[Openstack] Why would ovs_ofctl and ovs_vsctl disagree about br-ex being a bridge?
Andrew Spiers
andrew at andrewspiers.net
Fri Aug 16 15:56:56 UTC 2013
Hi, I think the reason I wasn't getting any traffic out of my public
network from my instances was simply that I needed to configure this
network as a 'flat' network because it goes out to a physical port,
eth0, which should be openvswitch-bridged to br-ex.
So I added this line to ovs_quantum_plugin.ini:
bridge_mappings = physnet1:br-ex
And, above that I added
network_vlan_ranges = physnet1
because I am using tenant_network_type gre.
All of this seems to be picked up on reload of quantum-server:
INFO [quantum.plugins.openvswitch.ovs_quantum_plugin] Network VLAN
ranges: {'physnet1': []}
INFO [quantum.plugins.openvswitch.ovs_quantum_plugin] Tunnel ID
ranges: [(2, 1000)]
But then when restarting quantum-plugin-openvswitch-agent, I get told
that br-ex is not
a bridge or a socket:
INFO [quantum.plugins.openvswitch.agent.ovs_quantum_agent] Mapping
physical network physnet1 to bridge br-ex
ERROR [quantum.agent.linux.ovs_lib] Unable to execute ['ovs-ofctl',
'del-flows', 'br-ex']. Exception:
Command: ['sudo', 'quantum-rootwrap', '/etc/quantum/rootwrap.conf',
'ovs-ofctl', 'del-flows', 'br-ex']
Exit code: 1
Stdout: ''
Stderr: 'ovs-ofctl: br-ex is not a bridge or a socket\n'
ERROR [quantum.agent.linux.ovs_lib] Unable to execute ['ovs-ofctl',
'add-flow', 'br-ex',
'hard_timeout=0,idle_timeout=0,priority=1,actions=normal']. Exception:
Command: ['sudo', 'quantum-rootwrap', '/etc/quantum/rootwrap.conf',
'ovs-ofctl', 'add-flow', 'br-ex',
'hard_timeout=0,idle_timeout=0,priority=1,actions=normal']
Exit code: 1
Stdout: ''
Stderr: 'ovs-ofctl: br-ex is not a bridge or a socket\n'
2013-08-17 01:32:17 ERROR [quantum.agent.linux.ovs_lib] Unable to
execute ['ovs-ofctl', 'add-flow', 'br-ex',
'hard_timeout=0,idle_timeout=0,priority=2,in_port=[],actions=drop'].
Exception:
Command: ['sudo', 'quantum-rootwrap', '/etc/quantum/rootwrap.conf',
'ovs-ofctl', 'add-flow', 'br-ex',
'hard_timeout=0,idle_timeout=0,priority=2,in_port=[],actions=drop']
Exit code: 1
Stdout: ''
But from the below output, it would appear that br-ex in fact is a bridge:
# ovs-vsctl show
9ccefe5a-4669-4d7b-ba97-c2c63df6d05f
Bridge br-tun
Port patch-int
Interface patch-int
type: patch
options: {peer=patch-tun}
Port "gre-2"
Interface "gre-2"
type: gre
options: {in_key=flow, out_key=flow, remote_ip="172.31.2X.1X"}
Port br-tun
Interface br-tun
type: internal
Bridge br-ex
Port "eth0"
Interface "eth0"
Port br-ex
Interface br-ex
type: internal
Port phy-br-ex
Interface phy-br-ex
Bridge br-int
Port int-br-ex
Interface int-br-ex
Port br-int
Interface br-int
type: internal
Port "tapeeb281c5-e3"
tag: 1
Interface "tapeeb281c5-e3"
Port patch-tun
Interface patch-tun
type: patch
options: {peer=patch-int}
ovs_version: "1.4.0+build0"
But ovs-ofctl disagrees about br-ex (but not the others)
# ovs-ofctl show br-ex
ovs-ofctl: br-ex is not a bridge or a socket
# ovs-ofctl show br-tun
OFPT_FEATURES_REPLY (xid=0x1): ver:0x1, dpid:000076495f3d0443
n_tables:255, n_buffers:256
features: capabilities:0xc7, actions:0xfff
1(patch-int): addr:2e:66:5f:7a:69:e2
config: 0
state: 0
2(gre-2): addr:1a:56:5c:3a:bd:b7
config: 0
state: 0
LOCAL(br-tun): addr:76:49:5f:3d:04:43
config: PORT_DOWN
state: LINK_DOWN
OFPT_GET_CONFIG_REPLY (xid=0x3): frags=normal miss_send_len=0
# ovs-ofctl show br-int
OFPT_FEATURES_REPLY (xid=0x1): ver:0x1, dpid:0000b6f1d0a78d49
n_tables:255, n_buffers:256
features: capabilities:0xc7, actions:0xfff
12(int-br-ex): addr:9a:08:6e:15:1b:58
config: 0
state: 0
current: 10GB-FD COPPER
13(patch-tun): addr:be:fc:aa:4c:31:70
config: 0
state: 0
LOCAL(br-int): addr:b6:f1:d0:a7:8d:49
config: PORT_DOWN
state: LINK_DOWN
OFPT_GET_CONFIG_REPLY (xid=0x3): frags=normal miss_send_len=0
Does anyone have any idea why ovs-vsctl and ovs-ofctl would disagree
about the bridginess br-ex ?
Also, am I on the right track trying to configure a flat network,
whilst using gre for tenant (internal) networks?
Right now we only have 10 ip addresses available for this project,
all drawn from the one publicly routable /24.
Many thanks for reading all of this!
Andrew.
More information about the Openstack
mailing list