewall_driver |
neutron.agent.linux.iptables_firewall.IptablesFirewallDriver |
| securitygroup | enable_security_group |
True |
+----------------------------+-----------------------------+--------------------------------------------------------------+
+-------------------+----------------------+--------------------------+
| ml2_conf: Section | Key | Value |
+-------------------+----------------------+--------------------------+
| ml2 | extension_drivers | port_security |
| ml2 | mechanism_drivers | linuxbridge,l2population |
| ml2 | tenant_network_types | vxlan |
| ml2 | type_drivers | flat,vlan,vxlan |
| ml2_type_flat | flat_networks | public |
| ml2_type_vxlan | vni_ranges | 1:1000 |
| securitygroup | enable_ipset | True |
+-------------------+----------------------+--------------------------+
+-------------------------+-----+-------+
| ml2_conf_sriov: Section | Key | Value |
+-------------------------+-----+-------+
+-------------------------+-----+-------+
[root at maersk src]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
master brq9ee73442-5a state UP qlen 1000
link/ether ac:9e:17:ec:5d:95 brd ff:ff:ff:ff:ff:ff
inet6 fe80::ae9e:17ff:feec:5d95/64 scope link
valid_lft forever preferred_lft forever
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state
DOWN
link/ether 52:54:00:33:94:b3 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master
virbr0 state DOWN qlen 500
link/ether 52:54:00:33:94:b3 brd ff:ff:ff:ff:ff:ff
6: tapbb0ceef0-e6 at if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc
pfifo_fast master brq573956a6-13 state UP qlen 1000
link/ether ea:16:29:c8:99:25 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::e816:29ff:fec8:9925/64 scope link
valid_lft forever preferred_lft forever
7: vxlan-92: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue
master brq573956a6-13 state UNKNOWN
link/ether da:88:38:4a:06:e1 brd ff:ff:ff:ff:ff:ff
inet6 fe80::d888:38ff:fe4a:6e1/64 scope link
valid_lft forever preferred_lft forever
8: brq573956a6-13: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue
state UP
link/ether 72:65:0b:f7:66:9c brd ff:ff:ff:ff:ff:ff
inet6 fe80::6469:36ff:fecc:a4d8/64 scope link
valid_lft forever preferred_lft forever
9: tap74c0d2df-39 at if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc
pfifo_fast master brq573956a6-13 state UP qlen 1000
link/ether 72:65:0b:f7:66:9c brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::7065:bff:fef7:669c/64 scope link
valid_lft forever preferred_lft forever
10: brq9ee73442-5a: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue state UP
link/ether 4a:15:7e:f4:99:cf brd ff:ff:ff:ff:ff:ff
inet 172.22.10.99/24 brd 172.22.10.255 scope global brq9ee73442-5a
valid_lft forever preferred_lft forever
inet6 2602:306:31fd:1020:4815:7eff:fef4:99cf/64 scope global mngtmpaddr
dynamic
valid_lft 2591681sec preferred_lft 604481sec
inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95/64 scope global
valid_lft 2536726sec preferred_lft 549526sec
inet6 fe80::70b5:65ff:fea6:c5d9/64 scope link
valid_lft forever preferred_lft forever
11: tapb8f78b33-19: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
pfifo_fast master brq9ee73442-5a state UNKNOWN qlen 500
link/ether fe:16:3e:bc:ab:07 brd ff:ff:ff:ff:ff:ff
inet6 fe80::fc16:3eff:febc:ab07/64 scope link
valid_lft forever preferred_lft forever
13: tap788bdea8-02: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
pfifo_fast master brq9ee73442-5a state UNKNOWN qlen 500
link/ether fe:16:3e:11:ae:9e brd ff:ff:ff:ff:ff:ff
inet6 fe80::fc16:3eff:fe11:ae9e/64 scope link
valid_lft forever preferred_lft forever
15: tapbc53b8c7-6a at if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
pfifo_fast master brq9ee73442-5a state UP qlen 1000
link/ether 4a:15:7e:f4:99:cf brd ff:ff:ff:ff:ff:ff link-netnsid 2
inet6 fe80::4815:7eff:fef4:99cf/64 scope link
valid_lft forever preferred_lft forever
16: tapd669011b-bf: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
pfifo_fast master brq9ee73442-5a state UNKNOWN qlen 500
link/ether fe:16:3e:52:6d:b4 brd ff:ff:ff:ff:ff:ff
inet6 fe80::fc16:3eff:fe52:6db4/64 scope link
valid_lft forever preferred_lft forever
- Christopher T. Hull
I am presently seeking a new career opportunity Please see career page
http://chrishull.com/career
333 Orchard Ave, Sunnyvale CA. 94085
(415) 385 4865
chrishull42 at gmail.com
http://chrishull.com
On Thu, Mar 24, 2016 at 10:21 AM, Christopher Hull <chrishull42 at gmail.com>
wrote:
> James;
> Hey you know... I seem to remember zeroing out "eth0" IP 0.0.0.0 and
> setting the static IP on br-ex under Kilo and everything worked. That was
> using OVS. Perhaps I do the same, as you suggest, with LinuxBridge.
> Wow. Thanks. Will try. And if this doesn't work I'll respond with the
> diagnostic output you requested.
>
> Thanks to all of you;
> -Chris
>
>
> - Christopher T. Hull
> I am presently seeking a new career opportunity Please see career page
> http://chrishull.com/career
> 333 Orchard Ave, Sunnyvale CA. 94085
> (415) 385 4865
> chrishull42 at gmail.com
> http://chrishull.com
>
>
>
> On Wed, Mar 23, 2016 at 5:57 PM, James Denton <james.denton at rackspace.com>
> wrote:
>
>> Hi Christopher,
>>
>> Routers work under Liberty and LinuxBridge just fine, in my experience,
>> so don’t be too quick to give up on them. I promise you’ll have a tougher
>> go at it, at this point, using another virtual machine as a router.
>>
>> Some tips:
>>
>>
>> 1. Use the ‘ip’ command rather than ‘ifconfig’. Output of ‘ip addr’
>> would be more helpful here.
>> 2. Use ‘brctl show’ to see the virtual bridges and their members.
>> That output would be helpful here as well.
>>
>>
>> You have an IP configured on interface enp3s0, and I can’t tell what you
>> have set as the physical interface mappings in the ML2/LinuxBridge agent
>> config. On older email I see this:
>>
>> >> physical_interface_mappings | public:enp3s0
>>
>> If that’s still the case, you’re going to have a hard time. The
>> LinuxBridge agent expects to put the enp3s0 interface into the respective
>> brq-* bridge that corresponds to the public (flat) network. Once the
>> interface is in the bridge, you may lose connectivity to/from any address
>> on that interface. At that point, your host will be unable to communicate
>> with the router's gateway interface also in the bridge, and probably any
>> external host. In this configuration, you may consider moving the IP from
>> enp3s0 to the brq-* bridge temporarily. That should work. Give it a try and
>> let me know.
>>
>> James
>>
>> From: Christopher Hull <chrishull42 at gmail.com>
>> Date: Wednesday, March 23, 2016 at 7:21 PM
>> To: Dan Sneddon <dsneddon at redhat.com>
>> Cc: openstack-operators <openstack-operators at lists.openstack.org>
>> Subject: Re: [Openstack-operators] Manual router setup
>>
>> Conclusion. Neutron routers under Liberty (Linux Bridge) don't work.
>> Please prove me wrong..... Moving on to manual router creation.
>> 1: How can I assign a fixed IP to an instance?
>> 2: If I add routes will they get used? I probably have to create a Port
>> for every route (as Floating IPs do ).
>>
>>
>> ------ Session: Trying to create a working router for the 15th time.
>> :-) ----
>>
>>
>> [root at maersk src]# ifconfig
>> enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>> inet 172.22.10.99 netmask 255.255.255.0 broadcast 172.22.10.255
>> inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95 prefixlen 64
>> scopeid 0x0<global>
>> inet6 fe80::ae9e:17ff:feec:5d95 prefixlen 64 scopeid 0x20<link>
>> ether ac:9e:17:ec:5d:95 txqueuelen 1000 (Ethernet)
>> RX packets 238 bytes 16020 (15.6 KiB)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 60 bytes 6650 (6.4 KiB)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
>> inet 127.0.0.1 netmask 255.0.0.0
>> inet6 ::1 prefixlen 128 scopeid 0x10<host>
>> loop txqueuelen 0 (Local Loopback)
>> RX packets 4985 bytes 1060267 (1.0 MiB)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 4985 bytes 1060267 (1.0 MiB)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>> virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
>> inet 192.168.122.1 netmask 255.255.255.0 broadcast
>> 192.168.122.255
>> ether 52:54:00:33:94:b3 txqueuelen 0 (Ethernet)
>> RX packets 0 bytes 0 (0.0 B)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 0 bytes 0 (0.0 B)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>> [root at maersk src]# source admin-openrc.sh
>> [root at maersk src]# clear
>>
>> [root at maersk src]# neutron net-create public --shared
>> --provider:physical_network public \
>> > --provider:network_type flat
>> Created a new network:
>> +---------------------------+--------------------------------------+
>> | Field | Value |
>> +---------------------------+--------------------------------------+
>> | admin_state_up | True |
>> | id | 9ee73442-5a86-48c0-84da-8f650937fd08 |
>> | mtu | 0 |
>> | name | public |
>> | port_security_enabled | True |
>> | provider:network_type | flat |
>> | provider:physical_network | public |
>> | provider:segmentation_id | |
>> | router:external | False |
>> | shared | True |
>> | status | ACTIVE |
>> | subnets | |
>> | tenant_id | fdf3f98a9b0c4e9e94603d8a84ea41a8 |
>> +---------------------------+--------------------------------------+
>> [root at maersk src]# neutron subnet-create public 172.22.10.0/24 --name
>> public \
>> > --allocation-pool start=172.22.10.10,end=172.22.10.90 \
>> > --dns-nameserver 172.22.10.254 --gateway 172.22.10.254 --enable_dhcp
>> False
>> Created a new subnet:
>> +-------------------+--------------------------------------------------+
>> | Field | Value |
>> +-------------------+--------------------------------------------------+
>> | allocation_pools | {"start": "172.22.10.10", "end": "172.22.10.90"} |
>> | cidr | 172.22.10.0/24 |
>> | dns_nameservers | 172.22.10.254 |
>> | enable_dhcp | False |
>> | gateway_ip | 172.22.10.254 |
>> | host_routes | |
>> | id | 28683bfe-2410-4f9b-b805-ec3c7aee009a |
>> | ip_version | 4 |
>> | ipv6_address_mode | |
>> | ipv6_ra_mode | |
>> | name | public |
>> | network_id | 9ee73442-5a86-48c0-84da-8f650937fd08 |
>> | subnetpool_id | |
>> | tenant_id | fdf3f98a9b0c4e9e94603d8a84ea41a8 |
>> +-------------------+--------------------------------------------------+
>> [root at maersk src]# ifconfig
>> enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>> inet 172.22.10.99 netmask 255.255.255.0 broadcast 172.22.10.255
>> inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95 prefixlen 64
>> scopeid 0x0<global>
>> inet6 fe80::ae9e:17ff:feec:5d95 prefixlen 64 scopeid 0x20<link>
>> ether ac:9e:17:ec:5d:95 txqueuelen 1000 (Ethernet)
>> RX packets 5032 bytes 373870 (365.1 KiB)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 2602 bytes 3154215 (3.0 MiB)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
>> inet 127.0.0.1 netmask 255.0.0.0
>> inet6 ::1 prefixlen 128 scopeid 0x10<host>
>> loop txqueuelen 0 (Local Loopback)
>> RX packets 46701 bytes 12008341 (11.4 MiB)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 46701 bytes 12008341 (11.4 MiB)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>> virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
>> inet 192.168.122.1 netmask 255.255.255.0 broadcast
>> 192.168.122.255
>> ether 52:54:00:33:94:b3 txqueuelen 0 (Ethernet)
>> RX packets 0 bytes 0 (0.0 B)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 0 bytes 0 (0.0 B)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>> [root at maersk src]# neutron net-list
>>
>> +--------------------------------------+--------+-----------------------------------------------------+
>> | id | name |
>> subnets |
>>
>> +--------------------------------------+--------+-----------------------------------------------------+
>> | 9ee73442-5a86-48c0-84da-8f650937fd08 | public |
>> 28683bfe-2410-4f9b-b805-ec3c7aee009a 172.22.10.0/24 |
>>
>> +--------------------------------------+--------+-----------------------------------------------------+
>> [root at maersk src]# source demo-openrc.sh
>> [root at maersk src]# neutron net-create private
>> Created a new network:
>> +-----------------------+--------------------------------------+
>> | Field | Value |
>> +-----------------------+--------------------------------------+
>> | admin_state_up | True |
>> | id | 573956a6-1378-4100-83c2-db5c3bf9a95c |
>> | mtu | 0 |
>> | name | private |
>> | port_security_enabled | True |
>> | router:external | False |
>> | shared | False |
>> | status | ACTIVE |
>> | subnets | |
>> | tenant_id | 7813be77b1de4196b1c6b77006afa21c |
>> +-----------------------+--------------------------------------+
>> [root at maersk src]# neutron subnet-create private 192.168.10.0/24 \
>> > --name private --dns-nameserver 172.22.10.254 --gateway
>> 192.168.10.1
>> Created a new subnet:
>> +-------------------+----------------------------------------------------+
>> | Field | Value |
>> +-------------------+----------------------------------------------------+
>> | allocation_pools | {"start": "192.168.10.2", "end": "192.168.10.254"} |
>> | cidr | 192.168.10.0/24
>> |
>> | dns_nameservers | 172.22.10.254 |
>> | enable_dhcp | True |
>> | gateway_ip | 192.168.10.1 |
>> | host_routes | |
>> | id | 83f4f5e5-13b6-41f2-af07-b96d86847e2b |
>> | ip_version | 4 |
>> | ipv6_address_mode | |
>> | ipv6_ra_mode | |
>> | name | private |
>> | network_id | 573956a6-1378-4100-83c2-db5c3bf9a95c |
>> | subnetpool_id | |
>> | tenant_id | 7813be77b1de4196b1c6b77006afa21c |
>> +-------------------+----------------------------------------------------+
>> [root at maersk src]# ifconfig
>> brq573956a6-13: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>> inet6 fe80::6469:36ff:fecc:a4d8 prefixlen 64 scopeid 0x20<link>
>> ether da:88:38:4a:06:e1 txqueuelen 0 (Ethernet)
>> RX packets 4 bytes 264 (264.0 B)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 7 bytes 578 (578.0 B)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>> enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>> inet 172.22.10.99 netmask 255.255.255.0 broadcast 172.22.10.255
>> inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95 prefixlen 64
>> scopeid 0x0<global>
>> inet6 fe80::ae9e:17ff:feec:5d95 prefixlen 64 scopeid 0x20<link>
>> ether ac:9e:17:ec:5d:95 txqueuelen 1000 (Ethernet)
>> RX packets 5310 bytes 393373 (384.1 KiB)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 2661 bytes 3165497 (3.0 MiB)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
>> inet 127.0.0.1 netmask 255.0.0.0
>> inet6 ::1 prefixlen 128 scopeid 0x10<host>
>> loop txqueuelen 0 (Local Loopback)
>> RX packets 50779 bytes 13259383 (12.6 MiB)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 50779 bytes 13259383 (12.6 MiB)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>> tapbb0ceef0-e6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>> inet6 fe80::e816:29ff:fec8:9925 prefixlen 64 scopeid 0x20<link>
>> ether ea:16:29:c8:99:25 txqueuelen 1000 (Ethernet)
>> RX packets 7 bytes 578 (578.0 B)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 13 bytes 1066 (1.0 KiB)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>> virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
>> inet 192.168.122.1 netmask 255.255.255.0 broadcast
>> 192.168.122.255
>> ether 52:54:00:33:94:b3 txqueuelen 0 (Ethernet)
>> RX packets 0 bytes 0 (0.0 B)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 0 bytes 0 (0.0 B)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>> vxlan-92: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>> inet6 fe80::d888:38ff:fe4a:6e1 prefixlen 64 scopeid 0x20<link>
>> ether da:88:38:4a:06:e1 txqueuelen 0 (Ethernet)
>> RX packets 0 bytes 0 (0.0 B)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 0 bytes 0 (0.0 B)
>> TX errors 0 dropped 16 overruns 0 carrier 0 collisions 0
>>
>> [root at maersk src]# source admin-openrc.sh
>> [root at maersk src]# neutron net-update public --router:external
>> Updated network: public
>> [root at maersk src]# source demo-openrc.sh
>> [root at maersk src]# neutron router-create router
>> Created a new router:
>> +-----------------------+--------------------------------------+
>> | Field | Value |
>> +-----------------------+--------------------------------------+
>> | admin_state_up | True |
>> | external_gateway_info | |
>> | id | ff6a61f5-f497-43a1-b245-64ec8e87b488 |
>> | name | router |
>> | routes | |
>> | status | ACTIVE |
>> | tenant_id | 7813be77b1de4196b1c6b77006afa21c |
>> +-----------------------+--------------------------------------+
>> [root at maersk src]# neutron router-interface-add router private
>> Multiple router matches found for name 'router', use an ID to be more
>> specific.
>> [root at maersk src]# neutron router-list
>> +--------------------------------------+--------+-----------------------+
>> | id | name | external_gateway_info |
>> +--------------------------------------+--------+-----------------------+
>> | 5939b796-cae6-4d72-8d34-66e20afb95aa | router | null |
>> | ff6a61f5-f497-43a1-b245-64ec8e87b488 | router | null |
>> +--------------------------------------+--------+-----------------------+
>> [root at maersk src]# neutron router-delete
>> 5939b796-cae6-4d72-8d34-66e20afb95aa
>> Deleted router: 5939b796-cae6-4d72-8d34-66e20afb95aa
>> [root at maersk src]# neutron router-delete
>> ff6a61f5-f497-43a1-b245-64ec8e87b488
>> Deleted router: ff6a61f5-f497-43a1-b245-64ec8e87b488
>> [root at maersk src]# neutron router-create router
>> Created a new router:
>> +-----------------------+--------------------------------------+
>> | Field | Value |
>> +-----------------------+--------------------------------------+
>> | admin_state_up | True |
>> | external_gateway_info | |
>> | id | a1be1dbd-1a94-4a8c-8093-45a7af89140c |
>> | name | router |
>> | routes | |
>> | status | ACTIVE |
>> | tenant_id | 7813be77b1de4196b1c6b77006afa21c |
>> +-----------------------+--------------------------------------+
>> [root at maersk src]# neutron router-interface-add router private
>> Added interface 74c0d2df-3944-43d7-8be9-2ef0d9242edc to router router.
>> [root at maersk src]# neutron router-gateway-set router public
>> Set gateway for router router
>> [root at maersk src]# source admin-openrc.sh
>> [root at maersk src]# ip netns
>> qrouter-a1be1dbd-1a94-4a8c-8093-45a7af89140c (id: 1)
>> qdhcp-573956a6-1378-4100-83c2-db5c3bf9a95c (id: 0)
>> [root at maersk src]# neutron router-port-list router
>>
>> +--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
>> | id | name | mac_address |
>> fixed_ips
>> |
>>
>> +--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
>> | 21c8decf-e4c8-4467-9266-ca5cfb9c7c20 | | fa:16:3e:d6:29:b4 |
>> {"subnet_id": "28683bfe-2410-4f9b-b805-ec3c7aee009a", "ip_address":
>> "172.22.10.10"} |
>> | 74c0d2df-3944-43d7-8be9-2ef0d9242edc | | fa:16:3e:7b:d6:0f |
>> {"subnet_id": "83f4f5e5-13b6-41f2-af07-b96d86847e2b", "ip_address":
>> "192.168.10.1"} |
>>
>> +--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
>> [root at maersk src]# ping 172.22.10.10
>> PING 172.22.10.10 (172.22.10.10) 56(84) bytes of data.
>> From 172.22.10.99 icmp_seq=1 Destination Host Unreachable
>> From 172.22.10.99 icmp_seq=2 Destination Host Unreachable
>> From 172.22.10.99 icmp_seq=3 Destination Host Unreachable
>> From 172.22.10.99 icmp_seq=4 Destination Host Unreachable
>> From 172.22.10.99 icmp_seq=5 Destination Host Unreachable
>> From 172.22.10.99 icmp_seq=6 Destination Host Unreachable
>> From 172.22.10.99 icmp_seq=7 Destination Host Unreachable
>> From 172.22.10.99 icmp_seq=8 Destination Host Unreachable
>> ^C
>> --- 172.22.10.10 ping statistics ---
>> 8 packets transmitted, 0 received, +8 errors, 100% packet loss, time
>> 7000ms
>> pipe 4
>> [root at maersk src]# ifconfig
>> brq573956a6-13: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>> inet6 fe80::6469:36ff:fecc:a4d8 prefixlen 64 scopeid 0x20<link>
>> ether 72:65:0b:f7:66:9c txqueuelen 0 (Ethernet)
>> RX packets 6 bytes 348 (348.0 B)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 8 bytes 648 (648.0 B)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>> enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>> inet 172.22.10.99 netmask 255.255.255.0 broadcast 172.22.10.255
>> inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95 prefixlen 64
>> scopeid 0x0<global>
>> inet6 fe80::ae9e:17ff:feec:5d95 prefixlen 64 scopeid 0x20<link>
>> ether ac:9e:17:ec:5d:95 txqueuelen 1000 (Ethernet)
>> RX packets 6360 bytes 464736 (453.8 KiB)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 2867 bytes 3196849 (3.0 MiB)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
>> inet 127.0.0.1 netmask 255.0.0.0
>> inet6 ::1 prefixlen 128 scopeid 0x10<host>
>> loop txqueuelen 0 (Local Loopback)
>> RX packets 65582 bytes 17827940 (17.0 MiB)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 65582 bytes 17827940 (17.0 MiB)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>> tap74c0d2df-39: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>> inet6 fe80::7065:bff:fef7:669c prefixlen 64 scopeid 0x20<link>
>> ether 72:65:0b:f7:66:9c txqueuelen 1000 (Ethernet)
>> RX packets 10 bytes 864 (864.0 B)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 8 bytes 648 (648.0 B)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>> tapbb0ceef0-e6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>> inet6 fe80::e816:29ff:fec8:9925 prefixlen 64 scopeid 0x20<link>
>> ether ea:16:29:c8:99:25 txqueuelen 1000 (Ethernet)
>> RX packets 8 bytes 648 (648.0 B)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 16 bytes 1248 (1.2 KiB)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>> virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
>> inet 192.168.122.1 netmask 255.255.255.0 broadcast
>> 192.168.122.255
>> ether 52:54:00:33:94:b3 txqueuelen 0 (Ethernet)
>> RX packets 0 bytes 0 (0.0 B)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 0 bytes 0 (0.0 B)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>> vxlan-92: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>> inet6 fe80::d888:38ff:fe4a:6e1 prefixlen 64 scopeid 0x20<link>
>> ether da:88:38:4a:06:e1 txqueuelen 0 (Ethernet)
>> RX packets 0 bytes 0 (0.0 B)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 0 bytes 0 (0.0 B)
>> TX errors 0 dropped 19 overruns 0 carrier 0 collisions 0
>>
>>
>>
>>
>> - Christopher T. Hull
>> I am presently seeking a new career opportunity Please see career page
>> http://chrishull.com/career
>> 333 Orchard Ave, Sunnyvale CA. 94085
>> (415) 385 4865
>> chrishull42 at gmail.com
>> http://chrishull.com
>>
>>
>>
>> On Wed, Mar 23, 2016 at 4:34 PM, Dan Sneddon <dsneddon at redhat.com> wrote:
>>
>>> On 03/23/2016 04:06 PM, Christopher Hull wrote:
>>> > Hmmm. Well I'm not using OpenVSwitch. Just LinuxBridge. My CentOS
>>> > 7 install sees emp3s0 where eth0 would usually appear. But this may
>>> > need to be changed to br-ex? The IP address no longer apperas at
>>> > enp3s0, so perhaps that's the issue.
>>> >
>>> > When I make changes, I tear down all the networks and rebuild them
>>> > according to instructions. I do this after restarting the machine. I
>>> > wonder if the database needs to be updated as well.
>>> >
>>> > su -s /bin/sh -c "neutron-db-manage --config-file
>>> > /etc/neutron/neutron.conf \
>>> > --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head"
>>> neutron
>>> > systemctl stop neutron-server.service \
>>> > neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
>>> > neutron-metadata-agent.service
>>> > systemctl stop neutron-l3-agent.service
>>> > and restart.
>>> >
>>> > Thanks for the help. Yes. It's a bit confusing. Why are router and
>>> > instance ports different? It is for this reason that I figured I could
>>> > just create my own instance/router. But why should I have to? Do
>>> > routers not work unless you use OpenVSwitch? The Liberty install
>>> > instructions (unlike Kilo) don't seem to require installing
>>> OpenVSwitch.
>>> >
>>> > linux_bridge_agent.ini
>>> > inux_bridge | physical_interface_mappings | public:enp3s0
>>> >
>>> > Perhaps br-ex? Or whereever I see my static IP when doing an
>>> > ifconfig :-) Was enp3s0 when CentOS was first installed, but I think
>>> > thats changed somehow.
>>> >
>>> >
>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>> > | linuxbridge_agent: Section | Key |
>>> > Value |
>>> >
>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>> > | linux_bridge | physical_interface_mappings |
>>> > public:enp3s0 |
>>> > | vxlan | l2_population |
>>> > True |
>>> > | vxlan | local_ip |
>>> > 172.22.10.99 |
>>> > | vxlan | enable_vxlan |
>>> > True |
>>> > | agent | prevent_arp_spoofing |
>>> > True |
>>> > | securitygroup | firewall_driver |
>>> > neutron.agent.linux.iptables_firewall.IptablesFirewallDriver |
>>> > | securitygroup | enable_security_group |
>>> > True |
>>> >
>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>> >
>>> >
>>> >
>>> > - Christopher T. Hull
>>> > I am presently seeking a new career opportunity Please see career page
>>> > http://chrishull.com/career
>>> > 333 Orchard Ave, Sunnyvale CA. 94085
>>> > (415) 385 4865 <tel:%28415%29%20385%204865>
>>> > chrishull42 at gmail.com <mailto:chrishull42 at gmail.com>
>>> > http://chrishull.com
>>> >
>>> >
>>> >
>>> > On Wed, Mar 23, 2016 at 3:34 PM, Dan Sneddon <dsneddon at redhat.com
>>> > <mailto:dsneddon at redhat.com>> wrote:
>>> >
>>> > On 03/23/2016 03:05 PM, Christopher Hull wrote:
>>> > > Hi Keven / all;
>>> > >
>>> > > Re: Getting a Neutron Router to work. (set
>>> external_network_bridge =
>>> > > blank). Apologies if this got sent twice.
>>> > >
>>> > > Nope, not quite there yet re getting the damn router to work
>>> > (week 3 on
>>> > > this issue).
>>> > >
>>> > > The Liberty install instructions indeed say to set...
>>> > > external_network_bridge =
>>> > >
>>> > > I'm so desperate that I thought the blank space after the =
>>> might be
>>> > > the issue. No. Then I noticed these instructions in
>>> > l3_agent.ini itself.
>>> > > -----
>>> > > # When external_network_bridge is set, each L3 agent can be
>>> > associated
>>> > > # with no more than one external network. This value should be
>>> set to
>>> > > the UUID
>>> > > # of that external network. To allow L3 agent support multiple
>>> > external
>>> > > # networks, both the external_network_bridge and
>>> > > gateway_external_network_id
>>> > > # must be left empty.
>>> > > # gateway_external_network_id =
>>> > > ----
>>> > >
>>> > > 1: Should gateway_external_network_id = be unoommented?
>>> > > 2: Should I reupdate the database after these changes?
>>> > > su -s /bin/sh -c "neutron-db-manage --config-file
>>> > > /etc/neutron/neutron.conf \
>>> > > --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade
>>> > head" neutron
>>> > >
>>> > > 3: Should external_network_bridge in fact be set to the UUID of
>>> the
>>> > > public network?
>>> > >
>>> > > 4. All instances Ports work just fine on public and private
>>> network.
>>> > > WHAT is the difference between a Neutron router northbound port
>>> > and an
>>> > > instance port on the public net.
>>> > >
>>> > > Services restarted after config change (just removed space after
>>> =
>>> > > actually just in case sloppy Python coding was involved here).
>>> In
>>> > > fact, I rebooted the box just to be sure.
>>> > >
>>> > > Making my own instance based router is looking better and better
>>> all
>>> > > the time. If Neutron Routers really work, maybe UFO's exist
>>> too.
>>> > > :-) j/k
>>> > >
>>> > >
>>> > > Seriously. Thank you for your help. Hope to help the
>>> community
>>> > > soon too myself. Trying to get my Gerrit account up and running
>>> but
>>> > > the OpenStack.org site won't allow me to sign the Contrib
>>> agreement
>>> > > with out getting a server error.
>>> > >
>>> > >
>>> > > ==== Config Details ======
>>> > > Issue Neutron Router Northbound Port won't Ping, is Down
>>> > >
>>> > > [root at maersk src]# ./pluto.py show -p /etc neutron
>>> rootwrap.conf
>>> > > ml2_conf.ini l3_agent.ini linuxbridge_agent.ini dhcp_agent.ini
>>> > >
>>> >
>>> +-----------------------+------------------------------------+-------------------------------------------------+
>>> > > | neutron: Section | Key |
>>> > > Value |
>>> > >
>>> >
>>> +-----------------------+------------------------------------+-------------------------------------------------+
>>> > > | DEFAULT | verbose |
>>> > > True |
>>> > > | DEFAULT | nova_url |
>>> > > http://controller:8774/v2 |
>>> > > | DEFAULT | notify_nova_on_port_data_changes |
>>> > > True |
>>> > > | DEFAULT | notify_nova_on_port_status_changes |
>>> > > True |
>>> > > | DEFAULT | auth_strategy |
>>> > > keystone |
>>> > > | DEFAULT | rpc_backend |
>>> > > rabbit |
>>> > > | DEFAULT | allow_overlapping_ips |
>>> > > True |
>>> > > | DEFAULT | service_plugins |
>>> > > router |
>>> > > | DEFAULT | core_plugin |
>>> > > ml2 |
>>> > > | keystone_authtoken | password |
>>> > > mk4968small23buggidntpass |
>>> > > | keystone_authtoken | username |
>>> > > neutron |
>>> > > | keystone_authtoken | project_name |
>>> > > service |
>>> > > | keystone_authtoken | user_domain_id |
>>> > > default |
>>> > > | keystone_authtoken | project_domain_id |
>>> > > default |
>>> > > | keystone_authtoken | auth_plugin |
>>> > > password |
>>> > > | keystone_authtoken | auth_url |
>>> > > http://controller:35357 |
>>> > > | keystone_authtoken | auth_uri |
>>> > > http://controller:5000 |
>>> > > | database | connection |
>>> > > mysql://neutron:sleestack191@controller/neutron |
>>> > > | nova | password |
>>> > > mk4968small23buggidntpass |
>>> > > | nova | username |
>>> > > nova |
>>> > > | nova | project_name |
>>> > > service |
>>> > > | nova | region_name |
>>> > > RegionOne |
>>> > > | nova | user_domain_id |
>>> > > default |
>>> > > | nova | project_domain_id |
>>> > > default |
>>> > > | nova | auth_plugin |
>>> > > password |
>>> > > | nova | auth_url |
>>> > > http://controller:35357 |
>>> > > | oslo_concurrency | lock_path |
>>> > > /var/lib/neutron/tmp |
>>> > > | oslo_messaging_rabbit | rabbit_password |
>>> > > open.g00dke232 |
>>> > > | oslo_messaging_rabbit | rabbit_userid |
>>> > > openstack |
>>> > > | oslo_messaging_rabbit | rabbit_host |
>>> > > controller |
>>> > >
>>> >
>>> +-----------------------+------------------------------------+-------------------------------------------------+
>>> > >
>>> >
>>> +-------------------+---------------------+--------------------------------------------------------------+
>>> > > | rootwrap: Section | Key |
>>> > > Value |
>>> > >
>>> >
>>> +-------------------+---------------------+--------------------------------------------------------------+
>>> > > | DEFAULT | filters_path |
>>> > > /etc/cinder/rootwrap.d,/usr/share/cinder/rootwrap |
>>> > > | DEFAULT | exec_dirs |
>>> > > /sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin |
>>> > > | DEFAULT | use_syslog |
>>> > > False |
>>> > > | DEFAULT | syslog_log_facility |
>>> > > syslog |
>>> > > | DEFAULT | syslog_log_level |
>>> > > ERROR |
>>> > >
>>> >
>>> +-------------------+---------------------+--------------------------------------------------------------+
>>> > >
>>> >
>>> +-------------------+----------------------+--------------------------+
>>> > > | ml2_conf: Section | Key | Value
>>> > |
>>> > >
>>> >
>>> +-------------------+----------------------+--------------------------+
>>> > > | ml2 | extension_drivers | port_security
>>> > |
>>> > > | ml2 | mechanism_drivers |
>>> > linuxbridge,l2population |
>>> > > | ml2 | tenant_network_types | vxlan
>>> > |
>>> > > | ml2 | type_drivers | flat,vlan,vxlan
>>> > |
>>> > > | ml2_type_flat | flat_networks | public
>>> > |
>>> > > | ml2_type_vxlan | vni_ranges | 1:1000
>>> > |
>>> > > | securitygroup | enable_ipset | True
>>> > |
>>> > >
>>> >
>>> +-------------------+----------------------+--------------------------+
>>> > >
>>> >
>>> +-------------------+--------------------------+-----------------------------------------------------+
>>> > > | l3_agent: Section | Key |
>>> > > Value |
>>> > >
>>> >
>>> +-------------------+--------------------------+-----------------------------------------------------+
>>> > > | DEFAULT | external_network_bridge
>>> > > | |
>>> > > | DEFAULT | verbose |
>>> > > True |
>>> > > | DEFAULT | interface_driver |
>>> > > neutron.agent.linux.interface.BridgeInterfaceDriver |
>>> > >
>>> >
>>> +-------------------+--------------------------+-----------------------------------------------------+
>>> > >
>>> >
>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>> > > | linuxbridge_agent: Section | Key |
>>> > > Value |
>>> > >
>>> >
>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>> > > | linux_bridge | physical_interface_mappings |
>>> > > public:enp3s0 |
>>> > > | vxlan | l2_population |
>>> > > True |
>>> > > | vxlan | local_ip |
>>> > > 172.22.10.99 |
>>> > > | vxlan | enable_vxlan |
>>> > > True |
>>> > > | agent | prevent_arp_spoofing |
>>> > > True |
>>> > > | securitygroup | firewall_driver |
>>> > > neutron.agent.linux.iptables_firewall.IptablesFirewallDriver |
>>> > > | securitygroup | enable_security_group |
>>> > > True |
>>> > >
>>> >
>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>> > >
>>> >
>>> +---------------------+--------------------------+-----------------------------------------------------+
>>> > > | dhcp_agent: Section | Key |
>>> > > Value |
>>> > >
>>> >
>>> +---------------------+--------------------------+-----------------------------------------------------+
>>> > > | DEFAULT | dnsmasq_config_file |
>>> > > /etc/neutron/dnsmasq-neutron.conf |
>>> > > | DEFAULT | verbose |
>>> > > True |
>>> > > | DEFAULT | enable_isolated_metadata |
>>> > > True |
>>> > > | DEFAULT | dhcp_driver |
>>> > > neutron.agent.linux.dhcp.Dnsmasq |
>>> > > | DEFAULT | interface_driver |
>>> > > neutron.agent.linux.interface.BridgeInterfaceDriver |
>>> > >
>>> >
>>> +---------------------+--------------------------+-----------------------------------------------------+
>>> > >
>>> > >
>>> > >
>>> > >
>>> > >
>>> > >
>>> > >
>>> > >
>>> > >
>>> > >
>>> > > - Christopher T. Hull
>>> > > I am presently seeking a new career opportunity Please see
>>> > career page
>>> > > http://chrishull.com/career
>>> > > 333 Orchard Ave, Sunnyvale CA. 94085
>>> > > (415) 385 4865 <tel:%28415%29%20385%204865>
>>> > > chrishull42 at gmail.com <mailto:chrishull42 at gmail.com>
>>> > <mailto:chrishull42 at gmail.com <mailto:chrishull42 at gmail.com>>
>>> > > http://chrishull.com
>>> > >
>>> > >
>>> > >
>>> > > On Wed, Mar 23, 2016 at 8:50 AM, <chrishull42 at gmail.com <mailto:
>>> chrishull42 at gmail.com>
>>> > > <mailto:chrishull42 at gmail.com <mailto:chrishull42 at gmail.com>>>
>>> wrote:
>>> > >
>>> > > Thanks. Will check that.
>>> > > When I create an instance in the public or private nets they
>>> ping.
>>> > > Why do router ports behave differently than instance ports?
>>> Only
>>> > > the Northbound router port is down and won't ping. Will
>>> check
>>> > > settings ASAP thanks
>>> > >
>>> > > Chris.
>>> > >
>>> > > Sent from my iPhone
>>> > >
>>> > > On Mar 23, 2016, at 7:52 AM, Kevin Benton <kevin at benton.pub
>>> > > <mailto:kevin at benton.pub <mailto:kevin at benton.pub>>> wrote:
>>> > >
>>> > >> Ok. The same settings should apply to Linux bridge.
>>> > >>
>>> > >> Make sure you have external_network_bridge defined in your
>>> L3
>>> > >> agent as an empty value.
>>> > >>
>>> > >> Then your external network should be created with the
>>> provider
>>> > >> type of 'flat' and the physical network corresponding to
>>> the one
>>> > >> you have defined in your bridge mappings in the L2 agent
>>> that
>>> > >> attaches to the bridge going to your external physical
>>> network.
>>> > >>
>>> > >> On Mar 23, 2016 7:25 AM, <chrishull42 at gmail.com <mailto:
>>> chrishull42 at gmail.com>
>>> > >> <mailto:chrishull42 at gmail.com <mailto:chrishull42 at gmail.com>>>
>>> wrote:
>>> > >>
>>> > >> Kevin;
>>> > >> Thank you Very much. I'll check. I did a manual
>>> Liberty
>>> > >> install so I may have done something wrong. I am using
>>> > >> LinuxBridge (not OpenVSwitch) if that helps. Will post
>>> > >> results to list soon. Would like to be able to use
>>> floating
>>> > >> IPs, a more convenient form of ipTables basically.
>>> > >>
>>> > >> Chris.
>>> > >>
>>> > >> Sent from my iPhone
>>> > >>
>>> > >> On Mar 23, 2016, at 7:16 AM, Kevin Benton <
>>> kevin at benton.pub
>>> > >> <mailto:kevin at benton.pub <mailto:kevin at benton.pub>>>
>>> wrote:
>>> > >>
>>> > >>> Do you have external_network_bridge set to an empty
>>> value in
>>> > >>> the l3 agent config? If not, the l3 agent will use a
>>> legacy
>>> > >>> mode of wiring up the port and it's status field may
>>> not be
>>> > >>> ACTIVE.
>>> > >>>
>>> > >>> The routers are tested thousands of times in the gate
>>> every
>>> > >>> day, so they work. It's just a matter of getting your
>>> > >>> configuration correct.
>>> > >>>
>>> > >>> Yes, you can use a VM to route as well.
>>> > >>>
>>> > >>> On Mar 23, 2016 7:06 AM, <chrishull42 at gmail.com
>>> <mailto:chrishull42 at gmail.com>
>>> > >>> <mailto:chrishull42 at gmail.com <mailto:
>>> chrishull42 at gmail.com>>> wrote:
>>> > >>>
>>> > >>> Hi all;
>>> > >>> It appears that Liberty Neutron routers do not
>>> work.
>>> > >>> The Northbound port is always Down.
>>> > >>>
>>> > >>> What I'd like to do is dedicate an instance
>>> (CentOS) to
>>> > >>> routing between the Public net and other nets. Has
>>> > >>> anyone done this. Setting up the router is
>>> trivial.
>>> > >>> But I'm a little worried about interaction with
>>> Neutron
>>> > >>> Ports. I need to assign fixed IPs so I can route
>>> from
>>> > >>> the Internet to a server instance.
>>> > >>>
>>> > >>> Ideas?
>>> > >>>
>>> > >>> Thanks
>>> > >>> - Chris.
>>> > >>>
>>> > >>> Sent from my iPhone
>>> > >>> _______________________________________________
>>> > >>> OpenStack-operators mailing list
>>> > >>> OpenStack-operators at lists.openstack.org
>>> > <mailto:OpenStack-operators at lists.openstack.org>
>>> > >>> <mailto:OpenStack-operators at lists.openstack.org
>>> > <mailto:OpenStack-operators at lists.openstack.org>>
>>> > >>>
>>> >
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>> > >>>
>>> > >
>>> > >
>>> > >
>>> > > _______________________________________________
>>> > > OpenStack-operators mailing list
>>> > > OpenStack-operators at lists.openstack.org
>>> > <mailto:OpenStack-operators at lists.openstack.org>
>>> > >
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>> > >
>>> >
>>> > Definitely the external_network_bridge needs to be explicitly set
>>> to
>>> > nothing. That's not the default. I've never had to change the
>>> default
>>> > gateway_external_network_id when I set external_network_bridge to a
>>> > blank value.
>>> >
>>> > Note that after making changes to external_network_bridge, I've
>>> have to
>>> > delete and recreate the router/port/network that was created before
>>> > that change.
>>> >
>>> > I assume that your bridge mappings are correct in
>>> > /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini:
>>> >
>>> > bridge_mappings =datacentre:br-ex # or whatever you have locally
>>> >
>>> > And that the physical_network of the external network matches the
>>> > network name in the bridge_mappings that corresponds to the bridge
>>> > containing the physical interface? Probably your instance ports
>>> > wouldn't work if those things weren't correct, but those are also
>>> areas
>>> > where I see failures similar to this.
>>> >
>>> > --
>>> > Dan Sneddon | Principal OpenStack Engineer
>>> > dsneddon at redhat.com <mailto:dsneddon at redhat.com> |
>>> > redhat.com/openstack <http://redhat.com/openstack>
>>> > 650.254.4025 <tel:650.254.4025> | dsneddon:irc
>>> @dxs:twitter
>>> >
>>> >
>>> >
>>> >
>>> > _______________________________________________
>>> > OpenStack-operators mailing list
>>> > OpenStack-operators at lists.openstack.org
>>> >
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>> >
>>>
>>> I didn't mean to confuse you by assuming that you were running Open
>>> vSwitch. You don't have to run Open vSwitch, and some things do work
>>> differently when using Linux bridge.
>>>
>>> If your IP address is no longer on enp3s0, then that might be an
>>> indicator that you have a bridge subsuming enp3s0. In that case, I'm
>>> pretty sure that the physical_interface_mapping should be
>>> public:<bridge>. I spend a lot more time with OVS deployments, though.
>>>
>>> --
>>> Dan Sneddon | Principal OpenStack Engineer
>>> dsneddon at redhat.com | redhat.com/openstack
>>> 650.254.4025 | dsneddon:irc @dxs:twitter
>>>
>>> _______________________________________________
>>> OpenStack-operators mailing list
>>> OpenStack-operators at lists.openstack.org
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20160324/ba36af01/attachment-0001.html>
More information about the OpenStack-operators
mailing list