[Openstack-operators] Manual router setup
Christopher Hull
chrishull42 at gmail.com
Thu Mar 24 19:05:10 UTC 2016
Hmmm. Curiously enough, I now see this. This was not the case prior to
the creation of the nets and subnets in OpenStack. OpenStack somehow did
this.
brq9ee73442-5a: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
---->>>>>> inet 172.22.10.99 <<<<<-------
netmask 255.255.255.0 broadcast 172.22.10.255
inet6 2602:306:31fd:1020:4815:7eff:fef4:99cf prefixlen 64 scopeid
0x0<global>
inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95 prefixlen 64 scopeid
0x0<global>
inet6 fe80::70b5:65ff:fea6:c5d9 prefixlen 64 scopeid 0x20<link>
ether 4a:15:7e:f4:99:cf txqueuelen 0 (Ethernet)
RX packets 188163 bytes 10141407 (9.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 14734 bytes 27696525 (26.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
Used to be here.
inet6 fe80::ae9e:17ff:feec:5d95 prefixlen 64 scopeid 0x20<link>
ether ac:9e:17:ec:5d:95 txqueuelen 1000 (Ethernet)
RX packets 947280 bytes 1081759456 (1.0 GiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 504788 bytes 63547204 (60.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
So perhaps I need to change the setting in...
| linuxbridge_agent
| linux_bridge | physical_interface_mappings |
public:enp3s0
to public:brq9ee73442-5a ?
-Chris
- Christopher T. Hull
I am presently seeking a new career opportunity Please see career page
http://chrishull.com/career
333 Orchard Ave, Sunnyvale CA. 94085
(415) 385 4865
chrishull42 at gmail.com
http://chrishull.com
On Thu, Mar 24, 2016 at 11:58 AM, Christopher Hull <chrishull42 at gmail.com>
wrote:
> Hi James;
>
> As further proof that I'm just learning this stuff. :-) Been a dev for
> decades, but this industry is vast. Would like to gather an end to end
> understanding of how LinuxBridge, etc works sometime. Meanwhile, here is
> the current state of my system as per your input.
>
> ... This looks bad. I'm assuming "enabled = no" isn't right. :-)
> Have not yet moved static IP to br-?? from ephXXX (traditionally known as
> eth0) yet.
>
> Please let me know what you see. Thanks! :-)
>
> [root at maersk src]# brctl show
> bridge name bridge id STP enabled interfaces
> brq573956a6-13 8000.72650bf7669c no tap74c0d2df-39
> tapbb0ceef0-e6
> vxlan-92
> brq9ee73442-5a 8000.4a157ef499cf no enp3s0
> tap788bdea8-02
> tapb8f78b33-19
> tapbc53b8c7-6a
> tapd669011b-bf
> virbr0 8000.5254003394b3 yes virbr0-nic
>
>
>
> [root at maersk src]# ./pluto.py list -p /etc
> List of all Openstack conf files found under: /etc
>
> +----------------------------+-----------------------------------------------------+
> | Name | Full
> Path |
>
> +----------------------------+-----------------------------------------------------+
> | glance-registry.conf |
> /etc/glance/glance-registry.conf |
> | dnsmasq-neutron.conf |
> /etc/neutron/dnsmasq-neutron.conf |
> | ml2_conf_ofa.ini |
> /etc/neutron/plugins/ml2/ml2_conf_ofa.ini |
> | glance-cache.conf |
> /etc/glance/glance-cache.conf |
> | ml2_conf_fslsdn.ini |
> /etc/neutron/plugins/ml2/ml2_conf_fslsdn.ini |
> | restproxy.ini |
> /etc/neutron/plugins/ml2/restproxy.ini |
> | dhcp_agent.ini |
> /etc/neutron/dhcp_agent.ini |
> | neutron.conf |
> /etc/neutron/neutron.conf |
> | keystone.conf |
> /etc/keystone/keystone.conf |
> | sriov_agent.ini |
> /etc/neutron/plugins/ml2/sriov_agent.ini |
> | logging.conf |
> /etc/keystone/logging.conf |
> | glance-api.conf |
> /etc/glance/glance-api.conf |
> | cinder.conf |
> /etc/cinder/cinder.conf |
> | metadata_agent.ini |
> /etc/neutron/metadata_agent.ini |
> | glance-scrubber.conf |
> /etc/glance/glance-scrubber.conf |
> | api-paste.ini |
> /etc/cinder/api-paste.ini |
> | linuxbridge_agent.ini |
> /etc/neutron/plugins/ml2/linuxbridge_agent.ini |
> | rootwrap.conf |
> /etc/cinder/rootwrap.conf |
> | ml2_conf_sriov.ini |
> /etc/neutron/plugins/ml2/ml2_conf_sriov.ini |
> | l3_agent.ini |
> /etc/neutron/l3_agent.ini |
> | ml2_conf.ini |
> /etc/neutron/plugins/ml2/ml2_conf.ini |
> | nova.conf |
> /etc/nova/nova.conf |
> | plugin.ini |
> /etc/neutron/plugin.ini |
> | ml2_conf_brocade_fi_ni.ini |
> /etc/neutron/plugins/ml2/ml2_conf_brocade_fi_ni.ini |
> | ml2_conf_brocade.ini |
> /etc/neutron/plugins/ml2/ml2_conf_brocade.ini |
>
> +----------------------------+-----------------------------------------------------+
> [root at maersk src]# ./pluto.py show -p /etc linuxbridge_agent.ini
> ml2_conf.ini ml2_conf_sriov.ini
>
> +----------------------------+-----------------------------+--------------------------------------------------------------+
> | linuxbridge_agent: Section | Key |
> Value |
>
> +----------------------------+-----------------------------+--------------------------------------------------------------+
> | linux_bridge | physical_interface_mappings |
> public:enp3s0 |
> | vxlan | l2_population |
> True |
> | vxlan | local_ip |
> 172.22.10.99 |
> | vxlan | enable_vxlan |
> True |
> | agent | prevent_arp_spoofing |
> True |
> | securitygroup | firewall_driver |
> neutron.agent.linux.iptables_firewall.IptablesFirewallDriver |
> | securitygroup | enable_security_group |
> True |
>
> +----------------------------+-----------------------------+--------------------------------------------------------------+
> +-------------------+----------------------+--------------------------+
> | ml2_conf: Section | Key | Value |
> +-------------------+----------------------+--------------------------+
> | ml2 | extension_drivers | port_security |
> | ml2 | mechanism_drivers | linuxbridge,l2population |
> | ml2 | tenant_network_types | vxlan |
> | ml2 | type_drivers | flat,vlan,vxlan |
> | ml2_type_flat | flat_networks | public |
>
> | ml2_type_vxlan | vni_ranges | 1:1000 |
> | securitygroup | enable_ipset | True |
> +-------------------+----------------------+--------------------------+
> +-------------------------+-----+-------+
> | ml2_conf_sriov: Section | Key | Value |
> +-------------------------+-----+-------+
> +-------------------------+-----+-------+
>
>
>
> [root at maersk src]# ip addr
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> inet 127.0.0.1/8 scope host lo
> valid_lft forever preferred_lft forever
> inet6 ::1/128 scope host
> valid_lft forever preferred_lft forever
> 2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
> master brq9ee73442-5a state UP qlen 1000
> link/ether ac:9e:17:ec:5d:95 brd ff:ff:ff:ff:ff:ff
> inet6 fe80::ae9e:17ff:feec:5d95/64 scope link
> valid_lft forever preferred_lft forever
> 3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
> state DOWN
> link/ether 52:54:00:33:94:b3 brd ff:ff:ff:ff:ff:ff
> inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
> valid_lft forever preferred_lft forever
> 4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master
> virbr0 state DOWN qlen 500
> link/ether 52:54:00:33:94:b3 brd ff:ff:ff:ff:ff:ff
> 6: tapbb0ceef0-e6 at if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc
> pfifo_fast master brq573956a6-13 state UP qlen 1000
> link/ether ea:16:29:c8:99:25 brd ff:ff:ff:ff:ff:ff link-netnsid 0
> inet6 fe80::e816:29ff:fec8:9925/64 scope link
> valid_lft forever preferred_lft forever
> 7: vxlan-92: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue
> master brq573956a6-13 state UNKNOWN
> link/ether da:88:38:4a:06:e1 brd ff:ff:ff:ff:ff:ff
> inet6 fe80::d888:38ff:fe4a:6e1/64 scope link
> valid_lft forever preferred_lft forever
> 8: brq573956a6-13: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc
> noqueue state UP
> link/ether 72:65:0b:f7:66:9c brd ff:ff:ff:ff:ff:ff
> inet6 fe80::6469:36ff:fecc:a4d8/64 scope link
> valid_lft forever preferred_lft forever
> 9: tap74c0d2df-39 at if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc
> pfifo_fast master brq573956a6-13 state UP qlen 1000
> link/ether 72:65:0b:f7:66:9c brd ff:ff:ff:ff:ff:ff link-netnsid 1
> inet6 fe80::7065:bff:fef7:669c/64 scope link
> valid_lft forever preferred_lft forever
> 10: brq9ee73442-5a: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
> noqueue state UP
> link/ether 4a:15:7e:f4:99:cf brd ff:ff:ff:ff:ff:ff
> inet 172.22.10.99/24 brd 172.22.10.255 scope global brq9ee73442-5a
> valid_lft forever preferred_lft forever
> inet6 2602:306:31fd:1020:4815:7eff:fef4:99cf/64 scope global
> mngtmpaddr dynamic
> valid_lft 2591681sec preferred_lft 604481sec
> inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95/64 scope global
> valid_lft 2536726sec preferred_lft 549526sec
> inet6 fe80::70b5:65ff:fea6:c5d9/64 scope link
> valid_lft forever preferred_lft forever
> 11: tapb8f78b33-19: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
> pfifo_fast master brq9ee73442-5a state UNKNOWN qlen 500
> link/ether fe:16:3e:bc:ab:07 brd ff:ff:ff:ff:ff:ff
> inet6 fe80::fc16:3eff:febc:ab07/64 scope link
> valid_lft forever preferred_lft forever
> 13: tap788bdea8-02: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
> pfifo_fast master brq9ee73442-5a state UNKNOWN qlen 500
> link/ether fe:16:3e:11:ae:9e brd ff:ff:ff:ff:ff:ff
> inet6 fe80::fc16:3eff:fe11:ae9e/64 scope link
> valid_lft forever preferred_lft forever
> 15: tapbc53b8c7-6a at if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
> pfifo_fast master brq9ee73442-5a state UP qlen 1000
> link/ether 4a:15:7e:f4:99:cf brd ff:ff:ff:ff:ff:ff link-netnsid 2
> inet6 fe80::4815:7eff:fef4:99cf/64 scope link
> valid_lft forever preferred_lft forever
> 16: tapd669011b-bf: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
> pfifo_fast master brq9ee73442-5a state UNKNOWN qlen 500
> link/ether fe:16:3e:52:6d:b4 brd ff:ff:ff:ff:ff:ff
> inet6 fe80::fc16:3eff:fe52:6db4/64 scope link
> valid_lft forever preferred_lft forever
>
>
>
> - Christopher T. Hull
> I am presently seeking a new career opportunity Please see career page
> http://chrishull.com/career
> 333 Orchard Ave, Sunnyvale CA. 94085
> (415) 385 4865
> chrishull42 at gmail.com
> http://chrishull.com
>
>
>
> On Thu, Mar 24, 2016 at 10:21 AM, Christopher Hull <chrishull42 at gmail.com>
> wrote:
>
>> James;
>> Hey you know... I seem to remember zeroing out "eth0" IP 0.0.0.0 and
>> setting the static IP on br-ex under Kilo and everything worked. That was
>> using OVS. Perhaps I do the same, as you suggest, with LinuxBridge.
>> Wow. Thanks. Will try. And if this doesn't work I'll respond with the
>> diagnostic output you requested.
>>
>> Thanks to all of you;
>> -Chris
>>
>>
>> - Christopher T. Hull
>> I am presently seeking a new career opportunity Please see career page
>> http://chrishull.com/career
>> 333 Orchard Ave, Sunnyvale CA. 94085
>> (415) 385 4865
>> chrishull42 at gmail.com
>> http://chrishull.com
>>
>>
>>
>> On Wed, Mar 23, 2016 at 5:57 PM, James Denton <james.denton at rackspace.com
>> > wrote:
>>
>>> Hi Christopher,
>>>
>>> Routers work under Liberty and LinuxBridge just fine, in my experience,
>>> so don’t be too quick to give up on them. I promise you’ll have a tougher
>>> go at it, at this point, using another virtual machine as a router.
>>>
>>> Some tips:
>>>
>>>
>>> 1. Use the ‘ip’ command rather than ‘ifconfig’. Output of ‘ip addr’
>>> would be more helpful here.
>>> 2. Use ‘brctl show’ to see the virtual bridges and their members.
>>> That output would be helpful here as well.
>>>
>>>
>>> You have an IP configured on interface enp3s0, and I can’t tell what you
>>> have set as the physical interface mappings in the ML2/LinuxBridge agent
>>> config. On older email I see this:
>>>
>>> >> physical_interface_mappings | public:enp3s0
>>>
>>> If that’s still the case, you’re going to have a hard time. The
>>> LinuxBridge agent expects to put the enp3s0 interface into the respective
>>> brq-* bridge that corresponds to the public (flat) network. Once the
>>> interface is in the bridge, you may lose connectivity to/from any address
>>> on that interface. At that point, your host will be unable to communicate
>>> with the router's gateway interface also in the bridge, and probably any
>>> external host. In this configuration, you may consider moving the IP from
>>> enp3s0 to the brq-* bridge temporarily. That should work. Give it a try and
>>> let me know.
>>>
>>> James
>>>
>>> From: Christopher Hull <chrishull42 at gmail.com>
>>> Date: Wednesday, March 23, 2016 at 7:21 PM
>>> To: Dan Sneddon <dsneddon at redhat.com>
>>> Cc: openstack-operators <openstack-operators at lists.openstack.org>
>>> Subject: Re: [Openstack-operators] Manual router setup
>>>
>>> Conclusion. Neutron routers under Liberty (Linux Bridge) don't work.
>>> Please prove me wrong..... Moving on to manual router creation.
>>> 1: How can I assign a fixed IP to an instance?
>>> 2: If I add routes will they get used? I probably have to create a Port
>>> for every route (as Floating IPs do ).
>>>
>>>
>>> ------ Session: Trying to create a working router for the 15th time.
>>> :-) ----
>>>
>>>
>>> [root at maersk src]# ifconfig
>>> enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>>> inet 172.22.10.99 netmask 255.255.255.0 broadcast 172.22.10.255
>>> inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95 prefixlen 64
>>> scopeid 0x0<global>
>>> inet6 fe80::ae9e:17ff:feec:5d95 prefixlen 64 scopeid 0x20<link>
>>> ether ac:9e:17:ec:5d:95 txqueuelen 1000 (Ethernet)
>>> RX packets 238 bytes 16020 (15.6 KiB)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 60 bytes 6650 (6.4 KiB)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
>>> inet 127.0.0.1 netmask 255.0.0.0
>>> inet6 ::1 prefixlen 128 scopeid 0x10<host>
>>> loop txqueuelen 0 (Local Loopback)
>>> RX packets 4985 bytes 1060267 (1.0 MiB)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 4985 bytes 1060267 (1.0 MiB)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
>>> inet 192.168.122.1 netmask 255.255.255.0 broadcast
>>> 192.168.122.255
>>> ether 52:54:00:33:94:b3 txqueuelen 0 (Ethernet)
>>> RX packets 0 bytes 0 (0.0 B)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 0 bytes 0 (0.0 B)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> [root at maersk src]# source admin-openrc.sh
>>> [root at maersk src]# clear
>>>
>>> [root at maersk src]# neutron net-create public --shared
>>> --provider:physical_network public \
>>> > --provider:network_type flat
>>> Created a new network:
>>> +---------------------------+--------------------------------------+
>>> | Field | Value |
>>> +---------------------------+--------------------------------------+
>>> | admin_state_up | True |
>>> | id | 9ee73442-5a86-48c0-84da-8f650937fd08 |
>>> | mtu | 0 |
>>> | name | public |
>>> | port_security_enabled | True |
>>> | provider:network_type | flat |
>>> | provider:physical_network | public |
>>> | provider:segmentation_id | |
>>> | router:external | False |
>>> | shared | True |
>>> | status | ACTIVE |
>>> | subnets | |
>>> | tenant_id | fdf3f98a9b0c4e9e94603d8a84ea41a8 |
>>> +---------------------------+--------------------------------------+
>>> [root at maersk src]# neutron subnet-create public 172.22.10.0/24 --name
>>> public \
>>> > --allocation-pool start=172.22.10.10,end=172.22.10.90 \
>>> > --dns-nameserver 172.22.10.254 --gateway 172.22.10.254
>>> --enable_dhcp False
>>> Created a new subnet:
>>> +-------------------+--------------------------------------------------+
>>> | Field | Value |
>>> +-------------------+--------------------------------------------------+
>>> | allocation_pools | {"start": "172.22.10.10", "end": "172.22.10.90"} |
>>> | cidr | 172.22.10.0/24 |
>>> | dns_nameservers | 172.22.10.254 |
>>> | enable_dhcp | False |
>>> | gateway_ip | 172.22.10.254 |
>>> | host_routes | |
>>> | id | 28683bfe-2410-4f9b-b805-ec3c7aee009a |
>>> | ip_version | 4 |
>>> | ipv6_address_mode | |
>>> | ipv6_ra_mode | |
>>> | name | public |
>>> | network_id | 9ee73442-5a86-48c0-84da-8f650937fd08 |
>>> | subnetpool_id | |
>>> | tenant_id | fdf3f98a9b0c4e9e94603d8a84ea41a8 |
>>> +-------------------+--------------------------------------------------+
>>> [root at maersk src]# ifconfig
>>> enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>>> inet 172.22.10.99 netmask 255.255.255.0 broadcast 172.22.10.255
>>> inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95 prefixlen 64
>>> scopeid 0x0<global>
>>> inet6 fe80::ae9e:17ff:feec:5d95 prefixlen 64 scopeid 0x20<link>
>>> ether ac:9e:17:ec:5d:95 txqueuelen 1000 (Ethernet)
>>> RX packets 5032 bytes 373870 (365.1 KiB)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 2602 bytes 3154215 (3.0 MiB)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
>>> inet 127.0.0.1 netmask 255.0.0.0
>>> inet6 ::1 prefixlen 128 scopeid 0x10<host>
>>> loop txqueuelen 0 (Local Loopback)
>>> RX packets 46701 bytes 12008341 (11.4 MiB)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 46701 bytes 12008341 (11.4 MiB)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
>>> inet 192.168.122.1 netmask 255.255.255.0 broadcast
>>> 192.168.122.255
>>> ether 52:54:00:33:94:b3 txqueuelen 0 (Ethernet)
>>> RX packets 0 bytes 0 (0.0 B)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 0 bytes 0 (0.0 B)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> [root at maersk src]# neutron net-list
>>>
>>> +--------------------------------------+--------+-----------------------------------------------------+
>>> | id | name |
>>> subnets |
>>>
>>> +--------------------------------------+--------+-----------------------------------------------------+
>>> | 9ee73442-5a86-48c0-84da-8f650937fd08 | public |
>>> 28683bfe-2410-4f9b-b805-ec3c7aee009a 172.22.10.0/24 |
>>>
>>> +--------------------------------------+--------+-----------------------------------------------------+
>>> [root at maersk src]# source demo-openrc.sh
>>> [root at maersk src]# neutron net-create private
>>> Created a new network:
>>> +-----------------------+--------------------------------------+
>>> | Field | Value |
>>> +-----------------------+--------------------------------------+
>>> | admin_state_up | True |
>>> | id | 573956a6-1378-4100-83c2-db5c3bf9a95c |
>>> | mtu | 0 |
>>> | name | private |
>>> | port_security_enabled | True |
>>> | router:external | False |
>>> | shared | False |
>>> | status | ACTIVE |
>>> | subnets | |
>>> | tenant_id | 7813be77b1de4196b1c6b77006afa21c |
>>> +-----------------------+--------------------------------------+
>>> [root at maersk src]# neutron subnet-create private 192.168.10.0/24 \
>>> > --name private --dns-nameserver 172.22.10.254 --gateway
>>> 192.168.10.1
>>> Created a new subnet:
>>>
>>> +-------------------+----------------------------------------------------+
>>> | Field | Value
>>> |
>>>
>>> +-------------------+----------------------------------------------------+
>>> | allocation_pools | {"start": "192.168.10.2", "end": "192.168.10.254"}
>>> |
>>> | cidr | 192.168.10.0/24
>>> |
>>> | dns_nameservers | 172.22.10.254
>>> |
>>> | enable_dhcp | True
>>> |
>>> | gateway_ip | 192.168.10.1
>>> |
>>> | host_routes |
>>> |
>>> | id | 83f4f5e5-13b6-41f2-af07-b96d86847e2b
>>> |
>>> | ip_version | 4
>>> |
>>> | ipv6_address_mode |
>>> |
>>> | ipv6_ra_mode |
>>> |
>>> | name | private
>>> |
>>> | network_id | 573956a6-1378-4100-83c2-db5c3bf9a95c
>>> |
>>> | subnetpool_id |
>>> |
>>> | tenant_id | 7813be77b1de4196b1c6b77006afa21c
>>> |
>>>
>>> +-------------------+----------------------------------------------------+
>>> [root at maersk src]# ifconfig
>>> brq573956a6-13: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>>> inet6 fe80::6469:36ff:fecc:a4d8 prefixlen 64 scopeid 0x20<link>
>>> ether da:88:38:4a:06:e1 txqueuelen 0 (Ethernet)
>>> RX packets 4 bytes 264 (264.0 B)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 7 bytes 578 (578.0 B)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>>> inet 172.22.10.99 netmask 255.255.255.0 broadcast 172.22.10.255
>>> inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95 prefixlen 64
>>> scopeid 0x0<global>
>>> inet6 fe80::ae9e:17ff:feec:5d95 prefixlen 64 scopeid 0x20<link>
>>> ether ac:9e:17:ec:5d:95 txqueuelen 1000 (Ethernet)
>>> RX packets 5310 bytes 393373 (384.1 KiB)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 2661 bytes 3165497 (3.0 MiB)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
>>> inet 127.0.0.1 netmask 255.0.0.0
>>> inet6 ::1 prefixlen 128 scopeid 0x10<host>
>>> loop txqueuelen 0 (Local Loopback)
>>> RX packets 50779 bytes 13259383 (12.6 MiB)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 50779 bytes 13259383 (12.6 MiB)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> tapbb0ceef0-e6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>>> inet6 fe80::e816:29ff:fec8:9925 prefixlen 64 scopeid 0x20<link>
>>> ether ea:16:29:c8:99:25 txqueuelen 1000 (Ethernet)
>>> RX packets 7 bytes 578 (578.0 B)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 13 bytes 1066 (1.0 KiB)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
>>> inet 192.168.122.1 netmask 255.255.255.0 broadcast
>>> 192.168.122.255
>>> ether 52:54:00:33:94:b3 txqueuelen 0 (Ethernet)
>>> RX packets 0 bytes 0 (0.0 B)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 0 bytes 0 (0.0 B)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> vxlan-92: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>>> inet6 fe80::d888:38ff:fe4a:6e1 prefixlen 64 scopeid 0x20<link>
>>> ether da:88:38:4a:06:e1 txqueuelen 0 (Ethernet)
>>> RX packets 0 bytes 0 (0.0 B)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 0 bytes 0 (0.0 B)
>>> TX errors 0 dropped 16 overruns 0 carrier 0 collisions 0
>>>
>>> [root at maersk src]# source admin-openrc.sh
>>> [root at maersk src]# neutron net-update public --router:external
>>> Updated network: public
>>> [root at maersk src]# source demo-openrc.sh
>>> [root at maersk src]# neutron router-create router
>>> Created a new router:
>>> +-----------------------+--------------------------------------+
>>> | Field | Value |
>>> +-----------------------+--------------------------------------+
>>> | admin_state_up | True |
>>> | external_gateway_info | |
>>> | id | ff6a61f5-f497-43a1-b245-64ec8e87b488 |
>>> | name | router |
>>> | routes | |
>>> | status | ACTIVE |
>>> | tenant_id | 7813be77b1de4196b1c6b77006afa21c |
>>> +-----------------------+--------------------------------------+
>>> [root at maersk src]# neutron router-interface-add router private
>>> Multiple router matches found for name 'router', use an ID to be more
>>> specific.
>>> [root at maersk src]# neutron router-list
>>> +--------------------------------------+--------+-----------------------+
>>> | id | name | external_gateway_info |
>>> +--------------------------------------+--------+-----------------------+
>>> | 5939b796-cae6-4d72-8d34-66e20afb95aa | router | null |
>>> | ff6a61f5-f497-43a1-b245-64ec8e87b488 | router | null |
>>> +--------------------------------------+--------+-----------------------+
>>> [root at maersk src]# neutron router-delete
>>> 5939b796-cae6-4d72-8d34-66e20afb95aa
>>> Deleted router: 5939b796-cae6-4d72-8d34-66e20afb95aa
>>> [root at maersk src]# neutron router-delete
>>> ff6a61f5-f497-43a1-b245-64ec8e87b488
>>> Deleted router: ff6a61f5-f497-43a1-b245-64ec8e87b488
>>> [root at maersk src]# neutron router-create router
>>> Created a new router:
>>> +-----------------------+--------------------------------------+
>>> | Field | Value |
>>> +-----------------------+--------------------------------------+
>>> | admin_state_up | True |
>>> | external_gateway_info | |
>>> | id | a1be1dbd-1a94-4a8c-8093-45a7af89140c |
>>> | name | router |
>>> | routes | |
>>> | status | ACTIVE |
>>> | tenant_id | 7813be77b1de4196b1c6b77006afa21c |
>>> +-----------------------+--------------------------------------+
>>> [root at maersk src]# neutron router-interface-add router private
>>> Added interface 74c0d2df-3944-43d7-8be9-2ef0d9242edc to router router.
>>> [root at maersk src]# neutron router-gateway-set router public
>>> Set gateway for router router
>>> [root at maersk src]# source admin-openrc.sh
>>> [root at maersk src]# ip netns
>>> qrouter-a1be1dbd-1a94-4a8c-8093-45a7af89140c (id: 1)
>>> qdhcp-573956a6-1378-4100-83c2-db5c3bf9a95c (id: 0)
>>> [root at maersk src]# neutron router-port-list router
>>>
>>> +--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
>>> | id | name | mac_address |
>>> fixed_ips
>>> |
>>>
>>> +--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
>>> | 21c8decf-e4c8-4467-9266-ca5cfb9c7c20 | | fa:16:3e:d6:29:b4 |
>>> {"subnet_id": "28683bfe-2410-4f9b-b805-ec3c7aee009a", "ip_address":
>>> "172.22.10.10"} |
>>> | 74c0d2df-3944-43d7-8be9-2ef0d9242edc | | fa:16:3e:7b:d6:0f |
>>> {"subnet_id": "83f4f5e5-13b6-41f2-af07-b96d86847e2b", "ip_address":
>>> "192.168.10.1"} |
>>>
>>> +--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
>>> [root at maersk src]# ping 172.22.10.10
>>> PING 172.22.10.10 (172.22.10.10) 56(84) bytes of data.
>>> From 172.22.10.99 icmp_seq=1 Destination Host Unreachable
>>> From 172.22.10.99 icmp_seq=2 Destination Host Unreachable
>>> From 172.22.10.99 icmp_seq=3 Destination Host Unreachable
>>> From 172.22.10.99 icmp_seq=4 Destination Host Unreachable
>>> From 172.22.10.99 icmp_seq=5 Destination Host Unreachable
>>> From 172.22.10.99 icmp_seq=6 Destination Host Unreachable
>>> From 172.22.10.99 icmp_seq=7 Destination Host Unreachable
>>> From 172.22.10.99 icmp_seq=8 Destination Host Unreachable
>>> ^C
>>> --- 172.22.10.10 ping statistics ---
>>> 8 packets transmitted, 0 received, +8 errors, 100% packet loss, time
>>> 7000ms
>>> pipe 4
>>> [root at maersk src]# ifconfig
>>> brq573956a6-13: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>>> inet6 fe80::6469:36ff:fecc:a4d8 prefixlen 64 scopeid 0x20<link>
>>> ether 72:65:0b:f7:66:9c txqueuelen 0 (Ethernet)
>>> RX packets 6 bytes 348 (348.0 B)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 8 bytes 648 (648.0 B)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>>> inet 172.22.10.99 netmask 255.255.255.0 broadcast 172.22.10.255
>>> inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95 prefixlen 64
>>> scopeid 0x0<global>
>>> inet6 fe80::ae9e:17ff:feec:5d95 prefixlen 64 scopeid 0x20<link>
>>> ether ac:9e:17:ec:5d:95 txqueuelen 1000 (Ethernet)
>>> RX packets 6360 bytes 464736 (453.8 KiB)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 2867 bytes 3196849 (3.0 MiB)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
>>> inet 127.0.0.1 netmask 255.0.0.0
>>> inet6 ::1 prefixlen 128 scopeid 0x10<host>
>>> loop txqueuelen 0 (Local Loopback)
>>> RX packets 65582 bytes 17827940 (17.0 MiB)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 65582 bytes 17827940 (17.0 MiB)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> tap74c0d2df-39: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>>> inet6 fe80::7065:bff:fef7:669c prefixlen 64 scopeid 0x20<link>
>>> ether 72:65:0b:f7:66:9c txqueuelen 1000 (Ethernet)
>>> RX packets 10 bytes 864 (864.0 B)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 8 bytes 648 (648.0 B)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> tapbb0ceef0-e6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>>> inet6 fe80::e816:29ff:fec8:9925 prefixlen 64 scopeid 0x20<link>
>>> ether ea:16:29:c8:99:25 txqueuelen 1000 (Ethernet)
>>> RX packets 8 bytes 648 (648.0 B)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 16 bytes 1248 (1.2 KiB)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
>>> inet 192.168.122.1 netmask 255.255.255.0 broadcast
>>> 192.168.122.255
>>> ether 52:54:00:33:94:b3 txqueuelen 0 (Ethernet)
>>> RX packets 0 bytes 0 (0.0 B)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 0 bytes 0 (0.0 B)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> vxlan-92: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>>> inet6 fe80::d888:38ff:fe4a:6e1 prefixlen 64 scopeid 0x20<link>
>>> ether da:88:38:4a:06:e1 txqueuelen 0 (Ethernet)
>>> RX packets 0 bytes 0 (0.0 B)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 0 bytes 0 (0.0 B)
>>> TX errors 0 dropped 19 overruns 0 carrier 0 collisions 0
>>>
>>>
>>>
>>>
>>> - Christopher T. Hull
>>> I am presently seeking a new career opportunity Please see career page
>>> http://chrishull.com/career
>>> 333 Orchard Ave, Sunnyvale CA. 94085
>>> (415) 385 4865
>>> chrishull42 at gmail.com
>>> http://chrishull.com
>>>
>>>
>>>
>>> On Wed, Mar 23, 2016 at 4:34 PM, Dan Sneddon <dsneddon at redhat.com>
>>> wrote:
>>>
>>>> On 03/23/2016 04:06 PM, Christopher Hull wrote:
>>>> > Hmmm. Well I'm not using OpenVSwitch. Just LinuxBridge. My CentOS
>>>> > 7 install sees emp3s0 where eth0 would usually appear. But this may
>>>> > need to be changed to br-ex? The IP address no longer apperas at
>>>> > enp3s0, so perhaps that's the issue.
>>>> >
>>>> > When I make changes, I tear down all the networks and rebuild them
>>>> > according to instructions. I do this after restarting the machine.
>>>> I
>>>> > wonder if the database needs to be updated as well.
>>>> >
>>>> > su -s /bin/sh -c "neutron-db-manage --config-file
>>>> > /etc/neutron/neutron.conf \
>>>> > --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head"
>>>> neutron
>>>> > systemctl stop neutron-server.service \
>>>> > neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
>>>> > neutron-metadata-agent.service
>>>> > systemctl stop neutron-l3-agent.service
>>>> > and restart.
>>>> >
>>>> > Thanks for the help. Yes. It's a bit confusing. Why are router
>>>> and
>>>> > instance ports different? It is for this reason that I figured I
>>>> could
>>>> > just create my own instance/router. But why should I have to? Do
>>>> > routers not work unless you use OpenVSwitch? The Liberty install
>>>> > instructions (unlike Kilo) don't seem to require installing
>>>> OpenVSwitch.
>>>> >
>>>> > linux_bridge_agent.ini
>>>> > inux_bridge | physical_interface_mappings |
>>>> public:enp3s0
>>>> >
>>>> > Perhaps br-ex? Or whereever I see my static IP when doing an
>>>> > ifconfig :-) Was enp3s0 when CentOS was first installed, but I think
>>>> > thats changed somehow.
>>>> >
>>>> >
>>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>>> > | linuxbridge_agent: Section | Key |
>>>> > Value |
>>>> >
>>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>>> > | linux_bridge | physical_interface_mappings |
>>>> > public:enp3s0 |
>>>> > | vxlan | l2_population |
>>>> > True |
>>>> > | vxlan | local_ip |
>>>> > 172.22.10.99 |
>>>> > | vxlan | enable_vxlan |
>>>> > True |
>>>> > | agent | prevent_arp_spoofing |
>>>> > True |
>>>> > | securitygroup | firewall_driver |
>>>> > neutron.agent.linux.iptables_firewall.IptablesFirewallDriver |
>>>> > | securitygroup | enable_security_group |
>>>> > True |
>>>> >
>>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>>> >
>>>> >
>>>> >
>>>> > - Christopher T. Hull
>>>> > I am presently seeking a new career opportunity Please see career
>>>> page
>>>> > http://chrishull.com/career
>>>> > 333 Orchard Ave, Sunnyvale CA. 94085
>>>> > (415) 385 4865 <tel:%28415%29%20385%204865>
>>>> > chrishull42 at gmail.com <mailto:chrishull42 at gmail.com>
>>>> > http://chrishull.com
>>>> >
>>>> >
>>>> >
>>>> > On Wed, Mar 23, 2016 at 3:34 PM, Dan Sneddon <dsneddon at redhat.com
>>>> > <mailto:dsneddon at redhat.com>> wrote:
>>>> >
>>>> > On 03/23/2016 03:05 PM, Christopher Hull wrote:
>>>> > > Hi Keven / all;
>>>> > >
>>>> > > Re: Getting a Neutron Router to work. (set
>>>> external_network_bridge =
>>>> > > blank). Apologies if this got sent twice.
>>>> > >
>>>> > > Nope, not quite there yet re getting the damn router to work
>>>> > (week 3 on
>>>> > > this issue).
>>>> > >
>>>> > > The Liberty install instructions indeed say to set...
>>>> > > external_network_bridge =
>>>> > >
>>>> > > I'm so desperate that I thought the blank space after the =
>>>> might be
>>>> > > the issue. No. Then I noticed these instructions in
>>>> > l3_agent.ini itself.
>>>> > > -----
>>>> > > # When external_network_bridge is set, each L3 agent can be
>>>> > associated
>>>> > > # with no more than one external network. This value should be
>>>> set to
>>>> > > the UUID
>>>> > > # of that external network. To allow L3 agent support multiple
>>>> > external
>>>> > > # networks, both the external_network_bridge and
>>>> > > gateway_external_network_id
>>>> > > # must be left empty.
>>>> > > # gateway_external_network_id =
>>>> > > ----
>>>> > >
>>>> > > 1: Should gateway_external_network_id = be unoommented?
>>>> > > 2: Should I reupdate the database after these changes?
>>>> > > su -s /bin/sh -c "neutron-db-manage --config-file
>>>> > > /etc/neutron/neutron.conf \
>>>> > > --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade
>>>> > head" neutron
>>>> > >
>>>> > > 3: Should external_network_bridge in fact be set to the UUID of
>>>> the
>>>> > > public network?
>>>> > >
>>>> > > 4. All instances Ports work just fine on public and private
>>>> network.
>>>> > > WHAT is the difference between a Neutron router northbound port
>>>> > and an
>>>> > > instance port on the public net.
>>>> > >
>>>> > > Services restarted after config change (just removed space
>>>> after =
>>>> > > actually just in case sloppy Python coding was involved here).
>>>> In
>>>> > > fact, I rebooted the box just to be sure.
>>>> > >
>>>> > > Making my own instance based router is looking better and
>>>> better all
>>>> > > the time. If Neutron Routers really work, maybe UFO's exist
>>>> too.
>>>> > > :-) j/k
>>>> > >
>>>> > >
>>>> > > Seriously. Thank you for your help. Hope to help the
>>>> community
>>>> > > soon too myself. Trying to get my Gerrit account up and
>>>> running but
>>>> > > the OpenStack.org site won't allow me to sign the Contrib
>>>> agreement
>>>> > > with out getting a server error.
>>>> > >
>>>> > >
>>>> > > ==== Config Details ======
>>>> > > Issue Neutron Router Northbound Port won't Ping, is Down
>>>> > >
>>>> > > [root at maersk src]# ./pluto.py show -p /etc neutron
>>>> rootwrap.conf
>>>> > > ml2_conf.ini l3_agent.ini linuxbridge_agent.ini dhcp_agent.ini
>>>> > >
>>>> >
>>>> +-----------------------+------------------------------------+-------------------------------------------------+
>>>> > > | neutron: Section | Key |
>>>> > > Value |
>>>> > >
>>>> >
>>>> +-----------------------+------------------------------------+-------------------------------------------------+
>>>> > > | DEFAULT | verbose |
>>>> > > True |
>>>> > > | DEFAULT | nova_url |
>>>> > > http://controller:8774/v2 |
>>>> > > | DEFAULT | notify_nova_on_port_data_changes |
>>>> > > True |
>>>> > > | DEFAULT | notify_nova_on_port_status_changes |
>>>> > > True |
>>>> > > | DEFAULT | auth_strategy |
>>>> > > keystone |
>>>> > > | DEFAULT | rpc_backend |
>>>> > > rabbit |
>>>> > > | DEFAULT | allow_overlapping_ips |
>>>> > > True |
>>>> > > | DEFAULT | service_plugins |
>>>> > > router |
>>>> > > | DEFAULT | core_plugin |
>>>> > > ml2 |
>>>> > > | keystone_authtoken | password |
>>>> > > mk4968small23buggidntpass |
>>>> > > | keystone_authtoken | username |
>>>> > > neutron |
>>>> > > | keystone_authtoken | project_name |
>>>> > > service |
>>>> > > | keystone_authtoken | user_domain_id |
>>>> > > default |
>>>> > > | keystone_authtoken | project_domain_id |
>>>> > > default |
>>>> > > | keystone_authtoken | auth_plugin |
>>>> > > password |
>>>> > > | keystone_authtoken | auth_url |
>>>> > > http://controller:35357 |
>>>> > > | keystone_authtoken | auth_uri |
>>>> > > http://controller:5000 |
>>>> > > | database | connection |
>>>> > > mysql://neutron:sleestack191@controller/neutron |
>>>> > > | nova | password |
>>>> > > mk4968small23buggidntpass |
>>>> > > | nova | username |
>>>> > > nova |
>>>> > > | nova | project_name |
>>>> > > service |
>>>> > > | nova | region_name |
>>>> > > RegionOne |
>>>> > > | nova | user_domain_id |
>>>> > > default |
>>>> > > | nova | project_domain_id |
>>>> > > default |
>>>> > > | nova | auth_plugin |
>>>> > > password |
>>>> > > | nova | auth_url |
>>>> > > http://controller:35357 |
>>>> > > | oslo_concurrency | lock_path |
>>>> > > /var/lib/neutron/tmp |
>>>> > > | oslo_messaging_rabbit | rabbit_password |
>>>> > > open.g00dke232 |
>>>> > > | oslo_messaging_rabbit | rabbit_userid |
>>>> > > openstack |
>>>> > > | oslo_messaging_rabbit | rabbit_host |
>>>> > > controller |
>>>> > >
>>>> >
>>>> +-----------------------+------------------------------------+-------------------------------------------------+
>>>> > >
>>>> >
>>>> +-------------------+---------------------+--------------------------------------------------------------+
>>>> > > | rootwrap: Section | Key |
>>>> > > Value |
>>>> > >
>>>> >
>>>> +-------------------+---------------------+--------------------------------------------------------------+
>>>> > > | DEFAULT | filters_path |
>>>> > > /etc/cinder/rootwrap.d,/usr/share/cinder/rootwrap |
>>>> > > | DEFAULT | exec_dirs |
>>>> > > /sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin |
>>>> > > | DEFAULT | use_syslog |
>>>> > > False |
>>>> > > | DEFAULT | syslog_log_facility |
>>>> > > syslog |
>>>> > > | DEFAULT | syslog_log_level |
>>>> > > ERROR |
>>>> > >
>>>> >
>>>> +-------------------+---------------------+--------------------------------------------------------------+
>>>> > >
>>>> >
>>>> +-------------------+----------------------+--------------------------+
>>>> > > | ml2_conf: Section | Key | Value
>>>> > |
>>>> > >
>>>> >
>>>> +-------------------+----------------------+--------------------------+
>>>> > > | ml2 | extension_drivers | port_security
>>>> > |
>>>> > > | ml2 | mechanism_drivers |
>>>> > linuxbridge,l2population |
>>>> > > | ml2 | tenant_network_types | vxlan
>>>> > |
>>>> > > | ml2 | type_drivers | flat,vlan,vxlan
>>>> > |
>>>> > > | ml2_type_flat | flat_networks | public
>>>> > |
>>>> > > | ml2_type_vxlan | vni_ranges | 1:1000
>>>> > |
>>>> > > | securitygroup | enable_ipset | True
>>>> > |
>>>> > >
>>>> >
>>>> +-------------------+----------------------+--------------------------+
>>>> > >
>>>> >
>>>> +-------------------+--------------------------+-----------------------------------------------------+
>>>> > > | l3_agent: Section | Key |
>>>> > > Value |
>>>> > >
>>>> >
>>>> +-------------------+--------------------------+-----------------------------------------------------+
>>>> > > | DEFAULT | external_network_bridge
>>>> > > | |
>>>> > > | DEFAULT | verbose |
>>>> > > True |
>>>> > > | DEFAULT | interface_driver |
>>>> > > neutron.agent.linux.interface.BridgeInterfaceDriver |
>>>> > >
>>>> >
>>>> +-------------------+--------------------------+-----------------------------------------------------+
>>>> > >
>>>> >
>>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>>> > > | linuxbridge_agent: Section | Key |
>>>> > > Value |
>>>> > >
>>>> >
>>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>>> > > | linux_bridge | physical_interface_mappings |
>>>> > > public:enp3s0 |
>>>> > > | vxlan | l2_population |
>>>> > > True |
>>>> > > | vxlan | local_ip |
>>>> > > 172.22.10.99 |
>>>> > > | vxlan | enable_vxlan |
>>>> > > True |
>>>> > > | agent | prevent_arp_spoofing |
>>>> > > True |
>>>> > > | securitygroup | firewall_driver |
>>>> > > neutron.agent.linux.iptables_firewall.IptablesFirewallDriver |
>>>> > > | securitygroup | enable_security_group |
>>>> > > True |
>>>> > >
>>>> >
>>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>>> > >
>>>> >
>>>> +---------------------+--------------------------+-----------------------------------------------------+
>>>> > > | dhcp_agent: Section | Key |
>>>> > > Value |
>>>> > >
>>>> >
>>>> +---------------------+--------------------------+-----------------------------------------------------+
>>>> > > | DEFAULT | dnsmasq_config_file |
>>>> > > /etc/neutron/dnsmasq-neutron.conf |
>>>> > > | DEFAULT | verbose |
>>>> > > True |
>>>> > > | DEFAULT | enable_isolated_metadata |
>>>> > > True |
>>>> > > | DEFAULT | dhcp_driver |
>>>> > > neutron.agent.linux.dhcp.Dnsmasq |
>>>> > > | DEFAULT | interface_driver |
>>>> > > neutron.agent.linux.interface.BridgeInterfaceDriver |
>>>> > >
>>>> >
>>>> +---------------------+--------------------------+-----------------------------------------------------+
>>>> > >
>>>> > >
>>>> > >
>>>> > >
>>>> > >
>>>> > >
>>>> > >
>>>> > >
>>>> > >
>>>> > >
>>>> > > - Christopher T. Hull
>>>> > > I am presently seeking a new career opportunity Please see
>>>> > career page
>>>> > > http://chrishull.com/career
>>>> > > 333 Orchard Ave, Sunnyvale CA. 94085
>>>> > > (415) 385 4865 <tel:%28415%29%20385%204865>
>>>> > > chrishull42 at gmail.com <mailto:chrishull42 at gmail.com>
>>>> > <mailto:chrishull42 at gmail.com <mailto:chrishull42 at gmail.com>>
>>>> > > http://chrishull.com
>>>> > >
>>>> > >
>>>> > >
>>>> > > On Wed, Mar 23, 2016 at 8:50 AM, <chrishull42 at gmail.com
>>>> <mailto:chrishull42 at gmail.com>
>>>> > > <mailto:chrishull42 at gmail.com <mailto:chrishull42 at gmail.com>>>
>>>> wrote:
>>>> > >
>>>> > > Thanks. Will check that.
>>>> > > When I create an instance in the public or private nets
>>>> they ping.
>>>> > > Why do router ports behave differently than instance
>>>> ports? Only
>>>> > > the Northbound router port is down and won't ping. Will
>>>> check
>>>> > > settings ASAP thanks
>>>> > >
>>>> > > Chris.
>>>> > >
>>>> > > Sent from my iPhone
>>>> > >
>>>> > > On Mar 23, 2016, at 7:52 AM, Kevin Benton <kevin at benton.pub
>>>> > > <mailto:kevin at benton.pub <mailto:kevin at benton.pub>>> wrote:
>>>> > >
>>>> > >> Ok. The same settings should apply to Linux bridge.
>>>> > >>
>>>> > >> Make sure you have external_network_bridge defined in your
>>>> L3
>>>> > >> agent as an empty value.
>>>> > >>
>>>> > >> Then your external network should be created with the
>>>> provider
>>>> > >> type of 'flat' and the physical network corresponding to
>>>> the one
>>>> > >> you have defined in your bridge mappings in the L2 agent
>>>> that
>>>> > >> attaches to the bridge going to your external physical
>>>> network.
>>>> > >>
>>>> > >> On Mar 23, 2016 7:25 AM, <chrishull42 at gmail.com <mailto:
>>>> chrishull42 at gmail.com>
>>>> > >> <mailto:chrishull42 at gmail.com <mailto:
>>>> chrishull42 at gmail.com>>> wrote:
>>>> > >>
>>>> > >> Kevin;
>>>> > >> Thank you Very much. I'll check. I did a manual
>>>> Liberty
>>>> > >> install so I may have done something wrong. I am using
>>>> > >> LinuxBridge (not OpenVSwitch) if that helps. Will post
>>>> > >> results to list soon. Would like to be able to use
>>>> floating
>>>> > >> IPs, a more convenient form of ipTables basically.
>>>> > >>
>>>> > >> Chris.
>>>> > >>
>>>> > >> Sent from my iPhone
>>>> > >>
>>>> > >> On Mar 23, 2016, at 7:16 AM, Kevin Benton <
>>>> kevin at benton.pub
>>>> > >> <mailto:kevin at benton.pub <mailto:kevin at benton.pub>>>
>>>> wrote:
>>>> > >>
>>>> > >>> Do you have external_network_bridge set to an empty
>>>> value in
>>>> > >>> the l3 agent config? If not, the l3 agent will use a
>>>> legacy
>>>> > >>> mode of wiring up the port and it's status field may
>>>> not be
>>>> > >>> ACTIVE.
>>>> > >>>
>>>> > >>> The routers are tested thousands of times in the gate
>>>> every
>>>> > >>> day, so they work. It's just a matter of getting your
>>>> > >>> configuration correct.
>>>> > >>>
>>>> > >>> Yes, you can use a VM to route as well.
>>>> > >>>
>>>> > >>> On Mar 23, 2016 7:06 AM, <chrishull42 at gmail.com
>>>> <mailto:chrishull42 at gmail.com>
>>>> > >>> <mailto:chrishull42 at gmail.com <mailto:
>>>> chrishull42 at gmail.com>>> wrote:
>>>> > >>>
>>>> > >>> Hi all;
>>>> > >>> It appears that Liberty Neutron routers do not
>>>> work.
>>>> > >>> The Northbound port is always Down.
>>>> > >>>
>>>> > >>> What I'd like to do is dedicate an instance
>>>> (CentOS) to
>>>> > >>> routing between the Public net and other nets.
>>>> Has
>>>> > >>> anyone done this. Setting up the router is
>>>> trivial.
>>>> > >>> But I'm a little worried about interaction with
>>>> Neutron
>>>> > >>> Ports. I need to assign fixed IPs so I can route
>>>> from
>>>> > >>> the Internet to a server instance.
>>>> > >>>
>>>> > >>> Ideas?
>>>> > >>>
>>>> > >>> Thanks
>>>> > >>> - Chris.
>>>> > >>>
>>>> > >>> Sent from my iPhone
>>>> > >>> _______________________________________________
>>>> > >>> OpenStack-operators mailing list
>>>> > >>> OpenStack-operators at lists.openstack.org
>>>> > <mailto:OpenStack-operators at lists.openstack.org>
>>>> > >>> <mailto:OpenStack-operators at lists.openstack.org
>>>> > <mailto:OpenStack-operators at lists.openstack.org>>
>>>> > >>>
>>>> >
>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>>> > >>>
>>>> > >
>>>> > >
>>>> > >
>>>> > > _______________________________________________
>>>> > > OpenStack-operators mailing list
>>>> > > OpenStack-operators at lists.openstack.org
>>>> > <mailto:OpenStack-operators at lists.openstack.org>
>>>> > >
>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>>> > >
>>>> >
>>>> > Definitely the external_network_bridge needs to be explicitly set
>>>> to
>>>> > nothing. That's not the default. I've never had to change the
>>>> default
>>>> > gateway_external_network_id when I set external_network_bridge to
>>>> a
>>>> > blank value.
>>>> >
>>>> > Note that after making changes to external_network_bridge, I've
>>>> have to
>>>> > delete and recreate the router/port/network that was created
>>>> before
>>>> > that change.
>>>> >
>>>> > I assume that your bridge mappings are correct in
>>>> > /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini:
>>>> >
>>>> > bridge_mappings =datacentre:br-ex # or whatever you have locally
>>>> >
>>>> > And that the physical_network of the external network matches the
>>>> > network name in the bridge_mappings that corresponds to the bridge
>>>> > containing the physical interface? Probably your instance ports
>>>> > wouldn't work if those things weren't correct, but those are also
>>>> areas
>>>> > where I see failures similar to this.
>>>> >
>>>> > --
>>>> > Dan Sneddon | Principal OpenStack Engineer
>>>> > dsneddon at redhat.com <mailto:dsneddon at redhat.com> |
>>>> > redhat.com/openstack <http://redhat.com/openstack>
>>>> > 650.254.4025 <tel:650.254.4025> | dsneddon:irc
>>>> @dxs:twitter
>>>> >
>>>> >
>>>> >
>>>> >
>>>> > _______________________________________________
>>>> > OpenStack-operators mailing list
>>>> > OpenStack-operators at lists.openstack.org
>>>> >
>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>>> >
>>>>
>>>> I didn't mean to confuse you by assuming that you were running Open
>>>> vSwitch. You don't have to run Open vSwitch, and some things do work
>>>> differently when using Linux bridge.
>>>>
>>>> If your IP address is no longer on enp3s0, then that might be an
>>>> indicator that you have a bridge subsuming enp3s0. In that case, I'm
>>>> pretty sure that the physical_interface_mapping should be
>>>> public:<bridge>. I spend a lot more time with OVS deployments, though.
>>>>
>>>> --
>>>> Dan Sneddon | Principal OpenStack Engineer
>>>> dsneddon at redhat.com | redhat.com/openstack
>>>> 650.254.4025 | dsneddon:irc @dxs:twitter
>>>>
>>>> _______________________________________________
>>>> OpenStack-operators mailing list
>>>> OpenStack-operators at lists.openstack.org
>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>>>
>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20160324/575c5e9c/attachment-0001.html>
More information about the OpenStack-operators
mailing list