[Openstack] Seeking external network setup advice
Andrew Mann
andrew at divvycloud.com
Tue Aug 19 22:59:10 UTC 2014
Hi Olivier,
I'm not running on virtual box - I have a 2 NIC setup using Neutron
networking with 1 interface dedicated to "public" access and one interface
split into tenant VLANs plus a 'service' vlan (so that compute and storage
nodes exist entirely on this service vlan and not on the public network at
all).
Here's my netstat, you can see that eth0 and eth1 are in promiscuous mode,
but these were setup this way manually in my /etc/network/interfaces
definitions:
auto eth0
iface eth0 inet manual
pre-up ifconfig $IFACE up promisc
post-down ifconfig $IFACE down
auto eth1
iface eth1 inet manual
pre-up ifconfig $IFACE up promisc
post-down ifconfig $IFACE down
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR
Flg
br-backend 1500 0 8178788 0 0 0 8 0 0
0 BRU
br-int 1500 0 24796 0 0 0 8 0 0
0 BRU
br-os-service 1500 0 25600082 0 0 0 54114 0 0
0 BRU
br-public 1500 0 17868912 0 0 0 25942023 0 0
0 BRU
eth0 1500 0 120848297 0 0 0 93801692 0 0
0 BMPRU
eth1 1500 0 61922332 0 0 0 29232624 0 0
0 BMPRU
int-br-backend 1500 0 25954734 0 0 0 13805666 0
0 0 BMRU
lo 65536 0 253792580 0 0 0 253792580 0 0
0 LRU
You shouldn't run into this issue with virtualbox handling your eth
separation, but should you try to make vlan-based interfaces on the host
and use multiple vlan interfaces in different openvswitch bridges,
openvswitch will silently fail to add all but one of the interfaces. It
will actually look like it's added unless you dive into the logs or the
flow tables. There are a couple extra bridge interfaces that I use here to
work around the issue, but the simplest thing is to avoid using OS level
interfaces for vlans.
Other than that, openvswitch and neutron are both pretty fickle at times.
My best advice is to get in the habit of restarting openvswitch-switch,
neutron-l3-agent and neutron-plugin-openvswitch-agent any time you make
changes. Otherwise it can be pretty frustrating to spend 20 minutes
tracing packets through ports and bridges just to find out one component or
another never picked up a change.
-Andrew
On Tue, Aug 19, 2014 at 8:33 AM, Olivier Cant <olivier.cant at exxoss.com>
wrote:
> Hi list,
>
> I've been trying to set up an external network for a few days and this
> driving me crazy. I have a topology close to the one described in the
> ubuntu 14.04 documentation for icehouse (using networking not legacy)
>
> My setup is completely running under vitrualbox as this is just a POC at
> the moment, I have checked that my neutron node is allowed to put its
> network interface in promiscuous mode which seem to be the case but none of
> the interface on my neutron node actualy get put in promisc mode.
>
> My external network is 192.168.199.0/24 (I don't have a public network
> available) and I have an external router providing gateway on
> 192.168.199.1. my pool is defined from .101 to .150
> However I cannot ping .101 from the external router. I have tried adding
> an extra network interface to the neutron node plugged in on the same
> network as the external router (.45) and from that one I can ping the
> router just fine.
>
> My questions are :
> Is it normal that none of the neutron node interface are in promisc mode ?
>
> oot at os-network:~# netstat -i
> Kernel Interface table
> Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR
> Flg
> br-ex 1500 0 11 0 0 0 8 0
> 0 0 BRU
> br-int 1500 0 22 0 0 0 8 0
> 0 0 BRU
> br-tun 1500 0 0 0 0 0 8 0
> 0 0 BRU
> eth0 1500 0 12199 0 0 0 3959 0
> 0 0 BMRU
> eth1 1500 0 1338 0 0 0 1940 0
> 0 0 BMRU
> eth2 1500 0 2 0 0 0 18 0
> 0 0 BMRU
> eth3 1500 0 15 0 0 0 17 0
> 0 0 BMRU
> eth4 1500 0 9 0 0 0 14 0
> 0 0 BMRU
> lo 65536 0 18 0 0 0 18 0
> 0 0 LRU
>
> Do you have any poitner or direction I can follow to troubleshoot this ?
>
> Thanks already for your help
>
> Cheers,
>
> Olivier
> --
>
>
> [image: Exxoss] <http://www.exxoss.com>
> *Olivier Cant*, CEO | Gsm: +32(0)497/64.18.22
> *Exxoss, SPRL <http://www.exxoss.com>*
> Rue de la station, 2, 4347, Fexhe-le-haut-clocher | Telephone:
> +32(0)4/341.25.81 | Fax: +32(0)4/371.94.06
> [image: Twitter] <http://twitter.com/exxossIT> [image: Facebook]
> <http://facebook.com/exxoss> [image: Linked In]
> <https://www.linkedin.com/company/exxoss>
>
>
>
> _______________________________________________
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack at lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
--
Andrew Mann
DivvyCloud Inc.
www.divvycloud.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140819/1ad20de4/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: new-twitter.png
Type: image/png
Size: 3376 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140819/1ad20de4/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: new-facebook.png
Type: image/png
Size: 3460 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140819/1ad20de4/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: new-exxoss.png
Type: image/png
Size: 16268 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140819/1ad20de4/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: new-linkedin.png
Type: image/png
Size: 3537 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140819/1ad20de4/attachment-0003.png>
More information about the Openstack
mailing list
