On Mon, Mar 31, 2014 at 12:52 PM, Shivaramakrishnan Vaidyanathan <shivaramakrishnan...@gmail.com> wrote: > Though I am able to reach any of vm's on a host from another host machine.I > am not able to reach outside ip from the vm's. Well, if your bridge in the hypervisor does not have a way to reach outside ips, your VMs can't either.
One way is to give your VMs 2 interfaces. One of them is a mgmt interface which should be connected to a bridge in the hypervisor that also has another port through which you can reach the internet. Other VM interface is connected to a bridge that has GRE tunnels for your data network. > > Also,this is where I find it strange.I have a nfs server process running on > host1 vm1. When i try to write to a nfs share from a vm2 on another host2 > connected via gre,i am not able to complete the write. Though the mount > succeeds.Is there any tweeking that needs to be done here? I don't have any suggestions here. May be you should ask a separate question for that. > > > On Mon, Mar 31, 2014 at 3:10 PM, Shivaramakrishnan Vaidyanathan > <shivaramakrishnan...@gmail.com> wrote: >> >> Hello, >> Thanks a lot,It worked. >> I am able to communicate now between the two vm's on different hosts using >> multiple gre tunnels. >> But I am not able to communicate to an outside ip(say 4.2.2.2) from vm.Is >> there a config required for this? >> How do i give outside connectivity for vm's. >> >> >> On Mon, Mar 31, 2014 at 2:41 PM, Gurucharan Shetty <shet...@nicira.com> >> wrote: >>> >>> On Mon, Mar 31, 2014 at 10:07 AM, Shivaramakrishnan Vaidyanathan >>> <shivaramakrishnan...@gmail.com> wrote: >>> > Thanks a lot. >>> > According to what i understand, >>> > Host 1: IP -- a.b.c.d >>> > >>> > ovs-vsctl add-port virbr3 gre2 -- set interface gre2 type=gre >>> > options:remote_ip:p.q.r.s options:key=30 >>> > >>> > Host2: IP -- p.q.r.s >>> > ovs-vsctl add-port virbr3 gre2 -- set interface gre2 type=gre >>> > options:remote_ip:a.b.c.d options:key=30 >>> > >>> > Is this what you mentioned?Just to confirm. >>> Yes. You have 2 pairs of gre tunnels. Each pair should have the same >>> key. In the above example that you have given, you have set one pair >>> as 30. You can set the other pair as 40. >>> >>> >>> > >>> > >>> > On Mon, Mar 31, 2014 at 12:29 PM, Gurucharan Shetty >>> > <shet...@nicira.com> >>> > wrote: >>> >> >>> >> On Mon, Mar 31, 2014 at 9:20 AM, Shivaramakrishnan Vaidyanathan >>> >> <shivaramakrishnan...@gmail.com> wrote: >>> >> > Thanks a lot Gurucharan. >>> >> > I am pretty new to openvswitch.Can you provide the command to >>> >> > achieve >>> >> > this? >>> >> > Looking forward to your reply. >>> >> >>> >> The man page says: >>> >> .... >>> >> .... >>> >> Tunnel Options: >>> >> These options apply to interfaces with type of gre, ipsec_gre, >>> >> gre64, >>> >> ipsec_gre64, vxlan, and lisp. >>> >> >>> >> Each tunnel must be uniquely identified by the combination >>> >> of >>> >> type, >>> >> options:remote_ip, options:local_ip, and options:in_key. If >>> >> two >>> >> ports >>> >> are defined that are the same except one has an optional >>> >> identifier >>> >> and >>> >> the other does not, the more specific one is matched >>> >> first. >>> >> options:in_key is considered more specific than >>> >> options:local_ip >>> >> if a >>> >> port defines one and another port defines the other. >>> >> .... >>> >> ... >>> >> options : key: optional string >>> >> Optional. Shorthand to set in_key and out_key at the >>> >> same >>> >> time. >>> >> ... >>> >> ... >>> >> >>> >> So you can do something like: >>> >> * If you create a new tunnel (the key should be same at both ends and >>> >> a different key at the other end): >>> >> ovs-vsctl add-port virbr3 gre2 -- set interface gre2 type=gre >>> >> options:remote_ip:p.q.r.s options:key=30 >>> >> >>> >> (note that your command does not have a '=' and instead has a ':'. >>> >> Also your "ovs-vsctl show" does not print any o/p) >>> >> >>> >> * Or just add a key to a existing tunnel >>> >> ovs-vsctl set interface gre0 options:key=20 >>> >> >>> >> If you can't debug well, start with a simpler configuration. i.e., a >>> >> single gre tunnel. Once you get that working, you can build on top of >>> >> it. >>> >> >>> >> > >>> >> > >>> >> > On Mon, Mar 31, 2014 at 12:15 PM, Gurucharan Shetty >>> >> > <shet...@nicira.com> >>> >> > wrote: >>> >> >> >>> >> >> On Mon, Mar 31, 2014 at 9:12 AM, Shivaramakrishnan Vaidyanathan >>> >> >> <shivaramakrishnan...@gmail.com> wrote: >>> >> >> > So in that case,essentially we cant have multiple gre tunnels? >>> >> >> I think you can use unique keys to distinguish (Read "Tunnel >>> >> >> Options" >>> >> >> in "man ovs-vswitchd.conf.db"). >>> >> >> >>> >> >> > Though I have multiple bridges that vm's to communicate between >>> >> >> > each >>> >> >> > other. >>> >> >> > The requirement is I need to have multiple internal bridges for >>> >> >> > vm's >>> >> >> > and >>> >> >> > just one external bridge. >>> >> >> > Is there any alternative? >>> >> >> > >>> >> >> > >>> >> >> > On Mon, Mar 31, 2014 at 11:44 AM, Gurucharan Shetty >>> >> >> > <shet...@nicira.com> >>> >> >> > wrote: >>> >> >> >> >>> >> >> >> On Mon, Mar 31, 2014 at 8:36 AM, Shiva >>> >> >> >> <shivaramakrishnan...@gmail.com> >>> >> >> >> wrote: >>> >> >> >> > Hello, >>> >> >> >> > >>> >> >> >> > I am setting up two gre tunnels between two hosts using the >>> >> >> >> > same >>> >> >> >> > external >>> >> >> >> > bridge.In this case (br1).I use virbr3 and virbr2 for internal >>> >> >> >> > communication. >>> >> >> >> > >>> >> >> >> > This is my config steps: >>> >> >> >> > Hypervisor 1: >>> >> >> >> > External communication >>> >> >> >> > ovs-vsctl add-br br1 >>> >> >> >> > ovs-vsctl add-port eth0 >>> >> >> >> > ifconfig br1 p.q.r.s netmask 255.255.255.0 >>> >> >> >> > >>> >> >> >> > Internal bridge for vm communication >>> >> >> >> > Tunnel1 : >>> >> >> >> > >>> >> >> >> > ovs-vsctl add-br virbr3 >>> >> >> >> > ovs-vsctl show >>> >> >> >> > ovs-vsctl add-port virbr3 gre2 -- set interface gre2 type=gre >>> >> >> >> > options:remote_ip:a.b.c.d >>> >> >> >> > >>> >> >> >> > Tunnel2: >>> >> >> >> > >>> >> >> >> > ovs-vsctl add-br virbr2 >>> >> >> >> > ovs-vsctl show >>> >> >> >> > ovs-vsctl add-port virbr2 gre0 -- set interface gre0 type=gre >>> >> >> >> > options:remote_ip:a.b.c.d >>> >> >> >> Consider the case for the traffic coming into Hypervisor1. I >>> >> >> >> don't >>> >> >> >> think it is possible to figure out which of the two end points >>> >> >> >> the >>> >> >> >> packet needs to be delivered to because the 2 gre tunnels are >>> >> >> >> not >>> >> >> >> unique. >>> >> >> >> >>> >> >> >> I think if you delete one of your virbr* in each of the >>> >> >> >> machines, >>> >> >> >> you >>> >> >> >> should be able to communicate. >>> >> >> >> >>> >> >> >> >>> >> >> >> > >>> >> >> >> > >>> >> >> >> > Hypervisor 2: >>> >> >> >> > External communication >>> >> >> >> > ovs-vsctl add-br br1 >>> >> >> >> > ovs-vsctl add-port eth0 >>> >> >> >> > ifconfig br1 a.b.c.d netmask 255.255.255.0 >>> >> >> >> > >>> >> >> >> > Internal bridge for vm communication >>> >> >> >> > >>> >> >> >> > Tunnel1: >>> >> >> >> > >>> >> >> >> > >>> >> >> >> > ovs-vsctl add-br virbr3 >>> >> >> >> > ovs-vsctl show >>> >> >> >> > ovs-vsctl add-port virbr3 gre2 -- set interface gre2 type=gre >>> >> >> >> > options:remote_ip:p.q.r.s >>> >> >> >> > >>> >> >> >> > Tunnel2: >>> >> >> >> > >>> >> >> >> > ovs-vsctl add-br virbr2 >>> >> >> >> > ovs-vsctl show >>> >> >> >> > ovs-vsctl add-port virbr3 gre0 -- set interface gre0 type=gre >>> >> >> >> > options:remote_ip:p.q.r.s >>> >> >> >> > >>> >> >> >> > >>> >> >> >> > I am not able to communicate outside world from the vm's.I am >>> >> >> >> > just >>> >> >> >> > able >>> >> >> >> > to >>> >> >> >> > reach the host on which vm resides and viceversa.Can you >>> >> >> >> > please >>> >> >> >> > let >>> >> >> >> > me >>> >> >> >> > know >>> >> >> >> > what am i missing here? >>> >> >> >> > >>> >> >> >> > Your help in this regard is greatly appreciated. >>> >> >> >> > >>> >> >> >> > >>> >> >> >> > _______________________________________________ >>> >> >> >> > discuss mailing list >>> >> >> >> > discuss@openvswitch.org >>> >> >> >> > http://openvswitch.org/mailman/listinfo/discuss >>> >> >> >> > >>> >> >> > >>> >> >> > >>> >> > >>> >> > >>> > >>> > >> >> > _______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
