Open Stack

Ajiva,

In your 'show interface fa 0/2[2,3] trunk' output I don't see vlan 105 and
this is most likely because it's not created.  This might be why vlan 5
works and 105 doesn't.

Try:
> en
# conf t
# vlan 105
# exit


Thanks,
Kevin S




On 2/27/13 4:22 AM, "Ajiva Fan" <aji.zqfan at gmail.com> wrote:

>thanks you for reply
>special thanks to Aaron Rosen
>
>the situation is that:
>1) openstack is in vlan mode
>2) switcher is in trunk mode, all vlan id is allowed
>3) vlan in switcher's allowed list, active list and (not pruned) list
>can communicate with each other. vlan only in allowed list but not in
>the other two list is isolated
>4) i tried the way which is from official site guide to set pruned
>list but it does not work, the switcher just ignore the prune command
>and hold the original config ( i will ask our network administrator
>and find more help from cisco site )
>
>
>now i think openstack is running fine ( at least from my point of view)
>and i think swither trunk port is running basically correct
>
>here is my env:
>
>switcher port {22,23}
>sw-31#show interfaces fastEthernet 0/22 trunk
>
>Port        Mode         Encapsulation  Status        Native vlan
>Fa0/22      on           802.1q         trunking      1
>
>Port      Vlans allowed on trunk
>Fa0/22      1-4094
>
>Port        Vlans allowed and active in management domain
>Fa0/22      
>1,5,7,10-12,16,18-21,27,30,40,50,60,80,88,96,100-101,123,160,192,302-303,6
>00,602,700,800,1000-1001
>
>Port        Vlans in spanning tree forwarding state and not pruned
>Fa0/22      
>1,5,7,10-12,16,18-21,27,30,40,50,60,80,88,96,100-101,123,160,192,302-303,6
>00,602,700,800,1000-1001
>
>from openstack control node terminal:
># nova-manage network create --label admin-network-01
>--fixed_range_v4=10.0.12.0/24 --vlan=105 --project_id=<admin_id>
># nova-manage network create --label admin-network-02
>--fixed_range_v4=10.0.13.0/24 --vlan=101 --project_id=<admin_id>
># nova boot --image cirros --flavor 1 --availability_zone nova:control
>test01
># nova boot --image cirros --flavor 1 --availability_zone nova:compute
>test02
>
>now test01 and test02 get two vlan ip addr, and control node and
>compute node get two bridge
>NOTE: *** vlan101 *** is in switcher's active list and "spanning tree
>forwarding state and not pruned" list, but vlan105 is not, vlan105
>just in allowed list
>
>control node:
>br105 10.0.12.6
>br101 10.0.13.6
>compute node
>br105 10.0.12.4
>br101 10.0.13.4
>
>from control node i can ping 10.0.13.4 but cannot ping 10.0.12.4
>so the root cause may be the active list and the pruned list of switcher
>
>is there any one meet such problem?
>maybe i'm fool or i'm just fooled by some odd issue
>
>please help me
>
>On 2/27/13, Salvatore Orlando <sorlando at nicira.com> wrote:
>> I'm not sure I followed the thread correctly from the beginning, but I
>> read that you have configured you NIC for private VM networking, in
>> VLAN mode, on VLAN 105.
>> Is that correct?
>>
>> In general trunking all your switch ports used for VM networking will
>> save you the hassle of adding the VLANs you are using in your setup
>> one by one.
>> Also, there's quite a difference between VLAN access mode and trunk
>> mode. I rarely use Cisco switches, but when I do I always put them in
>> trunk mode explicitly.
>> The list of allowed vlan is a sort of filter that you apply on a trunk
>> port. So perhaps you might want to put all your ports in trunk mode
>> and use the vlan range defined in nova.conf as allowed vlan list.
>>
>> Salvatore
>>
>> On 27 February 2013 10:18, Ajiva Fan <aji.zqfan at gmail.com> wrote:
>>> thank you very much.
>>>
>>> actullaly, i have already try these command yesterday, it does not
>>>work.
>>>
>>> currently, i find that vlan id in active list and not pruned list can
>>> be passed by switcher, vlan id not in the two list cannot will be
>>> droped even they are in allowed list.....
>>> but the network administrator (and the internet pages) tells me that
>>> if vlan is in allowed list, it can go through trunk mode port.....
>>>
>>>
>>>
>>>
>>> there is some hardware info may not be useful, but i list it here,
>>> hope it will help someone else.
>>> cisco catalyst 2950 switcher only hava
>>> """sw-31(config)#interface gigabitEthernet 0/2?
>>> .  :  <0-2> """
>>> so i just operate on fastEthernet 0/22
>>> """sw-31(config)#interface fastEthernet 0/22?
>>> .  :  <0-24> """
>>> and 2950 defaultly
>>> 1)allowed all vlan id on trunk mode
>>> 2)only support 802.1q on trunk mode
>>> so the following commands:
>>>> switchport trunk encapsulation dot1q
>>>> switchport trunk allowed vlan 1-4094
>>> will not work.
>>>
>>>
>>> On 2/27/13, Aaron Rosen <arosen at nicira.com> wrote:
>>>> Perhaps:
>>>>
>>>> interface gigbbit 0/22
>>>> switchport mode trunk
>>>> switchport trunk encapsulation dot1q
>>>> switchport trunk allowed vlan 1-4094
>>>> interface gigbbit 0/23
>>>> switchport mode trunk
>>>> switchport trunk encapsulation dot1q
>>>> switchport trunk allowed vlan 1-4094
>>>>
>>>>
>>>>
>>>> On Wed, Feb 27, 2013 at 12:02 AM, Ajiva Fan <aji.zqfan at gmail.com>
>>>>wrote:
>>>>>
>>>>> since i notice that in switcher:
>>>>> sw-31>show interface fastEthernet 0/22 trunk
>>>>>
>>>>> Port        Mode         Encapsulation  Status        Native vlan
>>>>> Fa0/22      on           802.1q         trunking      1
>>>>>
>>>>> Port      Vlans allowed on trunk
>>>>> Fa0/22      1-4094
>>>>>
>>>>> Port        Vlans allowed and active in management domain
>>>>> Fa0/22
>>>>> 
>>>>>1,5,7,10-12,16,18-21,27,30,40,50,60,80,88,96,100-101,123,160,192,302-3
>>>>>03,600,602,700,800,1000-1001
>>>>>
>>>>> Port        Vlans in spanning tree forwarding state and not pruned
>>>>> Fa0/22
>>>>> 
>>>>>1,5,7,10-12,16,18-21,27,30,40,50,60,80,88,96,100-101,123,160,192,302-3
>>>>>03,600,602,700,800,1000-1001
>>>>>
>>>>> the vlan 5 is active in management domain but 105 is not, so i try
>>>>>the
>>>>> same workflow as before but change vlan id 5 to 110, ping gets no
>>>>> reply as vlan105
>>>>>
>>>>> so may be i should add vlan105 to active list ? sorry i'm a green
>>>>>hand
>>>>> to switcher and got confused.
>>>>> 1) what the different between the allowd list and active list
>>>>> 2) if i should add active list manually, so does the cloud admin, if
>>>>> he create a vlan for a tenant, he should add to switcher active list
>>>>> too? is there any way automatically recoginize the vlan tag and allow
>>>>> it pass?
>>>>> maybe add a range to active list, for example, 100-4000? it's
>>>>> ugly......
>>>>
>>>
>>> _______________________________________________
>>> Mailing list: https://launchpad.net/~openstack
>>> Post to     : openstack at lists.launchpad.net
>>> Unsubscribe : https://launchpad.net/~openstack
>>> More help   : https://help.launchpad.net/ListHelp
>>
>
>_______________________________________________
>Mailing list: https://launchpad.net/~openstack
>Post to     : openstack at lists.launchpad.net
>Unsubscribe : https://launchpad.net/~openstack
>More help   : https://help.launchpad.net/ListHelp