[Openstack] DHCP requests never reach controller and get lost

Abhijeet Rastogi abhijeet.1989 at gmail.com
Tue Dec 9 15:41:11 UTC 2014 

Hi everyone,

This post is going to be a little longer than usual so I'll really
appreciate if you give it a read. In short, the DHCP server and the
compute node provider network are from different VLAN and I'm not sure
how DHCP requests will transfer between them. Long story...

I'm using 2 VLANs:-

VLAN 101: Mgmt network. For all openstack services connectivity and
management of boxes
VLAN 1001: For VLAN provider_network that'll be directly used by instances.

I'm using kernel based VLAN tagging so I've interfaces like "eth0",
"eth0.101" and "eth0.1001" created on the physical machines. I've two
physical boxes:

A- Contains a bunch of VMs. mysql cluster, queueing cluster,
controller node etc.
B- Compute node.

-  "Controller" node is actually hosted in a VM (on box A) with tap
interfaces connected to "br.101". (bridge with 101 VLAN tagged
eth0.101 as one of the interfaces and the rest are VM interfaces).

[root at opsstack1 ~]# brctl show
bridge name     bridge id               STP enabled     interfaces
br0.101         8000.0025905ab58e       no              eth0.101

        vnet1


Now, while spawning a VM on compute nodes (say box B), the tap
interface created for the guest has a member interface as "eth0.1001"
(1001 being the VLAN type provider_network) and the "DHCP" requests
from the tap interface never reach the controller VM because the tap
interface of the controller VM is bridged to "br.101" which will never
receive traffic of 1001 VLAN.

[root at compute1 ~]# brctl show
bridge name     bridge id               STP enabled     interfaces
brq61aab8bc-45          8000.002590c6438e       no              eth0.1001

             tapd6b6597c-da

So, the flow is something like this:-

DHCP request packets at tap interface (VLAN tagged 1001) reach
eth0.1001 on box B. From there, the eth0.1001 on box A picks up the
packets. But, after that, there's no way for these packets to reach
the controller VM because it's bridged to br.101. I can't bridge the
controller VM to br.1001 because that defeats the purpose of having a
separate management VLAN and I don't want my services to be running in
the same VLAN as guest instances.

Fundamentally, I'm not sure how I solve this problem. Any help is
appreciated. I'm not sure how does the DHCP request flow when the DHCP
server and compute nodes are running in a different VLAN.

-- 
Cheers,
Abhijeet Rastogi (shadyabhi)

More information about the Openstack mailing list