[Openstack] dhcp namespace and vert pairs?

Sławek Kapłoński slawek at kaplonski.pl
Sat Jul 29 20:14:22 UTC 2017 

Hello,

AFAIK DHCP namespace is connected to OVS with „internal” port created in br-int bridge (tapXXXX). This „tap” interface is then moved qdhcp namespace.
Neutron is configuring dnsmasq exactly for specified MAC addresses assigned to ports so You can’t get IP from this DHCP server for Your laptop as DHCP request is sent from not known MAC address.

—
Best regards
Slawek Kaplonski
slawek at kaplonski.pl




> Wiadomość napisana przez Ali Volkan Atli <Volkan.Atli at argela.com.tr> w dniu 17.07.2017, o godz. 12:46:
> 
> 
> I have a VM launched using OpenStack and a laptop added directly into integration bridge using ovs-vsctl add-port option. Also I used ./stack script from devstack github and my local.conf as below:
> 
>    argela at cloud:~$ sudo ovs-vsctl add-port br-int eno4 tag=1
> 
>    argela at cloud:~$ sudo ovs-vsctl show
>    ...
>    Bridge br-int
>        Port "tapb22e0bb6-c6"
>            tag: 1
>            Interface "tapb22e0bb6-c6"
>                type: internal
>        Port "eno4"
>            tag: 1
>            Interface "eno4"
>   ...
> 
>    root at cloud:~/devstack# cat local.conf
>    [[local|localrc]]
>    ADMIN_PASSWORD=admin
>    DATABASE_PASSWORD=$ADMIN_PASSWORD
>    RABBIT_PASSWORD=$ADMIN_PASSWORD
>    SERVICE_PASSWORD=$ADMIN_PASSWORD
> 
>    FLAT_INTERFACE=eno1,eno3,eno4,eno5,eno6,eno7,eno8
> 
>    # Fixed and floating subnets
>    FIXED_RANGE=10.254.1.0/24
>    FLOATING_RANGE="192.168.111.0/24"
> 
> When I run dhclient in the instance launched from OpenStack, I can see the bootp/dhcp messages in the dhcp network space, but when I tried to run dhclient in external laptop, I can only see the discover message in dhcp namespace, the laptop cannot get any response. So VM can get an IP address but the laptop cannot. I checked the iptables and flow-entries in OvS but I could not understand why laptop cannot get response from dhcp namespace.
> 
>    stack at cloud:~/devstack$ ip netns list
>    qrouter-b1285ebf-d7f6-4af5-bf13-54356b073ca2
>    qdhcp-f0d79126-a5f2-46a6-90a9-b0e2f805f93d
> 
> dhcp namespace iptable is as follows:
> 
>    root at cloud:~/devstack# iptables -S
>    -P INPUT ACCEPT
>    -P FORWARD ACCEPT
>    -P OUTPUT ACCEPT
>    -N neutron-dhcp-age-FORWARD
>    -N neutron-dhcp-age-INPUT
>    -N neutron-dhcp-age-OUTPUT
>    -N neutron-dhcp-age-local
>    -N neutron-filter-top
>    -A INPUT -j neutron-dhcp-age-INPUT
>    -A FORWARD -j neutron-filter-top
>    -A FORWARD -j neutron-dhcp-age-FORWARD
>    -A OUTPUT -j neutron-filter-top
>    -A OUTPUT -j neutron-dhcp-age-OUTPUT
>    -A neutron-filter-top -j neutron-dhcp-age-local
> 
> One more question. I can see that there are namespaces created by OpenStack, qrouter and qdhcp. I know that if I want to connect the namespace to OvS, I need to create Veth Pairs (e.g. ip link add veth0 type veth peer name veth1), and then assign one peer to a namespace (e.g. ip link set veth1 netns blue) and the other into OvS. But for OpenStack I also cannot any vert pairs. How did OpenStack connect the dhcp namespace to OvS? How can I find out which "vert peer" the dhcp namespaces use.
> 
> Hope someone answers. Thanks in advance.
> 
> - Volkan
> 
> _______________________________________________
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to     : openstack at lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20170729/be4d6f68/attachment.sig>

More information about the Openstack mailing list