[Openstack] Openstack Kilo Vxlan tunnel single NIC setup
Akash Gunjal
akgunjal at in.ibm.com
Mon Oct 19 10:36:56 UTC 2015
Hi Amir,
One point to check is the security rules set in your controller. Check if
you have set the ingress/egress rules set for ICMP protocol (ping) which
will otherwise block traffic from external hosts to the tenant VM.
Regards,
Akash
From: yatin kumbhare <yatinkumbhare at gmail.com>
To: Amir Huskić <amir.huskic at gmail.com>
Cc: "openstack at lists.openstack.org" <openstack at lists.openstack.org>
Date: 10/19/2015 03:56 PM
Subject: Re: [Openstack] Openstack Kilo Vxlan tunnel single NIC setup
Hi Amir,
Not quite sure, as I haven't tried such a thing.
but IMHO, you might require l2-gateway.
Kind of this: https://www.youtube.com/watch?v=74Wfr4myf5k
Regards,
Yatin
On Mon, Oct 19, 2015 at 4:35 AM, Amir Huskić <amir.huskic at gmail.com> wrote:
Hello James,
I use underscores in ml2 config file as You suggested. Also made some
changes in config file. Here is available:
https://www.dropbox.com/s/fuzwiyuyfngyyl2/ml2_conf.ini?dl=0
Summary:
- can ping from OS host to external gw and external linux host
- can ping from tenant VM to external gw and external linux host
- can't ping OS host and tenant VM floating IP from external linux host
- tcpdump on br-ex and eth0 interface is showing arp request during ping
request from linux external host using vxlan segment
For additional info please check info from CLI screen here:
https://www.dropbox.com/s/fv5hen4jbo6fmby/CLI_debug.txt?dl=0
Accidently I deleted symbolic link in log files pointing to agent log.
Unfortunately I don't know how to create it again with proper
permissions. I tried with chmod and chown using reference command but
without much success.
lrwxrwxrwx 1 amir amir 43 Sep 19 15:26 screen-n-sch.log ->
/opt/stack/logs/n-sch.log.2015-09-19-150746
-rw-r--r-- 1 amir amir 245730291 Okt 18 14:00 screen-q-agt.log
lrwxrwxrwx 1 amir amir 44 Sep 19 15:25 screen-q-dhcp.log ->
/opt/stack/logs/q-dhcp.log.2015-09-19-150746
Thank you for your help and time.
Kind regards,
Amir
On Wed, Oct 14, 2015 at 4:06 PM, James Denton <james.denton at rackspace.com
> wrote:
Hi Amir,
A couple of recommendations:
- Your vxlan_group setting has an extra dot at the end that may be
causing issues:
[ml2_type_vxlan]
vxlan_group = 239.0.0.0.
- Your [OVS] block has some incorrect options. Use underscores rather
than spaces:
[ovs]
bridge_mappings = public:br-ex
local_ip = 192.168.100.100
vxlan_udp_port = 8472
tunnel type = vxlan
tunnel id ranges = 1001:2000
tenant network type = vxlan
enable tunneling = true
- Same goes for [agent] as well:
[agent]
tunnel_types = vxlan
root_helper_daemon =
sudo /usr/local/bin/neutron-rootwrap-daemon /etc/neutron/rootwrap.conf
root_helper =
sudo /usr/local/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
#tunnel_types = vxlan
vxlan_udp_port = 8472
l2 population = false
Start by correcting those issues and restart the OVS agents across your
hosts. The agent log may be of help here as well.
James
On Oct 14, 2015, at 2:38 AM, Amir Huskić <amir.huskic at gmail.com>
wrote:
Hello,
there is also my ml2_conf.ini file:
https://dl.dropboxusercontent.com/u/4298410/ml2_conf.ini
Could problem be related to single NIC installation? Is it
possible to have same interface for bridge mappings and also for
tunnel bridge? Example below:
bridge_mappings = public:br-ex
integration bridge = br-int
tunnel bridge = br-ex
Thank you.
Regards,
Amir
On Mon, Oct 12, 2015 at 3:53 PM, Amir Huskić <
amir.huskic at gmail.com> wrote:
Hi all,
I'm trying to setup up Openstack test lab.
I deployed Openstack Kilo (Devstack) on PC running Ubuntu LTS
14.02 with single NIC.
Tenants are isolated with vxlan networks. I can ping from VMs to
external network PCs, SSH login from external PCs to tenants VMs
floating IP address, etc.
I would like also to connect tenant VMs to external network
physical Linux host using vxlan tunnel and have L2 connectivity
between VM and physical Linux host over L3 network.
Vxlan interface on Linux physical host is up and running. When I
am trying to ping from Linux physical host to Openstack VM (not
floating IP) using same subnet L2 address (example ping from
192.168.10.10 to 192.168.10.11) UDP packets on port 8472 are
coming to Openstack br-ex interface with ARP request.
Problem is that I can't setup vxlan tunnel on Openstack.
Command "sudo ovs-vsctl show" doesn't show any vxlan tunnels.
Also when I try to ping from VM to Linux host using L2 IP
address (ping from 192.168.10.11 to 192.168.10.10) tcpdump on
br-ex doesn't show anything.
My ml2_conf.ini files is configured following this guide:
http://www.opencloudblog.com/?p=300
Thanks in advance for your help,
Regards,
Amir
_______________________________________________
Mailing list:
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack at lists.openstack.org
Unsubscribe :
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
_______________________________________________
Mailing list:
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack at lists.openstack.org
Unsubscribe :
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack at lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20151019/5410ef9c/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20151019/5410ef9c/attachment.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ecblank.gif
Type: image/gif
Size: 45 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20151019/5410ef9c/attachment-0001.gif>
More information about the Openstack
mailing list