[Openstack] neutron, l2population, linuxbridge and multiple ips

Andreas Scheuring scheuran at linux.vnet.ibm.com
Mon Jun 20 11:06:48 UTC 2016


- What about using Neutrons "allowed address pairs"?
- Or setting up a tunnel network within your existing openstack tunnel
network?



-- 
-----
Andreas 
IRC: andreas_s



On Sa, 2016-06-18 at 18:52 +0200, Joerg Streckfuss wrote:
> Dear list,
> 
> I'm trying set up an isolated network for testing clustermanagers like 
> keepalived on linux and carp on openbsd. This means there are ips which 
> are bound to multiple ports. The main problem is when I try to configure 
> new ip-addresses inside the vms and _not_ in neutron, these ips are not 
> visible by the other vms. When I try to ping this ips I can see an local 
> arp request inside the bridge of the requesting vm but this request does 
> not reach the bridge of the destination vm. So my assumption is neutron 
> in particular the l2population works only for ip addresses which are 
> known by neutron ports. So in case of disabling dhcp I have to configure 
> it for the neutron port and inside the vm, right?
> 
> My setup is a 4-node openstack environment (one controller, three 
> compute nodes), using liberty on centos7 carefully following the 
> instructions under http://docs.openstack.org/liberty/install-guide-rdo/.
> 
> I'm using self-service networks with one flat provider-network for
> external communication. I use VXLAN for overlay-networks. As mechanism 
> drivers I use linuxbridge and l2population.
> 
> The isolated network and the vms are initiated by heat templates. I 
> disabled port security for each neutron port by setting 
> 'port_security_enabled: false' inside the heat template.
> 
> So what can I do, that a neutron isolated network behaves like a 
> standard linuxbridge or especially a hardware switch, where no port 
> security is configured and which forwards all kind of arp traffic?
> 
> Thanks in advance,
> 
> Joerg
> 
> _______________________________________________
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to     : openstack at lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> 





More information about the Openstack mailing list