[Openstack] dhcp namespace and vert pairs?

Ali Volkan Atli Volkan.Atli at argela.com.tr
Mon Jul 17 10:46:08 UTC 2017 

I have a VM launched using OpenStack and a laptop added directly into integration bridge using ovs-vsctl add-port option. Also I used ./stack script from devstack github and my local.conf as below:

    argela at cloud:~$ sudo ovs-vsctl add-port br-int eno4 tag=1

    argela at cloud:~$ sudo ovs-vsctl show
    ...
    Bridge br-int
        Port "tapb22e0bb6-c6"
            tag: 1
            Interface "tapb22e0bb6-c6"
                type: internal
        Port "eno4"
            tag: 1
            Interface "eno4"
   ...

    root at cloud:~/devstack# cat local.conf
    [[local|localrc]]
    ADMIN_PASSWORD=admin
    DATABASE_PASSWORD=$ADMIN_PASSWORD
    RABBIT_PASSWORD=$ADMIN_PASSWORD
    SERVICE_PASSWORD=$ADMIN_PASSWORD

    FLAT_INTERFACE=eno1,eno3,eno4,eno5,eno6,eno7,eno8

    # Fixed and floating subnets
    FIXED_RANGE=10.254.1.0/24
    FLOATING_RANGE="192.168.111.0/24"

When I run dhclient in the instance launched from OpenStack, I can see the bootp/dhcp messages in the dhcp network space, but when I tried to run dhclient in external laptop, I can only see the discover message in dhcp namespace, the laptop cannot get any response. So VM can get an IP address but the laptop cannot. I checked the iptables and flow-entries in OvS but I could not understand why laptop cannot get response from dhcp namespace.

    stack at cloud:~/devstack$ ip netns list
    qrouter-b1285ebf-d7f6-4af5-bf13-54356b073ca2
    qdhcp-f0d79126-a5f2-46a6-90a9-b0e2f805f93d

dhcp namespace iptable is as follows:

    root at cloud:~/devstack# iptables -S
    -P INPUT ACCEPT
    -P FORWARD ACCEPT
    -P OUTPUT ACCEPT
    -N neutron-dhcp-age-FORWARD
    -N neutron-dhcp-age-INPUT
    -N neutron-dhcp-age-OUTPUT
    -N neutron-dhcp-age-local
    -N neutron-filter-top
    -A INPUT -j neutron-dhcp-age-INPUT
    -A FORWARD -j neutron-filter-top
    -A FORWARD -j neutron-dhcp-age-FORWARD
    -A OUTPUT -j neutron-filter-top
    -A OUTPUT -j neutron-dhcp-age-OUTPUT
    -A neutron-filter-top -j neutron-dhcp-age-local

One more question. I can see that there are namespaces created by OpenStack, qrouter and qdhcp. I know that if I want to connect the namespace to OvS, I need to create Veth Pairs (e.g. ip link add veth0 type veth peer name veth1), and then assign one peer to a namespace (e.g. ip link set veth1 netns blue) and the other into OvS. But for OpenStack I also cannot any vert pairs. How did OpenStack connect the dhcp namespace to OvS? How can I find out which "vert peer" the dhcp namespaces use.

Hope someone answers. Thanks in advance.

- Volkan

More information about the Openstack mailing list