[Openstack-operators] Manual router setup
Christopher Hull
chrishull42 at gmail.com
Fri Mar 25 16:28:21 UTC 2016
Hello all;
(see previous e mail for latest on this router issue if you like).
"Posting the L3 agent/L2 agent log on pastebin/gist if you still have
issues could be helpful."
Indeed L3 agent errored. (not seeing an L2-agent log).
What is " pastebin/gist" and now to I post my logs to it?
It appears that when I execute
neutron router-gateway-clear <routerid>
neutron router-gateway-set <routerid> public
I get... (when presumably it tries to add the Port to the Public net
bridge).
2016-03-25 12:25:44.972 1734 ERROR neutron.agent.l3.agent Stderr: Cannot
create namespace file
"/var/run/netns/qrouter-a1be1dbd-1a94-4a8c-8093-45a7af89140c": File exists
a1be1dbd-1a94-4a8c-8093-45a7af89140c??? Not seeing this UUID anywhere.
-Chris
- Christopher T. Hull
I am presently seeking a new career opportunity Please see career page
http://chrishull.com/career
333 Orchard Ave, Sunnyvale CA. 94085
(415) 385 4865
chrishull42 at gmail.com
http://chrishull.com
On Fri, Mar 25, 2016 at 8:59 AM, Christopher Hull <chrishull42 at gmail.com>
wrote:
> Hi James;
>
> This is incredibly useful! Thanks a lot for your help. I did try to
> reattach Public to Router, same result. Now looking at the logs (duh) .
> See answers inline... Maybe you can tell what's going on. See l3-agent
> log at the end.
>
>
>
>
>
>
> *Hi Chris,*I saw that too from the previous email, and I guess it’s
> possible the IP was moved
> to the bridge automatically. I just haven’t observed that behavior in this
> case since
> we don’t IP those interfaces.
>
> Given that the IP has been moved to the bridge, double check that you are
> able to ping
> the gateway of the 172.22.10.x/24 network from the host (if a gateway
> exists). That
> appeared to be 172.22.10.254 from previous emails. That will verify that
> connectivity
> from the bridge through enp0s3 is good.
>
>
>
>
> *[sleestack at maersk ~]$ ping 172.22.10.254PING 172.22.10.254
> (172.22.10.254) 56(84) bytes of data.64 bytes from 172.22.10.254
> <http://172.22.10.254>: icmp_seq=1 ttl=255 time=1.09 ms...*
>
>
> The current bridges correspond to the public and private networks you
> setup:
>
> [root at maersk src]# brctl show
> bridge name bridge id STP enabled interfaces
> brq573956a6-13 8000.72650bf7669c no tap74c0d2df-39 <-
> qr-* (inside) router port
> ^^^ PRIVATE tapbb0ceef0-e6
> vxlan-92
> brq9ee73442-5a 8000.4a157ef499cf no enp3s0
> ^^^ PUBLIC tap788bdea8-02
> tapb8f78b33-19
> tapbc53b8c7-6a
> tapd669011b-bf
> virbr0 8000.5254003394b3 yes virbr0-nic
> ^^^ Ignore this one
>
> Your router ports are:
>
> [root at maersk src]# neutron router-port-list router
>
> +--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
> | id | name | mac_address |
> fixed_ips
> |
>
> +--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
> | 21c8decf-e4c8-4467-9266-ca5cfb9c7c20 | | fa:16:3e:d6:29:b4 |
> {"subnet_id": "28683bfe-2410-4f9b-b805-ec3c7aee009a", "ip_address":
> "172.22.10.10"} |
> | 74c0d2df-3944-43d7-8be9-2ef0d9242edc | | fa:16:3e:7b:d6:0f |
> {"subnet_id": "83f4f5e5-13b6-41f2-af07-b96d86847e2b", "ip_address":
> "192.168.10.1"} |
>
> +--------------------------------------+------+-------------------+——————————————————————————————————————————+
>
> The private port begins with 74c0d2df-39 while the public port begins with
> 21c8decf-e4. T
> he private port should be in the private bridge, which it is. The public
> port should be
> in the public bridge, and it is not. Normally, that port would be added by
> Neutron, so
> the fact that its missing is an issue.
>
> If you can, please send the output of the following command, where
> <routerid> equals the
> actual router ID:
>
> Ip netns exec qrouter-<routerid> ip addr
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> *[root at maersk src]# ip netns exec
> qrouter-a1be1dbd-1a94-4a8c-8093-45a7af89140c ip addr 1: lo:
> <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8
> <http://127.0.0.1/8> scope host lo valid_lft forever preferred_lft
> forever inet6 ::1/128 scope host valid_lft forever preferred_lft
> forever2: qr-74c0d2df-39 at if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500
> qdisc pfifo_fast state UP qlen 1000 link/ether fa:16:3e:7b:d6:0f brd
> ff:ff:ff:ff:ff:ff link-netnsid 0 inet 192.168.10.1/24
> <http://192.168.10.1/24> brd 192.168.10.255 scope global
> qr-74c0d2df-39 valid_lft forever preferred_lft forever inet6
> fe80::f816:3eff:fe7b:d60f/64 scope link valid_lft forever
> preferred_lft forever *
>
> You can also try to perform the following:
>
> neutron router-gateway-clear <routerid>
> neutron router-gateway-set <routerid> public
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> *Great Idea!....Tried. No change. Great way to diagnoze thngs though.
> Thnnks.[root at maersk src]# brctl showbridge name bridge id STP
> enabled interfacesbrq573956a6-13 8000.72650bf7669c no
> tap74c0d2df-39 tapbb0ceef0-e6
> vxlan-92brq9ee73442-5a 8000.4a157ef499cf no
> enp3s0 tap788bdea8-02
> tapb8f78b33-19 tapbc53b8c7-6a
> tapd669011b-bfvirbr0 8000.5254003394b3 yes
> virbr0-nic[root at maersk src]# neutron router-port-list
> router+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+|
> id | name | mac_address |
> fixed_ips
> |+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+|
> 32c71a70-7b97-49d2-a2c1-fa3aee864783 | | fa:16:3e:12:53:b6 |
> {"subnet_id": "28683bfe-2410-4f9b-b805-ec3c7aee009a", "ip_address":
> "172.22.10.16"} || 74c0d2df-3944-43d7-8be9-2ef0d9242edc | |
> fa:16:3e:7b:d6:0f | {"subnet_id": "83f4f5e5-13b6-41f2-af07-b96d86847e2b",
> "ip_address": "192.168.10.1"}
> |+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+[root at maersk
> src]# ping 172.22.10.16PING 172.22.10.16 (172.22.10.16) 56(84) bytes of
> data.^C--- 172.22.10.16 ping statistics ---3 packets transmitted, 0
> received, 100% packet loss, time 1999ms*
> That may be enough to trigger recreating the interface and connecting it
> to the bridge.
> Posting the L3 agent/L2 agent log on pastebin/gist if you still have
> issues could be helpful.
>
> James
>
>
>
>
> *==========Ohhhh........ I wonder what this is? Doesn't match port?
> What is qrouter-a1be1dbd-1a94-4a8c-8093-45a7af89140c? hmmm*
>
> *Tempted to just delete this file, try again and see what happens.*
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> *2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.router_info
> RuntimeError: 2016-03-25 11:50:24.903 1734 ERROR
> neutron.agent.l3.router_info Command: ['ip', 'netns', 'add',
> u'qrouter-a1be1dbd-1a94-4a8c-8093-45a7af89140c']2016-03-25 11:50:24.903
> 1734 ERROR neutron.agent.l3.router_info Exit code: 12016-03-25 11:50:24.903
> 1734 ERROR neutron.agent.l3.router_info Stdin: 2016-03-25 11:50:24.903 1734
> ERROR neutron.agent.l3.router_info Stdout: 2016-03-25 11:50:24.903 1734
> ERROR neutron.agent.l3.router_info Stderr: Cannot create namespace file
> "/var/run/netns/qrouter-a1be1dbd-1a94-4a8c-8093-45a7af89140c": File
> exists2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.router_info
> 2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.router_info 2016-03-25
> 11:50:24.903 1734 ERROR neutron.agent.l3.agent [-] Failed to process
> compatible router 'a1be1dbd-1a94-4a8c-8093-45a7af89140c'2016-03-25
> 11:50:24.903 1734 ERROR neutron.agent.l3.agent Traceback (most recent call
> last):2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.agent
> RuntimeError: 2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.agent
> Command: ['ip', 'netns', 'add',
> u'qrouter-a1be1dbd-1a94-4a8c-8093-45a7af89140c']2016-03-25 11:50:24.903
> 1734 ERROR neutron.agent.l3.agent Exit code: 12016-03-25 11:50:24.903 1734
> ERROR neutron.agent.l3.agent Stdin: 2016-03-25 11:50:24.903 1734 ERROR
> neutron.agent.l3.agent Stdout: 2016-03-25 11:50:24.903 1734 ERROR
> neutron.agent.l3.agent Stderr: Cannot create namespace file
> "/var/run/netns/qrouter-a1be1dbd-1a94-4a8c-8093-45a7af89140c": File
> exists2016-03-25 11:50:24.903 1734 ERROR neutron.agent.l3.agent 2016-03-25
> 11:50:24.903 1734 ERROR neutron.agent.l3.agent *
>
>
>
> - Christopher T. Hull
> I am presently seeking a new career opportunity Please see career page
> http://chrishull.com/career
> 333 Orchard Ave, Sunnyvale CA. 94085
> (415) 385 4865
> chrishull42 at gmail.com
> http://chrishull.com
>
>
>
> On Thu, Mar 24, 2016 at 1:12 PM, James Denton <james.denton at rackspace.com>
> wrote:
>
>> Hi Chris,
>>
>> I saw that too from the previous email, and I guess it’s possible the IP
>> was moved to the bridge automatically. I just haven’t observed that
>> behavior in this case since we don’t IP those interfaces.
>>
>> Given that the IP has been moved to the bridge, double check that you are
>> able to ping the gateway of the 172.22.10.x/24 network from the host (if a
>> gateway exists). That appeared to be 172.22.10.254 from previous emails.
>> That will verify that connectivity from the bridge through enp0s3 is good.
>>
>> The current bridges correspond to the public and private networks you
>> setup:
>>
>> [root at maersk src]# brctl show
>> bridge name bridge id STP enabled interfaces
>> brq573956a6-13 8000.72650bf7669c no tap74c0d2df-39 <-
>> qr-* (inside) router port
>> ^^^ PRIVATE tapbb0ceef0-e6
>> vxlan-92
>> brq9ee73442-5a 8000.4a157ef499cf no enp3s0
>> ^^^ PUBLIC tap788bdea8-02
>> tapb8f78b33-19
>> tapbc53b8c7-6a
>> tapd669011b-bf
>> virbr0 8000.5254003394b3 yes virbr0-nic
>> ^^^ Ignore this one
>>
>> Your router ports are:
>>
>> [root at maersk src]# neutron router-port-list router
>>
>> +--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
>> | id | name | mac_address |
>> fixed_ips
>> |
>>
>> +--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
>> | 21c8decf-e4c8-4467-9266-ca5cfb9c7c20 | | fa:16:3e:d6:29:b4 |
>> {"subnet_id": "28683bfe-2410-4f9b-b805-ec3c7aee009a", "ip_address":
>> "172.22.10.10"} |
>> | 74c0d2df-3944-43d7-8be9-2ef0d9242edc | | fa:16:3e:7b:d6:0f |
>> {"subnet_id": "83f4f5e5-13b6-41f2-af07-b96d86847e2b", "ip_address":
>> "192.168.10.1"} |
>>
>> +--------------------------------------+------+-------------------+——————————————————————————————————————————+
>>
>> The private port begins with 74c0d2df-39 while the public port begins
>> with 21c8decf-e4. The private port should be in the private bridge,
>> which it is. The public port should be in the public bridge, and it is
>> *not*. Normally, that port would be added by Neutron, so the fact that
>> its missing is an issue.
>>
>> If you can, please send the output of the following command, where
>> <routerid> equals the actual router ID:
>>
>> Ip netns exec qrouter-<routerid> ip addr
>>
>> You can also try to perform the following:
>>
>> neutron router-gateway-clear <routerid>
>> neutron router-gateway-set <routerid> public
>>
>> That may be enough to trigger recreating the interface and connecting it
>> to the bridge. Posting the L3 agent/L2 agent log on pastebin/gist if you
>> still have issues could be helpful.
>>
>> James
>>
>>
>> From: Christopher Hull <chrishull42 at gmail.com>
>> Date: Thursday, March 24, 2016 at 2:05 PM
>> To: James Denton <james.denton at rackspace.com>, Christopher Hull <
>> chrishull42 at gmail.com>
>> Cc: Dan Sneddon <dsneddon at redhat.com>, openstack-operators <
>> openstack-operators at lists.openstack.org>
>> Subject: Re: [Openstack-operators] Manual router setup
>>
>> Hmmm. Curiously enough, I now see this. This was not the case prior
>> to the creation of the nets and subnets in OpenStack. OpenStack somehow
>> did this.
>>
>> brq9ee73442-5a: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>> ---->>>>>> inet 172.22.10.99 <<<<<-------
>> netmask 255.255.255.0 broadcast 172.22.10.255
>> inet6 2602:306:31fd:1020:4815:7eff:fef4:99cf prefixlen 64
>> scopeid 0x0<global>
>> inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95 prefixlen 64
>> scopeid 0x0<global>
>> inet6 fe80::70b5:65ff:fea6:c5d9 prefixlen 64 scopeid 0x20<link>
>> ether 4a:15:7e:f4:99:cf txqueuelen 0 (Ethernet)
>> RX packets 188163 bytes 10141407 (9.6 MiB)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 14734 bytes 27696525 (26.4 MiB)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>> enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>> Used to be here.
>> inet6 fe80::ae9e:17ff:feec:5d95 prefixlen 64 scopeid 0x20<link>
>> ether ac:9e:17:ec:5d:95 txqueuelen 1000 (Ethernet)
>> RX packets 947280 bytes 1081759456 (1.0 GiB)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 504788 bytes 63547204 (60.6 MiB)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>> So perhaps I need to change the setting in...
>>
>> | linuxbridge_agent
>> | linux_bridge | physical_interface_mappings |
>> public:enp3s0
>>
>> to public:brq9ee73442-5a ?
>>
>> -Chris
>>
>>
>>
>>
>> - Christopher T. Hull
>> I am presently seeking a new career opportunity Please see career page
>> http://chrishull.com/career
>> 333 Orchard Ave, Sunnyvale CA. 94085
>> (415) 385 4865
>> chrishull42 at gmail.com
>> http://chrishull.com
>>
>>
>>
>> On Thu, Mar 24, 2016 at 11:58 AM, Christopher Hull <chrishull42 at gmail.com
>> > wrote:
>>
>>> Hi James;
>>>
>>> As further proof that I'm just learning this stuff. :-) Been a dev
>>> for decades, but this industry is vast. Would like to gather an end to
>>> end understanding of how LinuxBridge, etc works sometime. Meanwhile, here
>>> is the current state of my system as per your input.
>>>
>>> ... This looks bad. I'm assuming "enabled = no" isn't right. :-)
>>> Have not yet moved static IP to br-?? from ephXXX (traditionally known as
>>> eth0) yet.
>>>
>>> Please let me know what you see. Thanks! :-)
>>>
>>> [root at maersk src]# brctl show
>>> bridge name bridge id STP enabled interfaces
>>> brq573956a6-13 8000.72650bf7669c no tap74c0d2df-39
>>> tapbb0ceef0-e6
>>> vxlan-92
>>> brq9ee73442-5a 8000.4a157ef499cf no enp3s0
>>> tap788bdea8-02
>>> tapb8f78b33-19
>>> tapbc53b8c7-6a
>>> tapd669011b-bf
>>> virbr0 8000.5254003394b3 yes virbr0-nic
>>>
>>>
>>>
>>> [root at maersk src]# ./pluto.py list -p /etc
>>> List of all Openstack conf files found under: /etc
>>>
>>> +----------------------------+-----------------------------------------------------+
>>> | Name | Full
>>> Path |
>>>
>>> +----------------------------+-----------------------------------------------------+
>>> | glance-registry.conf |
>>> /etc/glance/glance-registry.conf |
>>> | dnsmasq-neutron.conf |
>>> /etc/neutron/dnsmasq-neutron.conf |
>>> | ml2_conf_ofa.ini |
>>> /etc/neutron/plugins/ml2/ml2_conf_ofa.ini |
>>> | glance-cache.conf |
>>> /etc/glance/glance-cache.conf |
>>> | ml2_conf_fslsdn.ini |
>>> /etc/neutron/plugins/ml2/ml2_conf_fslsdn.ini |
>>> | restproxy.ini |
>>> /etc/neutron/plugins/ml2/restproxy.ini |
>>> | dhcp_agent.ini |
>>> /etc/neutron/dhcp_agent.ini |
>>> | neutron.conf |
>>> /etc/neutron/neutron.conf |
>>> | keystone.conf |
>>> /etc/keystone/keystone.conf |
>>> | sriov_agent.ini |
>>> /etc/neutron/plugins/ml2/sriov_agent.ini |
>>> | logging.conf |
>>> /etc/keystone/logging.conf |
>>> | glance-api.conf |
>>> /etc/glance/glance-api.conf |
>>> | cinder.conf |
>>> /etc/cinder/cinder.conf |
>>> | metadata_agent.ini |
>>> /etc/neutron/metadata_agent.ini |
>>> | glance-scrubber.conf |
>>> /etc/glance/glance-scrubber.conf |
>>> | api-paste.ini |
>>> /etc/cinder/api-paste.ini |
>>> | linuxbridge_agent.ini |
>>> /etc/neutron/plugins/ml2/linuxbridge_agent.ini |
>>> | rootwrap.conf |
>>> /etc/cinder/rootwrap.conf |
>>> | ml2_conf_sriov.ini |
>>> /etc/neutron/plugins/ml2/ml2_conf_sriov.ini |
>>> | l3_agent.ini |
>>> /etc/neutron/l3_agent.ini |
>>> | ml2_conf.ini |
>>> /etc/neutron/plugins/ml2/ml2_conf.ini |
>>> | nova.conf |
>>> /etc/nova/nova.conf |
>>> | plugin.ini |
>>> /etc/neutron/plugin.ini |
>>> | ml2_conf_brocade_fi_ni.ini |
>>> /etc/neutron/plugins/ml2/ml2_conf_brocade_fi_ni.ini |
>>> | ml2_conf_brocade.ini |
>>> /etc/neutron/plugins/ml2/ml2_conf_brocade.ini |
>>>
>>> +----------------------------+-----------------------------------------------------+
>>> [root at maersk src]# ./pluto.py show -p /etc linuxbridge_agent.ini
>>> ml2_conf.ini ml2_conf_sriov.ini
>>>
>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>> | linuxbridge_agent: Section | Key |
>>> Value |
>>>
>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>> | linux_bridge | physical_interface_mappings |
>>> public:enp3s0 |
>>> | vxlan | l2_population |
>>> True |
>>> | vxlan | local_ip |
>>> 172.22.10.99 |
>>> | vxlan | enable_vxlan |
>>> True |
>>> | agent | prevent_arp_spoofing |
>>> True |
>>> | securitygroup | firewall_driver |
>>> neutron.agent.linux.iptables_firewall.IptablesFirewallDriver |
>>> | securitygroup | enable_security_group |
>>> True |
>>>
>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>> +-------------------+----------------------+--------------------------+
>>> | ml2_conf: Section | Key | Value |
>>> +-------------------+----------------------+--------------------------+
>>> | ml2 | extension_drivers | port_security |
>>> | ml2 | mechanism_drivers | linuxbridge,l2population |
>>> | ml2 | tenant_network_types | vxlan |
>>> | ml2 | type_drivers | flat,vlan,vxlan |
>>> | ml2_type_flat | flat_networks | public |
>>>
>>> | ml2_type_vxlan | vni_ranges | 1:1000 |
>>> | securitygroup | enable_ipset | True |
>>> +-------------------+----------------------+--------------------------+
>>> +-------------------------+-----+-------+
>>> | ml2_conf_sriov: Section | Key | Value |
>>> +-------------------------+-----+-------+
>>> +-------------------------+-----+-------+
>>>
>>>
>>>
>>> [root at maersk src]# ip addr
>>> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
>>> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>>> inet 127.0.0.1/8 scope host lo
>>> valid_lft forever preferred_lft forever
>>> inet6 ::1/128 scope host
>>> valid_lft forever preferred_lft forever
>>> 2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
>>> master brq9ee73442-5a state UP qlen 1000
>>> link/ether ac:9e:17:ec:5d:95 brd ff:ff:ff:ff:ff:ff
>>> inet6 fe80::ae9e:17ff:feec:5d95/64 scope link
>>> valid_lft forever preferred_lft forever
>>> 3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
>>> state DOWN
>>> link/ether 52:54:00:33:94:b3 brd ff:ff:ff:ff:ff:ff
>>> inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
>>> valid_lft forever preferred_lft forever
>>> 4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master
>>> virbr0 state DOWN qlen 500
>>> link/ether 52:54:00:33:94:b3 brd ff:ff:ff:ff:ff:ff
>>> 6: tapbb0ceef0-e6 at if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc
>>> pfifo_fast master brq573956a6-13 state UP qlen 1000
>>> link/ether ea:16:29:c8:99:25 brd ff:ff:ff:ff:ff:ff link-netnsid 0
>>> inet6 fe80::e816:29ff:fec8:9925/64 scope link
>>> valid_lft forever preferred_lft forever
>>> 7: vxlan-92: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue
>>> master brq573956a6-13 state UNKNOWN
>>> link/ether da:88:38:4a:06:e1 brd ff:ff:ff:ff:ff:ff
>>> inet6 fe80::d888:38ff:fe4a:6e1/64 scope link
>>> valid_lft forever preferred_lft forever
>>> 8: brq573956a6-13: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc
>>> noqueue state UP
>>> link/ether 72:65:0b:f7:66:9c brd ff:ff:ff:ff:ff:ff
>>> inet6 fe80::6469:36ff:fecc:a4d8/64 scope link
>>> valid_lft forever preferred_lft forever
>>> 9: tap74c0d2df-39 at if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc
>>> pfifo_fast master brq573956a6-13 state UP qlen 1000
>>> link/ether 72:65:0b:f7:66:9c brd ff:ff:ff:ff:ff:ff link-netnsid 1
>>> inet6 fe80::7065:bff:fef7:669c/64 scope link
>>> valid_lft forever preferred_lft forever
>>> 10: brq9ee73442-5a: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
>>> noqueue state UP
>>> link/ether 4a:15:7e:f4:99:cf brd ff:ff:ff:ff:ff:ff
>>> inet 172.22.10.99/24 brd 172.22.10.255 scope global brq9ee73442-5a
>>> valid_lft forever preferred_lft forever
>>> inet6 2602:306:31fd:1020:4815:7eff:fef4:99cf/64 scope global
>>> mngtmpaddr dynamic
>>> valid_lft 2591681sec preferred_lft 604481sec
>>> inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95/64 scope global
>>> valid_lft 2536726sec preferred_lft 549526sec
>>> inet6 fe80::70b5:65ff:fea6:c5d9/64 scope link
>>> valid_lft forever preferred_lft forever
>>> 11: tapb8f78b33-19: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
>>> pfifo_fast master brq9ee73442-5a state UNKNOWN qlen 500
>>> link/ether fe:16:3e:bc:ab:07 brd ff:ff:ff:ff:ff:ff
>>> inet6 fe80::fc16:3eff:febc:ab07/64 scope link
>>> valid_lft forever preferred_lft forever
>>> 13: tap788bdea8-02: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
>>> pfifo_fast master brq9ee73442-5a state UNKNOWN qlen 500
>>> link/ether fe:16:3e:11:ae:9e brd ff:ff:ff:ff:ff:ff
>>> inet6 fe80::fc16:3eff:fe11:ae9e/64 scope link
>>> valid_lft forever preferred_lft forever
>>> 15: tapbc53b8c7-6a at if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500
>>> qdisc pfifo_fast master brq9ee73442-5a state UP qlen 1000
>>> link/ether 4a:15:7e:f4:99:cf brd ff:ff:ff:ff:ff:ff link-netnsid 2
>>> inet6 fe80::4815:7eff:fef4:99cf/64 scope link
>>> valid_lft forever preferred_lft forever
>>> 16: tapd669011b-bf: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
>>> pfifo_fast master brq9ee73442-5a state UNKNOWN qlen 500
>>> link/ether fe:16:3e:52:6d:b4 brd ff:ff:ff:ff:ff:ff
>>> inet6 fe80::fc16:3eff:fe52:6db4/64 scope link
>>> valid_lft forever preferred_lft forever
>>>
>>>
>>>
>>> - Christopher T. Hull
>>> I am presently seeking a new career opportunity Please see career page
>>> http://chrishull.com/career
>>> 333 Orchard Ave, Sunnyvale CA. 94085
>>> (415) 385 4865
>>> chrishull42 at gmail.com
>>> http://chrishull.com
>>>
>>>
>>>
>>> On Thu, Mar 24, 2016 at 10:21 AM, Christopher Hull <
>>> chrishull42 at gmail.com> wrote:
>>>
>>>> James;
>>>> Hey you know... I seem to remember zeroing out "eth0" IP 0.0.0.0 and
>>>> setting the static IP on br-ex under Kilo and everything worked. That was
>>>> using OVS. Perhaps I do the same, as you suggest, with LinuxBridge.
>>>> Wow. Thanks. Will try. And if this doesn't work I'll respond with the
>>>> diagnostic output you requested.
>>>>
>>>> Thanks to all of you;
>>>> -Chris
>>>>
>>>>
>>>> - Christopher T. Hull
>>>> I am presently seeking a new career opportunity Please see career page
>>>> http://chrishull.com/career
>>>> 333 Orchard Ave, Sunnyvale CA. 94085
>>>> (415) 385 4865
>>>> chrishull42 at gmail.com
>>>> http://chrishull.com
>>>>
>>>>
>>>>
>>>> On Wed, Mar 23, 2016 at 5:57 PM, James Denton <
>>>> james.denton at rackspace.com> wrote:
>>>>
>>>>> Hi Christopher,
>>>>>
>>>>> Routers work under Liberty and LinuxBridge just fine, in my
>>>>> experience, so don’t be too quick to give up on them. I promise you’ll have
>>>>> a tougher go at it, at this point, using another virtual machine as a
>>>>> router.
>>>>>
>>>>> Some tips:
>>>>>
>>>>>
>>>>> 1. Use the ‘ip’ command rather than ‘ifconfig’. Output of ‘ip
>>>>> addr’ would be more helpful here.
>>>>> 2. Use ‘brctl show’ to see the virtual bridges and their members.
>>>>> That output would be helpful here as well.
>>>>>
>>>>>
>>>>> You have an IP configured on interface enp3s0, and I can’t tell what
>>>>> you have set as the physical interface mappings in the ML2/LinuxBridge
>>>>> agent config. On older email I see this:
>>>>>
>>>>> >> physical_interface_mappings | public:enp3s0
>>>>>
>>>>> If that’s still the case, you’re going to have a hard time. The
>>>>> LinuxBridge agent expects to put the enp3s0 interface into the respective
>>>>> brq-* bridge that corresponds to the public (flat) network. Once the
>>>>> interface is in the bridge, you may lose connectivity to/from any address
>>>>> on that interface. At that point, your host will be unable to communicate
>>>>> with the router's gateway interface also in the bridge, and probably any
>>>>> external host. In this configuration, you may consider moving the IP from
>>>>> enp3s0 to the brq-* bridge temporarily. That should work. Give it a try and
>>>>> let me know.
>>>>>
>>>>> James
>>>>>
>>>>> From: Christopher Hull <chrishull42 at gmail.com>
>>>>> Date: Wednesday, March 23, 2016 at 7:21 PM
>>>>> To: Dan Sneddon <dsneddon at redhat.com>
>>>>> Cc: openstack-operators <openstack-operators at lists.openstack.org>
>>>>> Subject: Re: [Openstack-operators] Manual router setup
>>>>>
>>>>> Conclusion. Neutron routers under Liberty (Linux Bridge) don't
>>>>> work. Please prove me wrong..... Moving on to manual router creation.
>>>>> 1: How can I assign a fixed IP to an instance?
>>>>> 2: If I add routes will they get used? I probably have to create a
>>>>> Port for every route (as Floating IPs do ).
>>>>>
>>>>>
>>>>> ------ Session: Trying to create a working router for the 15th
>>>>> time. :-) ----
>>>>>
>>>>>
>>>>> [root at maersk src]# ifconfig
>>>>> enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>>>>> inet 172.22.10.99 netmask 255.255.255.0 broadcast
>>>>> 172.22.10.255
>>>>> inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95 prefixlen 64
>>>>> scopeid 0x0<global>
>>>>> inet6 fe80::ae9e:17ff:feec:5d95 prefixlen 64 scopeid
>>>>> 0x20<link>
>>>>> ether ac:9e:17:ec:5d:95 txqueuelen 1000 (Ethernet)
>>>>> RX packets 238 bytes 16020 (15.6 KiB)
>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>> TX packets 60 bytes 6650 (6.4 KiB)
>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>
>>>>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
>>>>> inet 127.0.0.1 netmask 255.0.0.0
>>>>> inet6 ::1 prefixlen 128 scopeid 0x10<host>
>>>>> loop txqueuelen 0 (Local Loopback)
>>>>> RX packets 4985 bytes 1060267 (1.0 MiB)
>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>> TX packets 4985 bytes 1060267 (1.0 MiB)
>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>
>>>>> virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
>>>>> inet 192.168.122.1 netmask 255.255.255.0 broadcast
>>>>> 192.168.122.255
>>>>> ether 52:54:00:33:94:b3 txqueuelen 0 (Ethernet)
>>>>> RX packets 0 bytes 0 (0.0 B)
>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>> TX packets 0 bytes 0 (0.0 B)
>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>
>>>>> [root at maersk src]# source admin-openrc.sh
>>>>> [root at maersk src]# clear
>>>>>
>>>>> [root at maersk src]# neutron net-create public --shared
>>>>> --provider:physical_network public \
>>>>> > --provider:network_type flat
>>>>> Created a new network:
>>>>> +---------------------------+--------------------------------------+
>>>>> | Field | Value |
>>>>> +---------------------------+--------------------------------------+
>>>>> | admin_state_up | True |
>>>>> | id | 9ee73442-5a86-48c0-84da-8f650937fd08 |
>>>>> | mtu | 0 |
>>>>> | name | public |
>>>>> | port_security_enabled | True |
>>>>> | provider:network_type | flat |
>>>>> | provider:physical_network | public |
>>>>> | provider:segmentation_id | |
>>>>> | router:external | False |
>>>>> | shared | True |
>>>>> | status | ACTIVE |
>>>>> | subnets | |
>>>>> | tenant_id | fdf3f98a9b0c4e9e94603d8a84ea41a8 |
>>>>> +---------------------------+--------------------------------------+
>>>>> [root at maersk src]# neutron subnet-create public 172.22.10.0/24 --name
>>>>> public \
>>>>> > --allocation-pool start=172.22.10.10,end=172.22.10.90 \
>>>>> > --dns-nameserver 172.22.10.254 --gateway 172.22.10.254
>>>>> --enable_dhcp False
>>>>> Created a new subnet:
>>>>>
>>>>> +-------------------+--------------------------------------------------+
>>>>> | Field | Value
>>>>> |
>>>>>
>>>>> +-------------------+--------------------------------------------------+
>>>>> | allocation_pools | {"start": "172.22.10.10", "end": "172.22.10.90"}
>>>>> |
>>>>> | cidr | 172.22.10.0/24
>>>>> |
>>>>> | dns_nameservers | 172.22.10.254
>>>>> |
>>>>> | enable_dhcp | False
>>>>> |
>>>>> | gateway_ip | 172.22.10.254
>>>>> |
>>>>> | host_routes |
>>>>> |
>>>>> | id | 28683bfe-2410-4f9b-b805-ec3c7aee009a
>>>>> |
>>>>> | ip_version | 4
>>>>> |
>>>>> | ipv6_address_mode |
>>>>> |
>>>>> | ipv6_ra_mode |
>>>>> |
>>>>> | name | public
>>>>> |
>>>>> | network_id | 9ee73442-5a86-48c0-84da-8f650937fd08
>>>>> |
>>>>> | subnetpool_id |
>>>>> |
>>>>> | tenant_id | fdf3f98a9b0c4e9e94603d8a84ea41a8
>>>>> |
>>>>>
>>>>> +-------------------+--------------------------------------------------+
>>>>> [root at maersk src]# ifconfig
>>>>> enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>>>>> inet 172.22.10.99 netmask 255.255.255.0 broadcast
>>>>> 172.22.10.255
>>>>> inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95 prefixlen 64
>>>>> scopeid 0x0<global>
>>>>> inet6 fe80::ae9e:17ff:feec:5d95 prefixlen 64 scopeid
>>>>> 0x20<link>
>>>>> ether ac:9e:17:ec:5d:95 txqueuelen 1000 (Ethernet)
>>>>> RX packets 5032 bytes 373870 (365.1 KiB)
>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>> TX packets 2602 bytes 3154215 (3.0 MiB)
>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>
>>>>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
>>>>> inet 127.0.0.1 netmask 255.0.0.0
>>>>> inet6 ::1 prefixlen 128 scopeid 0x10<host>
>>>>> loop txqueuelen 0 (Local Loopback)
>>>>> RX packets 46701 bytes 12008341 (11.4 MiB)
>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>> TX packets 46701 bytes 12008341 (11.4 MiB)
>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>
>>>>> virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
>>>>> inet 192.168.122.1 netmask 255.255.255.0 broadcast
>>>>> 192.168.122.255
>>>>> ether 52:54:00:33:94:b3 txqueuelen 0 (Ethernet)
>>>>> RX packets 0 bytes 0 (0.0 B)
>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>> TX packets 0 bytes 0 (0.0 B)
>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>
>>>>> [root at maersk src]# neutron net-list
>>>>>
>>>>> +--------------------------------------+--------+-----------------------------------------------------+
>>>>> | id | name |
>>>>> subnets |
>>>>>
>>>>> +--------------------------------------+--------+-----------------------------------------------------+
>>>>> | 9ee73442-5a86-48c0-84da-8f650937fd08 | public |
>>>>> 28683bfe-2410-4f9b-b805-ec3c7aee009a 172.22.10.0/24 |
>>>>>
>>>>> +--------------------------------------+--------+-----------------------------------------------------+
>>>>> [root at maersk src]# source demo-openrc.sh
>>>>> [root at maersk src]# neutron net-create private
>>>>> Created a new network:
>>>>> +-----------------------+--------------------------------------+
>>>>> | Field | Value |
>>>>> +-----------------------+--------------------------------------+
>>>>> | admin_state_up | True |
>>>>> | id | 573956a6-1378-4100-83c2-db5c3bf9a95c |
>>>>> | mtu | 0 |
>>>>> | name | private |
>>>>> | port_security_enabled | True |
>>>>> | router:external | False |
>>>>> | shared | False |
>>>>> | status | ACTIVE |
>>>>> | subnets | |
>>>>> | tenant_id | 7813be77b1de4196b1c6b77006afa21c |
>>>>> +-----------------------+--------------------------------------+
>>>>> [root at maersk src]# neutron subnet-create private 192.168.10.0/24 \
>>>>> > --name private --dns-nameserver 172.22.10.254 --gateway
>>>>> 192.168.10.1
>>>>> Created a new subnet:
>>>>>
>>>>> +-------------------+----------------------------------------------------+
>>>>> | Field |
>>>>> Value |
>>>>>
>>>>> +-------------------+----------------------------------------------------+
>>>>> | allocation_pools | {"start": "192.168.10.2", "end":
>>>>> "192.168.10.254"} |
>>>>> | cidr | 192.168.10.0/24
>>>>> |
>>>>> | dns_nameservers |
>>>>> 172.22.10.254 |
>>>>> | enable_dhcp |
>>>>> True |
>>>>> | gateway_ip |
>>>>> 192.168.10.1 |
>>>>> | host_routes
>>>>> | |
>>>>> | id |
>>>>> 83f4f5e5-13b6-41f2-af07-b96d86847e2b |
>>>>> | ip_version |
>>>>> 4 |
>>>>> | ipv6_address_mode
>>>>> | |
>>>>> | ipv6_ra_mode
>>>>> | |
>>>>> | name |
>>>>> private |
>>>>> | network_id |
>>>>> 573956a6-1378-4100-83c2-db5c3bf9a95c |
>>>>> | subnetpool_id
>>>>> | |
>>>>> | tenant_id |
>>>>> 7813be77b1de4196b1c6b77006afa21c |
>>>>>
>>>>> +-------------------+----------------------------------------------------+
>>>>> [root at maersk src]# ifconfig
>>>>> brq573956a6-13: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>>>>> inet6 fe80::6469:36ff:fecc:a4d8 prefixlen 64 scopeid
>>>>> 0x20<link>
>>>>> ether da:88:38:4a:06:e1 txqueuelen 0 (Ethernet)
>>>>> RX packets 4 bytes 264 (264.0 B)
>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>> TX packets 7 bytes 578 (578.0 B)
>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>
>>>>> enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>>>>> inet 172.22.10.99 netmask 255.255.255.0 broadcast
>>>>> 172.22.10.255
>>>>> inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95 prefixlen 64
>>>>> scopeid 0x0<global>
>>>>> inet6 fe80::ae9e:17ff:feec:5d95 prefixlen 64 scopeid
>>>>> 0x20<link>
>>>>> ether ac:9e:17:ec:5d:95 txqueuelen 1000 (Ethernet)
>>>>> RX packets 5310 bytes 393373 (384.1 KiB)
>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>> TX packets 2661 bytes 3165497 (3.0 MiB)
>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>
>>>>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
>>>>> inet 127.0.0.1 netmask 255.0.0.0
>>>>> inet6 ::1 prefixlen 128 scopeid 0x10<host>
>>>>> loop txqueuelen 0 (Local Loopback)
>>>>> RX packets 50779 bytes 13259383 (12.6 MiB)
>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>> TX packets 50779 bytes 13259383 (12.6 MiB)
>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>
>>>>> tapbb0ceef0-e6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>>>>> inet6 fe80::e816:29ff:fec8:9925 prefixlen 64 scopeid
>>>>> 0x20<link>
>>>>> ether ea:16:29:c8:99:25 txqueuelen 1000 (Ethernet)
>>>>> RX packets 7 bytes 578 (578.0 B)
>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>> TX packets 13 bytes 1066 (1.0 KiB)
>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>
>>>>> virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
>>>>> inet 192.168.122.1 netmask 255.255.255.0 broadcast
>>>>> 192.168.122.255
>>>>> ether 52:54:00:33:94:b3 txqueuelen 0 (Ethernet)
>>>>> RX packets 0 bytes 0 (0.0 B)
>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>> TX packets 0 bytes 0 (0.0 B)
>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>
>>>>> vxlan-92: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>>>>> inet6 fe80::d888:38ff:fe4a:6e1 prefixlen 64 scopeid
>>>>> 0x20<link>
>>>>> ether da:88:38:4a:06:e1 txqueuelen 0 (Ethernet)
>>>>> RX packets 0 bytes 0 (0.0 B)
>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>> TX packets 0 bytes 0 (0.0 B)
>>>>> TX errors 0 dropped 16 overruns 0 carrier 0 collisions 0
>>>>>
>>>>> [root at maersk src]# source admin-openrc.sh
>>>>> [root at maersk src]# neutron net-update public --router:external
>>>>> Updated network: public
>>>>> [root at maersk src]# source demo-openrc.sh
>>>>> [root at maersk src]# neutron router-create router
>>>>> Created a new router:
>>>>> +-----------------------+--------------------------------------+
>>>>> | Field | Value |
>>>>> +-----------------------+--------------------------------------+
>>>>> | admin_state_up | True |
>>>>> | external_gateway_info | |
>>>>> | id | ff6a61f5-f497-43a1-b245-64ec8e87b488 |
>>>>> | name | router |
>>>>> | routes | |
>>>>> | status | ACTIVE |
>>>>> | tenant_id | 7813be77b1de4196b1c6b77006afa21c |
>>>>> +-----------------------+--------------------------------------+
>>>>> [root at maersk src]# neutron router-interface-add router private
>>>>> Multiple router matches found for name 'router', use an ID to be more
>>>>> specific.
>>>>> [root at maersk src]# neutron router-list
>>>>>
>>>>> +--------------------------------------+--------+-----------------------+
>>>>> | id | name |
>>>>> external_gateway_info |
>>>>>
>>>>> +--------------------------------------+--------+-----------------------+
>>>>> | 5939b796-cae6-4d72-8d34-66e20afb95aa | router |
>>>>> null |
>>>>> | ff6a61f5-f497-43a1-b245-64ec8e87b488 | router |
>>>>> null |
>>>>>
>>>>> +--------------------------------------+--------+-----------------------+
>>>>> [root at maersk src]# neutron router-delete
>>>>> 5939b796-cae6-4d72-8d34-66e20afb95aa
>>>>> Deleted router: 5939b796-cae6-4d72-8d34-66e20afb95aa
>>>>> [root at maersk src]# neutron router-delete
>>>>> ff6a61f5-f497-43a1-b245-64ec8e87b488
>>>>> Deleted router: ff6a61f5-f497-43a1-b245-64ec8e87b488
>>>>> [root at maersk src]# neutron router-create router
>>>>> Created a new router:
>>>>> +-----------------------+--------------------------------------+
>>>>> | Field | Value |
>>>>> +-----------------------+--------------------------------------+
>>>>> | admin_state_up | True |
>>>>> | external_gateway_info | |
>>>>> | id | a1be1dbd-1a94-4a8c-8093-45a7af89140c |
>>>>> | name | router |
>>>>> | routes | |
>>>>> | status | ACTIVE |
>>>>> | tenant_id | 7813be77b1de4196b1c6b77006afa21c |
>>>>> +-----------------------+--------------------------------------+
>>>>> [root at maersk src]# neutron router-interface-add router private
>>>>> Added interface 74c0d2df-3944-43d7-8be9-2ef0d9242edc to router router.
>>>>> [root at maersk src]# neutron router-gateway-set router public
>>>>> Set gateway for router router
>>>>> [root at maersk src]# source admin-openrc.sh
>>>>> [root at maersk src]# ip netns
>>>>> qrouter-a1be1dbd-1a94-4a8c-8093-45a7af89140c (id: 1)
>>>>> qdhcp-573956a6-1378-4100-83c2-db5c3bf9a95c (id: 0)
>>>>> [root at maersk src]# neutron router-port-list router
>>>>>
>>>>> +--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
>>>>> | id | name | mac_address |
>>>>> fixed_ips
>>>>> |
>>>>>
>>>>> +--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
>>>>> | 21c8decf-e4c8-4467-9266-ca5cfb9c7c20 | | fa:16:3e:d6:29:b4 |
>>>>> {"subnet_id": "28683bfe-2410-4f9b-b805-ec3c7aee009a", "ip_address":
>>>>> "172.22.10.10"} |
>>>>> | 74c0d2df-3944-43d7-8be9-2ef0d9242edc | | fa:16:3e:7b:d6:0f |
>>>>> {"subnet_id": "83f4f5e5-13b6-41f2-af07-b96d86847e2b", "ip_address":
>>>>> "192.168.10.1"} |
>>>>>
>>>>> +--------------------------------------+------+-------------------+-------------------------------------------------------------------------------------+
>>>>> [root at maersk src]# ping 172.22.10.10
>>>>> PING 172.22.10.10 (172.22.10.10) 56(84) bytes of data.
>>>>> From 172.22.10.99 icmp_seq=1 Destination Host Unreachable
>>>>> From 172.22.10.99 icmp_seq=2 Destination Host Unreachable
>>>>> From 172.22.10.99 icmp_seq=3 Destination Host Unreachable
>>>>> From 172.22.10.99 icmp_seq=4 Destination Host Unreachable
>>>>> From 172.22.10.99 icmp_seq=5 Destination Host Unreachable
>>>>> From 172.22.10.99 icmp_seq=6 Destination Host Unreachable
>>>>> From 172.22.10.99 icmp_seq=7 Destination Host Unreachable
>>>>> From 172.22.10.99 icmp_seq=8 Destination Host Unreachable
>>>>> ^C
>>>>> --- 172.22.10.10 ping statistics ---
>>>>> 8 packets transmitted, 0 received, +8 errors, 100% packet loss, time
>>>>> 7000ms
>>>>> pipe 4
>>>>> [root at maersk src]# ifconfig
>>>>> brq573956a6-13: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>>>>> inet6 fe80::6469:36ff:fecc:a4d8 prefixlen 64 scopeid
>>>>> 0x20<link>
>>>>> ether 72:65:0b:f7:66:9c txqueuelen 0 (Ethernet)
>>>>> RX packets 6 bytes 348 (348.0 B)
>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>> TX packets 8 bytes 648 (648.0 B)
>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>
>>>>> enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>>>>> inet 172.22.10.99 netmask 255.255.255.0 broadcast
>>>>> 172.22.10.255
>>>>> inet6 2602:306:31fd:1020:ae9e:17ff:feec:5d95 prefixlen 64
>>>>> scopeid 0x0<global>
>>>>> inet6 fe80::ae9e:17ff:feec:5d95 prefixlen 64 scopeid
>>>>> 0x20<link>
>>>>> ether ac:9e:17:ec:5d:95 txqueuelen 1000 (Ethernet)
>>>>> RX packets 6360 bytes 464736 (453.8 KiB)
>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>> TX packets 2867 bytes 3196849 (3.0 MiB)
>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>
>>>>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
>>>>> inet 127.0.0.1 netmask 255.0.0.0
>>>>> inet6 ::1 prefixlen 128 scopeid 0x10<host>
>>>>> loop txqueuelen 0 (Local Loopback)
>>>>> RX packets 65582 bytes 17827940 (17.0 MiB)
>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>> TX packets 65582 bytes 17827940 (17.0 MiB)
>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>
>>>>> tap74c0d2df-39: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>>>>> inet6 fe80::7065:bff:fef7:669c prefixlen 64 scopeid
>>>>> 0x20<link>
>>>>> ether 72:65:0b:f7:66:9c txqueuelen 1000 (Ethernet)
>>>>> RX packets 10 bytes 864 (864.0 B)
>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>> TX packets 8 bytes 648 (648.0 B)
>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>
>>>>> tapbb0ceef0-e6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>>>>> inet6 fe80::e816:29ff:fec8:9925 prefixlen 64 scopeid
>>>>> 0x20<link>
>>>>> ether ea:16:29:c8:99:25 txqueuelen 1000 (Ethernet)
>>>>> RX packets 8 bytes 648 (648.0 B)
>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>> TX packets 16 bytes 1248 (1.2 KiB)
>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>
>>>>> virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
>>>>> inet 192.168.122.1 netmask 255.255.255.0 broadcast
>>>>> 192.168.122.255
>>>>> ether 52:54:00:33:94:b3 txqueuelen 0 (Ethernet)
>>>>> RX packets 0 bytes 0 (0.0 B)
>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>> TX packets 0 bytes 0 (0.0 B)
>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>
>>>>> vxlan-92: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
>>>>> inet6 fe80::d888:38ff:fe4a:6e1 prefixlen 64 scopeid
>>>>> 0x20<link>
>>>>> ether da:88:38:4a:06:e1 txqueuelen 0 (Ethernet)
>>>>> RX packets 0 bytes 0 (0.0 B)
>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>> TX packets 0 bytes 0 (0.0 B)
>>>>> TX errors 0 dropped 19 overruns 0 carrier 0 collisions 0
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> - Christopher T. Hull
>>>>> I am presently seeking a new career opportunity Please see career page
>>>>> http://chrishull.com/career
>>>>> 333 Orchard Ave, Sunnyvale CA. 94085
>>>>> (415) 385 4865
>>>>> chrishull42 at gmail.com
>>>>> http://chrishull.com
>>>>>
>>>>>
>>>>>
>>>>> On Wed, Mar 23, 2016 at 4:34 PM, Dan Sneddon <dsneddon at redhat.com>
>>>>> wrote:
>>>>>
>>>>>> On 03/23/2016 04:06 PM, Christopher Hull wrote:
>>>>>> > Hmmm. Well I'm not using OpenVSwitch. Just LinuxBridge. My
>>>>>> CentOS
>>>>>> > 7 install sees emp3s0 where eth0 would usually appear. But this
>>>>>> may
>>>>>> > need to be changed to br-ex? The IP address no longer apperas at
>>>>>> > enp3s0, so perhaps that's the issue.
>>>>>> >
>>>>>> > When I make changes, I tear down all the networks and rebuild them
>>>>>> > according to instructions. I do this after restarting the
>>>>>> machine. I
>>>>>> > wonder if the database needs to be updated as well.
>>>>>> >
>>>>>> > su -s /bin/sh -c "neutron-db-manage --config-file
>>>>>> > /etc/neutron/neutron.conf \
>>>>>> > --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head"
>>>>>> neutron
>>>>>> > systemctl stop neutron-server.service \
>>>>>> > neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
>>>>>> > neutron-metadata-agent.service
>>>>>> > systemctl stop neutron-l3-agent.service
>>>>>> > and restart.
>>>>>> >
>>>>>> > Thanks for the help. Yes. It's a bit confusing. Why are router
>>>>>> and
>>>>>> > instance ports different? It is for this reason that I figured I
>>>>>> could
>>>>>> > just create my own instance/router. But why should I have to? Do
>>>>>> > routers not work unless you use OpenVSwitch? The Liberty install
>>>>>> > instructions (unlike Kilo) don't seem to require installing
>>>>>> OpenVSwitch.
>>>>>> >
>>>>>> > linux_bridge_agent.ini
>>>>>> > inux_bridge | physical_interface_mappings |
>>>>>> public:enp3s0
>>>>>> >
>>>>>> > Perhaps br-ex? Or whereever I see my static IP when doing an
>>>>>> > ifconfig :-) Was enp3s0 when CentOS was first installed, but I
>>>>>> think
>>>>>> > thats changed somehow.
>>>>>> >
>>>>>> >
>>>>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>>>>> > | linuxbridge_agent: Section | Key |
>>>>>> > Value |
>>>>>> >
>>>>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>>>>> > | linux_bridge | physical_interface_mappings |
>>>>>> > public:enp3s0 |
>>>>>> > | vxlan | l2_population |
>>>>>> > True |
>>>>>> > | vxlan | local_ip |
>>>>>> > 172.22.10.99 |
>>>>>> > | vxlan | enable_vxlan |
>>>>>> > True |
>>>>>> > | agent | prevent_arp_spoofing |
>>>>>> > True |
>>>>>> > | securitygroup | firewall_driver |
>>>>>> > neutron.agent.linux.iptables_firewall.IptablesFirewallDriver |
>>>>>> > | securitygroup | enable_security_group |
>>>>>> > True |
>>>>>> >
>>>>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>>>>> >
>>>>>> >
>>>>>> >
>>>>>> > - Christopher T. Hull
>>>>>> > I am presently seeking a new career opportunity Please see career
>>>>>> page
>>>>>> > http://chrishull.com/career
>>>>>> > 333 Orchard Ave, Sunnyvale CA. 94085
>>>>>> > (415) 385 4865 <tel:%28415%29%20385%204865>
>>>>>> > chrishull42 at gmail.com <mailto:chrishull42 at gmail.com>
>>>>>> > http://chrishull.com
>>>>>> >
>>>>>> >
>>>>>> >
>>>>>> > On Wed, Mar 23, 2016 at 3:34 PM, Dan Sneddon <dsneddon at redhat.com
>>>>>> > <mailto:dsneddon at redhat.com>> wrote:
>>>>>> >
>>>>>> > On 03/23/2016 03:05 PM, Christopher Hull wrote:
>>>>>> > > Hi Keven / all;
>>>>>> > >
>>>>>> > > Re: Getting a Neutron Router to work. (set
>>>>>> external_network_bridge =
>>>>>> > > blank). Apologies if this got sent twice.
>>>>>> > >
>>>>>> > > Nope, not quite there yet re getting the damn router to work
>>>>>> > (week 3 on
>>>>>> > > this issue).
>>>>>> > >
>>>>>> > > The Liberty install instructions indeed say to set...
>>>>>> > > external_network_bridge =
>>>>>> > >
>>>>>> > > I'm so desperate that I thought the blank space after the =
>>>>>> might be
>>>>>> > > the issue. No. Then I noticed these instructions in
>>>>>> > l3_agent.ini itself.
>>>>>> > > -----
>>>>>> > > # When external_network_bridge is set, each L3 agent can be
>>>>>> > associated
>>>>>> > > # with no more than one external network. This value should
>>>>>> be set to
>>>>>> > > the UUID
>>>>>> > > # of that external network. To allow L3 agent support multiple
>>>>>> > external
>>>>>> > > # networks, both the external_network_bridge and
>>>>>> > > gateway_external_network_id
>>>>>> > > # must be left empty.
>>>>>> > > # gateway_external_network_id =
>>>>>> > > ----
>>>>>> > >
>>>>>> > > 1: Should gateway_external_network_id = be unoommented?
>>>>>> > > 2: Should I reupdate the database after these changes?
>>>>>> > > su -s /bin/sh -c "neutron-db-manage --config-file
>>>>>> > > /etc/neutron/neutron.conf \
>>>>>> > > --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade
>>>>>> > head" neutron
>>>>>> > >
>>>>>> > > 3: Should external_network_bridge in fact be set to the UUID
>>>>>> of the
>>>>>> > > public network?
>>>>>> > >
>>>>>> > > 4. All instances Ports work just fine on public and private
>>>>>> network.
>>>>>> > > WHAT is the difference between a Neutron router northbound
>>>>>> port
>>>>>> > and an
>>>>>> > > instance port on the public net.
>>>>>> > >
>>>>>> > > Services restarted after config change (just removed space
>>>>>> after =
>>>>>> > > actually just in case sloppy Python coding was involved
>>>>>> here). In
>>>>>> > > fact, I rebooted the box just to be sure.
>>>>>> > >
>>>>>> > > Making my own instance based router is looking better and
>>>>>> better all
>>>>>> > > the time. If Neutron Routers really work, maybe UFO's exist
>>>>>> too.
>>>>>> > > :-) j/k
>>>>>> > >
>>>>>> > >
>>>>>> > > Seriously. Thank you for your help. Hope to help the
>>>>>> community
>>>>>> > > soon too myself. Trying to get my Gerrit account up and
>>>>>> running but
>>>>>> > > the OpenStack.org site won't allow me to sign the Contrib
>>>>>> agreement
>>>>>> > > with out getting a server error.
>>>>>> > >
>>>>>> > >
>>>>>> > > ==== Config Details ======
>>>>>> > > Issue Neutron Router Northbound Port won't Ping, is Down
>>>>>> > >
>>>>>> > > [root at maersk src]# ./pluto.py show -p /etc neutron
>>>>>> rootwrap.conf
>>>>>> > > ml2_conf.ini l3_agent.ini linuxbridge_agent.ini dhcp_agent.ini
>>>>>> > >
>>>>>> >
>>>>>> +-----------------------+------------------------------------+-------------------------------------------------+
>>>>>> > > | neutron: Section | Key |
>>>>>> > > Value |
>>>>>> > >
>>>>>> >
>>>>>> +-----------------------+------------------------------------+-------------------------------------------------+
>>>>>> > > | DEFAULT | verbose |
>>>>>> > > True |
>>>>>> > > | DEFAULT | nova_url |
>>>>>> > > http://controller:8774/v2 |
>>>>>> > > | DEFAULT | notify_nova_on_port_data_changes |
>>>>>> > > True |
>>>>>> > > | DEFAULT | notify_nova_on_port_status_changes |
>>>>>> > > True |
>>>>>> > > | DEFAULT | auth_strategy |
>>>>>> > > keystone |
>>>>>> > > | DEFAULT | rpc_backend |
>>>>>> > > rabbit |
>>>>>> > > | DEFAULT | allow_overlapping_ips |
>>>>>> > > True |
>>>>>> > > | DEFAULT | service_plugins |
>>>>>> > > router |
>>>>>> > > | DEFAULT | core_plugin |
>>>>>> > > ml2 |
>>>>>> > > | keystone_authtoken | password |
>>>>>> > > mk4968small23buggidntpass |
>>>>>> > > | keystone_authtoken | username |
>>>>>> > > neutron |
>>>>>> > > | keystone_authtoken | project_name |
>>>>>> > > service |
>>>>>> > > | keystone_authtoken | user_domain_id |
>>>>>> > > default |
>>>>>> > > | keystone_authtoken | project_domain_id |
>>>>>> > > default |
>>>>>> > > | keystone_authtoken | auth_plugin |
>>>>>> > > password |
>>>>>> > > | keystone_authtoken | auth_url |
>>>>>> > > http://controller:35357 |
>>>>>> > > | keystone_authtoken | auth_uri |
>>>>>> > > http://controller:5000 |
>>>>>> > > | database | connection |
>>>>>> > > mysql://neutron:sleestack191@controller/neutron |
>>>>>> > > | nova | password |
>>>>>> > > mk4968small23buggidntpass |
>>>>>> > > | nova | username |
>>>>>> > > nova |
>>>>>> > > | nova | project_name |
>>>>>> > > service |
>>>>>> > > | nova | region_name |
>>>>>> > > RegionOne |
>>>>>> > > | nova | user_domain_id |
>>>>>> > > default |
>>>>>> > > | nova | project_domain_id |
>>>>>> > > default |
>>>>>> > > | nova | auth_plugin |
>>>>>> > > password |
>>>>>> > > | nova | auth_url |
>>>>>> > > http://controller:35357 |
>>>>>> > > | oslo_concurrency | lock_path |
>>>>>> > > /var/lib/neutron/tmp |
>>>>>> > > | oslo_messaging_rabbit | rabbit_password |
>>>>>> > > open.g00dke232 |
>>>>>> > > | oslo_messaging_rabbit | rabbit_userid |
>>>>>> > > openstack |
>>>>>> > > | oslo_messaging_rabbit | rabbit_host |
>>>>>> > > controller |
>>>>>> > >
>>>>>> >
>>>>>> +-----------------------+------------------------------------+-------------------------------------------------+
>>>>>> > >
>>>>>> >
>>>>>> +-------------------+---------------------+--------------------------------------------------------------+
>>>>>> > > | rootwrap: Section | Key |
>>>>>> > > Value |
>>>>>> > >
>>>>>> >
>>>>>> +-------------------+---------------------+--------------------------------------------------------------+
>>>>>> > > | DEFAULT | filters_path |
>>>>>> > > /etc/cinder/rootwrap.d,/usr/share/cinder/rootwrap |
>>>>>> > > | DEFAULT | exec_dirs |
>>>>>> > > /sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin |
>>>>>> > > | DEFAULT | use_syslog |
>>>>>> > > False |
>>>>>> > > | DEFAULT | syslog_log_facility |
>>>>>> > > syslog |
>>>>>> > > | DEFAULT | syslog_log_level |
>>>>>> > > ERROR |
>>>>>> > >
>>>>>> >
>>>>>> +-------------------+---------------------+--------------------------------------------------------------+
>>>>>> > >
>>>>>> >
>>>>>> +-------------------+----------------------+--------------------------+
>>>>>> > > | ml2_conf: Section | Key | Value
>>>>>> > |
>>>>>> > >
>>>>>> >
>>>>>> +-------------------+----------------------+--------------------------+
>>>>>> > > | ml2 | extension_drivers | port_security
>>>>>> > |
>>>>>> > > | ml2 | mechanism_drivers |
>>>>>> > linuxbridge,l2population |
>>>>>> > > | ml2 | tenant_network_types | vxlan
>>>>>> > |
>>>>>> > > | ml2 | type_drivers | flat,vlan,vxlan
>>>>>> > |
>>>>>> > > | ml2_type_flat | flat_networks | public
>>>>>> > |
>>>>>> > > | ml2_type_vxlan | vni_ranges | 1:1000
>>>>>> > |
>>>>>> > > | securitygroup | enable_ipset | True
>>>>>> > |
>>>>>> > >
>>>>>> >
>>>>>> +-------------------+----------------------+--------------------------+
>>>>>> > >
>>>>>> >
>>>>>> +-------------------+--------------------------+-----------------------------------------------------+
>>>>>> > > | l3_agent: Section | Key |
>>>>>> > > Value |
>>>>>> > >
>>>>>> >
>>>>>> +-------------------+--------------------------+-----------------------------------------------------+
>>>>>> > > | DEFAULT | external_network_bridge
>>>>>> > > | |
>>>>>> > > | DEFAULT | verbose |
>>>>>> > > True |
>>>>>> > > | DEFAULT | interface_driver |
>>>>>> > > neutron.agent.linux.interface.BridgeInterfaceDriver |
>>>>>> > >
>>>>>> >
>>>>>> +-------------------+--------------------------+-----------------------------------------------------+
>>>>>> > >
>>>>>> >
>>>>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>>>>> > > | linuxbridge_agent: Section | Key |
>>>>>> > > Value |
>>>>>> > >
>>>>>> >
>>>>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>>>>> > > | linux_bridge | physical_interface_mappings |
>>>>>> > > public:enp3s0 |
>>>>>> > > | vxlan | l2_population |
>>>>>> > > True |
>>>>>> > > | vxlan | local_ip |
>>>>>> > > 172.22.10.99 |
>>>>>> > > | vxlan | enable_vxlan |
>>>>>> > > True |
>>>>>> > > | agent | prevent_arp_spoofing |
>>>>>> > > True |
>>>>>> > > | securitygroup | firewall_driver |
>>>>>> > > neutron.agent.linux.iptables_firewall.IptablesFirewallDriver |
>>>>>> > > | securitygroup | enable_security_group |
>>>>>> > > True |
>>>>>> > >
>>>>>> >
>>>>>> +----------------------------+-----------------------------+--------------------------------------------------------------+
>>>>>> > >
>>>>>> >
>>>>>> +---------------------+--------------------------+-----------------------------------------------------+
>>>>>> > > | dhcp_agent: Section | Key |
>>>>>> > > Value |
>>>>>> > >
>>>>>> >
>>>>>> +---------------------+--------------------------+-----------------------------------------------------+
>>>>>> > > | DEFAULT | dnsmasq_config_file |
>>>>>> > > /etc/neutron/dnsmasq-neutron.conf |
>>>>>> > > | DEFAULT | verbose |
>>>>>> > > True |
>>>>>> > > | DEFAULT | enable_isolated_metadata |
>>>>>> > > True |
>>>>>> > > | DEFAULT | dhcp_driver |
>>>>>> > > neutron.agent.linux.dhcp.Dnsmasq |
>>>>>> > > | DEFAULT | interface_driver |
>>>>>> > > neutron.agent.linux.interface.BridgeInterfaceDriver |
>>>>>> > >
>>>>>> >
>>>>>> +---------------------+--------------------------+-----------------------------------------------------+
>>>>>> > >
>>>>>> > >
>>>>>> > >
>>>>>> > >
>>>>>> > >
>>>>>> > >
>>>>>> > >
>>>>>> > >
>>>>>> > >
>>>>>> > >
>>>>>> > > - Christopher T. Hull
>>>>>> > > I am presently seeking a new career opportunity Please see
>>>>>> > career page
>>>>>> > > http://chrishull.com/career
>>>>>> > > 333 Orchard Ave, Sunnyvale CA. 94085
>>>>>> > > (415) 385 4865 <tel:%28415%29%20385%204865>
>>>>>> > > chrishull42 at gmail.com <mailto:chrishull42 at gmail.com>
>>>>>> > <mailto:chrishull42 at gmail.com <mailto:chrishull42 at gmail.com>>
>>>>>> > > http://chrishull.com
>>>>>> > >
>>>>>> > >
>>>>>> > >
>>>>>> > > On Wed, Mar 23, 2016 at 8:50 AM, <chrishull42 at gmail.com
>>>>>> <mailto:chrishull42 at gmail.com>
>>>>>> > > <mailto:chrishull42 at gmail.com <mailto:chrishull42 at gmail.com>>>
>>>>>> wrote:
>>>>>> > >
>>>>>> > > Thanks. Will check that.
>>>>>> > > When I create an instance in the public or private nets
>>>>>> they ping.
>>>>>> > > Why do router ports behave differently than instance
>>>>>> ports? Only
>>>>>> > > the Northbound router port is down and won't ping. Will
>>>>>> check
>>>>>> > > settings ASAP thanks
>>>>>> > >
>>>>>> > > Chris.
>>>>>> > >
>>>>>> > > Sent from my iPhone
>>>>>> > >
>>>>>> > > On Mar 23, 2016, at 7:52 AM, Kevin Benton <
>>>>>> kevin at benton.pub
>>>>>> > > <mailto:kevin at benton.pub <mailto:kevin at benton.pub>>>
>>>>>> wrote:
>>>>>> > >
>>>>>> > >> Ok. The same settings should apply to Linux bridge.
>>>>>> > >>
>>>>>> > >> Make sure you have external_network_bridge defined in
>>>>>> your L3
>>>>>> > >> agent as an empty value.
>>>>>> > >>
>>>>>> > >> Then your external network should be created with the
>>>>>> provider
>>>>>> > >> type of 'flat' and the physical network corresponding to
>>>>>> the one
>>>>>> > >> you have defined in your bridge mappings in the L2
>>>>>> agent that
>>>>>> > >> attaches to the bridge going to your external physical
>>>>>> network.
>>>>>> > >>
>>>>>> > >> On Mar 23, 2016 7:25 AM, <chrishull42 at gmail.com <mailto:
>>>>>> chrishull42 at gmail.com>
>>>>>> > >> <mailto:chrishull42 at gmail.com <mailto:
>>>>>> chrishull42 at gmail.com>>> wrote:
>>>>>> > >>
>>>>>> > >> Kevin;
>>>>>> > >> Thank you Very much. I'll check. I did a manual
>>>>>> Liberty
>>>>>> > >> install so I may have done something wrong. I am
>>>>>> using
>>>>>> > >> LinuxBridge (not OpenVSwitch) if that helps. Will
>>>>>> post
>>>>>> > >> results to list soon. Would like to be able to use
>>>>>> floating
>>>>>> > >> IPs, a more convenient form of ipTables basically.
>>>>>> > >>
>>>>>> > >> Chris.
>>>>>> > >>
>>>>>> > >> Sent from my iPhone
>>>>>> > >>
>>>>>> > >> On Mar 23, 2016, at 7:16 AM, Kevin Benton <
>>>>>> kevin at benton.pub
>>>>>> > >> <mailto:kevin at benton.pub <mailto:kevin at benton.pub>>>
>>>>>> wrote:
>>>>>> > >>
>>>>>> > >>> Do you have external_network_bridge set to an empty
>>>>>> value in
>>>>>> > >>> the l3 agent config? If not, the l3 agent will use
>>>>>> a legacy
>>>>>> > >>> mode of wiring up the port and it's status field
>>>>>> may not be
>>>>>> > >>> ACTIVE.
>>>>>> > >>>
>>>>>> > >>> The routers are tested thousands of times in the
>>>>>> gate every
>>>>>> > >>> day, so they work. It's just a matter of getting
>>>>>> your
>>>>>> > >>> configuration correct.
>>>>>> > >>>
>>>>>> > >>> Yes, you can use a VM to route as well.
>>>>>> > >>>
>>>>>> > >>> On Mar 23, 2016 7:06 AM, <chrishull42 at gmail.com
>>>>>> <mailto:chrishull42 at gmail.com>
>>>>>> > >>> <mailto:chrishull42 at gmail.com <mailto:
>>>>>> chrishull42 at gmail.com>>> wrote:
>>>>>> > >>>
>>>>>> > >>> Hi all;
>>>>>> > >>> It appears that Liberty Neutron routers do not
>>>>>> work.
>>>>>> > >>> The Northbound port is always Down.
>>>>>> > >>>
>>>>>> > >>> What I'd like to do is dedicate an instance
>>>>>> (CentOS) to
>>>>>> > >>> routing between the Public net and other nets.
>>>>>> Has
>>>>>> > >>> anyone done this. Setting up the router is
>>>>>> trivial.
>>>>>> > >>> But I'm a little worried about interaction with
>>>>>> Neutron
>>>>>> > >>> Ports. I need to assign fixed IPs so I can
>>>>>> route from
>>>>>> > >>> the Internet to a server instance.
>>>>>> > >>>
>>>>>> > >>> Ideas?
>>>>>> > >>>
>>>>>> > >>> Thanks
>>>>>> > >>> - Chris.
>>>>>> > >>>
>>>>>> > >>> Sent from my iPhone
>>>>>> > >>> _______________________________________________
>>>>>> > >>> OpenStack-operators mailing list
>>>>>> > >>> OpenStack-operators at lists.openstack.org
>>>>>> > <mailto:OpenStack-operators at lists.openstack.org>
>>>>>> > >>> <mailto:OpenStack-operators at lists.openstack.org
>>>>>> > <mailto:OpenStack-operators at lists.openstack.org>>
>>>>>> > >>>
>>>>>> >
>>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>>>>> > >>>
>>>>>> > >
>>>>>> > >
>>>>>> > >
>>>>>> > > _______________________________________________
>>>>>> > > OpenStack-operators mailing list
>>>>>> > > OpenStack-operators at lists.openstack.org
>>>>>> > <mailto:OpenStack-operators at lists.openstack.org>
>>>>>> > >
>>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>>>>> > >
>>>>>> >
>>>>>> > Definitely the external_network_bridge needs to be explicitly
>>>>>> set to
>>>>>> > nothing. That's not the default. I've never had to change the
>>>>>> default
>>>>>> > gateway_external_network_id when I set external_network_bridge
>>>>>> to a
>>>>>> > blank value.
>>>>>> >
>>>>>> > Note that after making changes to external_network_bridge, I've
>>>>>> have to
>>>>>> > delete and recreate the router/port/network that was created
>>>>>> before
>>>>>> > that change.
>>>>>> >
>>>>>> > I assume that your bridge mappings are correct in
>>>>>> > /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini:
>>>>>> >
>>>>>> > bridge_mappings =datacentre:br-ex # or whatever you have
>>>>>> locally
>>>>>> >
>>>>>> > And that the physical_network of the external network matches
>>>>>> the
>>>>>> > network name in the bridge_mappings that corresponds to the
>>>>>> bridge
>>>>>> > containing the physical interface? Probably your instance ports
>>>>>> > wouldn't work if those things weren't correct, but those are
>>>>>> also areas
>>>>>> > where I see failures similar to this.
>>>>>> >
>>>>>> > --
>>>>>> > Dan Sneddon | Principal OpenStack Engineer
>>>>>> > dsneddon at redhat.com <mailto:dsneddon at redhat.com> |
>>>>>> > redhat.com/openstack <http://redhat.com/openstack>
>>>>>> > 650.254.4025 <tel:650.254.4025> | dsneddon:irc
>>>>>> @dxs:twitter
>>>>>> >
>>>>>> >
>>>>>> >
>>>>>> >
>>>>>> > _______________________________________________
>>>>>> > OpenStack-operators mailing list
>>>>>> > OpenStack-operators at lists.openstack.org
>>>>>> >
>>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>>>>> >
>>>>>>
>>>>>> I didn't mean to confuse you by assuming that you were running Open
>>>>>> vSwitch. You don't have to run Open vSwitch, and some things do work
>>>>>> differently when using Linux bridge.
>>>>>>
>>>>>> If your IP address is no longer on enp3s0, then that might be an
>>>>>> indicator that you have a bridge subsuming enp3s0. In that case, I'm
>>>>>> pretty sure that the physical_interface_mapping should be
>>>>>> public:<bridge>. I spend a lot more time with OVS deployments, though.
>>>>>>
>>>>>> --
>>>>>> Dan Sneddon | Principal OpenStack Engineer
>>>>>> dsneddon at redhat.com | redhat.com/openstack
>>>>>> 650.254.4025 | dsneddon:irc @dxs:twitter
>>>>>>
>>>>>> _______________________________________________
>>>>>> OpenStack-operators mailing list
>>>>>> OpenStack-operators at lists.openstack.org
>>>>>>
>>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>>>>>
>>>>>
>>>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20160325/33232de9/attachment-0001.html>
More information about the OpenStack-operators
mailing list