[Openstack] quantum: two ips one vif
Carl Bolterstein
cbolterstein at blackmesh.com
Tue Oct 23 23:09:07 UTC 2012
Dan,
The libvirt xml is below. Sanitized for full ip.
<domain type="kvm">
<uuid>0677ce3a-a0c4-4549-920a-5b2b51cbe9fe</uuid>
<name>instance-00000097</name>
<memory>33554432</memory>
<vcpu>8</vcpu>
<os>
<type>hvm</type>
<boot dev="hd"/>
</os>
<features>
<acpi/>
</features>
<clock offset="utc">
<timer name="pit" tickpolicy="delay"/>
<timer name="rtc" tickpolicy="catchup"/>
</clock>
<cpu mode="host-model" match="exact"/>
<devices>
<disk type="file" device="disk">
<driver name="qemu" type="qcow2" cache="none"/>
<source file="/var/lib/nova/instances/instance-00000097/disk"/>
<target bus="virtio" dev="vda"/>
</disk>
<interface type="bridge">
<mac address="fa:16:3e:bc:a7:12"/>
<model type="virtio"/>
<source bridge="qbrc2630a29-dc"/>
<filterref filter="nova-instance-instance-00000097-fa163ebca712">
<parameter name="IP" value="xxx.xxx.75.136"/>
<parameter name="DHCPSERVER" value="xxx.xxx.75.130"/>
<parameter name="PROJNET" value="xxx.xxx.75.128"/>
<parameter name="PROJMASK" value="255.255.255.128"/>
</filterref>
</interface>
<serial type="file">
<source path="/var/lib/nova/instances/instance-00000097/console.log"/>
</serial>
<serial type="pty"/>
<input type="tablet" bus="usb"/>
<graphics type="vnc" autoport="yes" keymap="en-us" listen="0.0.0.0"/>
</devices>
</domain>
This was spun up with nova cli with a quantum port created with 3 separate fixed ip's in it. .136,137,138. .136 currently functions.
We are using the ovs hybrid driver.
Carl Bolterstein
-----Original Message-----
From: openstack-bounces+cbolterstein=blackmesh.com at lists.launchpad.net [mailto:openstack-bounces+cbolterstein=blackmesh.com at lists.launchpad.net] On Behalf Of Dan Wendlandt
Sent: Tuesday, October 23, 2012 6:15 PM
To: Jason
Cc: openstack at lists.launchpad.net
Subject: Re: [Openstack] quantum: two ips one vif
can you post your libvirt xml for the VM? It maybe well be libvirt filtering if you are using the OVS Hybrid vif driver:
for example, a VM would have xml like:
<filterref filter='nova-instance-instance-00000001-fa163e0569ba'>
<parameter name='DHCPSERVER' value='10.0.0.2'/>
<parameter name='IP' value='10.0.0.3'/>
<parameter name='PROJMASK' value='255.255.0.0'/>
<parameter name='PROJNET' value='10.0.0.0'/>
</filterref>
I'm not sure what the nova code would generate for multiple IPs.
Dan
On Tue, Oct 23, 2012 at 3:09 PM, Jason <jason at chatinara.com> wrote:
> Only one listed. What is more odd is that I am not seeing arps being
> returned so this issue seems to be at layer 2. Any other ideas?
>
> Jason
>
> On Oct 23, 2012, at 5:46 PM, Aaron Rosen <arosen at nicira.com> wrote:
>
> Do you have two default gateways in your instance when you type route -n ?
>
> Aaron
>
> On Tue, Oct 23, 2012 at 2:12 PM, Jason Ford <jason at chatinara.com> wrote:
>>
>> This seems broke unless I have something weird going on in my ovs
>> setup. I can get quantum to assign the second IP address to the
>> instance but when trying to do anything to that second IP, traffic is
>> blocked by something. I have verified that iptables is updated on the
>> hypervisor and I can see flows in OVS inbound but no replies. I can
>> even see the traffic making it to the instance as well via tcpdump
>> and also see the replies going out for the initial ARP as well from
>> inside the instance. The ARP never seems to make it into OVS as a
>> flow. Is Quantum missing a configuration for a flow somewhere or is
>> there something more I should look for? Does it work for anyone else or did I hit a bug?
>>
>> jason
>>
>> ----- Original Message -----
>> From: "Dan Wendlandt" <dan at nicira.com>
>> To: "Jason Ford" <jason at chatinara.com>
>> Cc: openstack at lists.launchpad.net
>> Sent: Tuesday, October 23, 2012 12:55:42 AM
>> Subject: Re: [Openstack] quantum: two ips one vif
>>
>> by default, quantum will give a port one IP address from any v4
>> subnet associated with the network, and one from any v6 subnet
>> associated with the subnet. However, you can create your own port
>> with multiple subnets, and then boot a VM with that port. You can
>> create a port with IPs from different subnets by using the --fixed-ip
>> option twice, each time specifying a different subnet. See example below.
>>
>> Dan
>>
>>
>> nicira at com-dev:~/devstack$ quantum subnet-list -c id -c network_id -c
>> cidr
>>
>> +-------------+--------------------------------------+--------------------------------------+
>> | cidr | id | network_id
>> |
>>
>> +-------------+--------------------------------------+--------------------------------------+
>> | 10.0.0.0/16 | a26f5605-8400-45ef-82cc-ec62fae37a33 |
>> 9f930f56-ca54-41b9-bb68-688f009e2f75 |
>> | 20.0.0.0/24 | f1278823-d6e3-4237-ad55-7f2fe286994c |
>> 9f930f56-ca54-41b9-bb68-688f009e2f75 |
>>
>> +-------------+--------------------------------------+--------------------------------------+
>> nicira at com-dev:~/devstack$ quantum port-create --fixed-ip
>> subnet_id=a26f5605-8400-45ef-82cc-ec62fae37a33 --fixed-ip
>> subnet_id=f1278823-d6e3-4237-ad55-7f2fe286994c
>> 9f930f56-ca54-41b9-bb68-688f009e2f75
>> Created a new port:
>>
>> +----------------+---------------------------------------------------------------------------------+
>> | Field | Value
>> |
>>
>> +----------------+---------------------------------------------------------------------------------+
>> | admin_state_up | True
>> |
>> | device_id |
>> |
>> | device_owner |
>> |
>> | fixed_ips | {"subnet_id":
>> "a26f5605-8400-45ef-82cc-ec62fae37a33", "ip_address": "10.0.0.3"} |
>> | | {"subnet_id":
>> "f1278823-d6e3-4237-ad55-7f2fe286994c", "ip_address": "20.0.0.3"} |
>> | id | 79f20e6f-7b95-44b0-90e6-bd0296c7aa54
>> |
>> | mac_address | fa:16:3e:05:69:ba
>> |
>> | name |
>> |
>> | network_id | 9f930f56-ca54-41b9-bb68-688f009e2f75
>> |
>> | status | ACTIVE
>> |
>> | tenant_id | b02686b6c8c44c75bd7459710ed81edb
>> |
>>
>> +----------------+---------------------------------------------------------------------------------+
>> nicira at com-dev:~/devstack$ nova image-list
>>
>> +--------------------------------------+---------------------------------+--------+--------+
>> | ID | Name
>> | Status | Server |
>>
>> +--------------------------------------+---------------------------------+--------+--------+
>> | 5809a3fe-2c27-4d87-80c0-963ec1f92d0f | cirros-0.3.0-x86_64-uec
>> | ACTIVE | |
>> | e9a03bac-1e46-4d98-973d-2efc0f10d4d2 |
>> cirros-0.3.0-x86_64-uec-kernel | ACTIVE | |
>> | 28ad71a6-b120-4d75-a8cc-1aabe248edfa |
>> cirros-0.3.0-x86_64-uec-ramdisk | ACTIVE | |
>>
>> +--------------------------------------+---------------------------------+--------+--------+
>> nicira at com-dev:~/devstack$ nova boot --image
>> 5809a3fe-2c27-4d87-80c0-963ec1f92d0f --flavor 1 --nic
>> port-id=79f20e6f-7b95-44b0-90e6-bd0296c7aa54 vm1
>> +------------------------+--------------------------------------+
>> | Property | Value |
>> +------------------------+--------------------------------------+
>> | OS-DCF:diskConfig | MANUAL |
>> | OS-EXT-STS:power_state | 0 |
>> | OS-EXT-STS:task_state | scheduling |
>> | OS-EXT-STS:vm_state | building |
>> | accessIPv4 | |
>> | accessIPv6 | |
>> | adminPass | 68GLMZmLrsJ5 |
>> | config_drive | |
>> | created | 2012-10-23T04:52:02Z |
>> | flavor | m1.tiny |
>> | hostId | |
>> | id | 10afbdc8-1ded-4a90-bbe4-0b245776a408 |
>> | image | cirros-0.3.0-x86_64-uec |
>> | key_name | None |
>> | metadata | {} |
>> | name | vm1 |
>> | progress | 0 |
>> | security_groups | [{u'name': u'default'}] |
>> | status | BUILD |
>> | tenant_id | b02686b6c8c44c75bd7459710ed81edb |
>> | updated | 2012-10-23T04:52:02Z |
>> | user_id | 6596c5e8318047d2859ee1bc5aef5c26 |
>> +------------------------+--------------------------------------+
>> nicira at com-dev:~/devstack$ nova list
>>
>> +--------------------------------------+------+--------+-------------------------+
>> | ID | Name | Status | Networks
>> |
>>
>> +--------------------------------------+------+--------+-------------------------+
>> | 10afbdc8-1ded-4a90-bbe4-0b245776a408 | vm1 | BUILD |
>> net1=10.0.0.3, 20.0.0.3 |
>>
>> +--------------------------------------+------+--------+-------------------------+
>>
>>
>>
>>
>>
>>
>> On Mon, Oct 22, 2012 at 7:09 PM, Jason Ford <jason at chatinara.com> wrote:
>> > Stackers,
>> >
>> > I am testing out quantum with vlans using a hardware based firewall
>> > as a gateway. I am using openvswitch with the quantum openvswitch
>> > agent and nova-compute running on the compute node. I also have one
>> > management node with everything else on it.
>> >
>> > I am able to spin up a vm and assign an ip address via dhcp to my
>> > instance. It shows up in quantum port-list as well as quantum
>> > net-list and is able to route traffic in and out of my vlan'd
>> > network. I have a requirement to assign another fixed IP (not
>> > floating) from a new vlan to the same virtual interface on the
>> > instance. When I create another subnet in quantum, that works. How
>> > do I assign an ip address from the new subnet to the same openvswitch port via quantum?
>> >
>> > jason
>> >
>> > _______________________________________________
>> > Mailing list: https://launchpad.net/~openstack
>> > Post to : openstack at lists.launchpad.net
>> > Unsubscribe : https://launchpad.net/~openstack
>> > More help : https://help.launchpad.net/ListHelp
>>
>>
>>
>> --
>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> Dan Wendlandt
>> Nicira, Inc: www.nicira.com
>> twitter: danwendlandt
>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>
>> _______________________________________________
>> Mailing list: https://launchpad.net/~openstack
>> Post to : openstack at lists.launchpad.net
>> Unsubscribe : https://launchpad.net/~openstack
>> More help : https://help.launchpad.net/ListHelp
>
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to : openstack at lists.launchpad.net
> Unsubscribe : https://launchpad.net/~openstack
> More help : https://help.launchpad.net/ListHelp
>
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Dan Wendlandt
Nicira, Inc: www.nicira.com
twitter: danwendlandt
~~~~~~~~~~~~~~~~~~~~~~~~~~~
_______________________________________________
Mailing list: https://launchpad.net/~openstack
Post to : openstack at lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help : https://help.launchpad.net/ListHelp
More information about the Openstack
mailing list