Hi, Is there a way to tweak ovs-vswitch for handling packets more than mtu size?
I get error messages like "openvswitch dropped over-mtu packets 1542>1500" On Mon, Mar 31, 2014 at 4:10 PM, Gurucharan Shetty <shet...@nicira.com>wrote: > On Mon, Mar 31, 2014 at 12:52 PM, Shivaramakrishnan Vaidyanathan > <shivaramakrishnan...@gmail.com> wrote: > > Though I am able to reach any of vm's on a host from another host > machine.I > > am not able to reach outside ip from the vm's. > Well, if your bridge in the hypervisor does not have a way to reach > outside ips, your VMs can't either. > > One way is to give your VMs 2 interfaces. One of them is a mgmt > interface which should be connected to a bridge in the hypervisor that > also has another port through which you can reach the internet. Other > VM interface is connected to a bridge that has GRE tunnels for your > data network. > > > > > > Also,this is where I find it strange.I have a nfs server process running > on > > host1 vm1. When i try to write to a nfs share from a vm2 on another host2 > > connected via gre,i am not able to complete the write. Though the mount > > succeeds.Is there any tweeking that needs to be done here? > I don't have any suggestions here. May be you should ask a separate > question for that. > > > > > > > On Mon, Mar 31, 2014 at 3:10 PM, Shivaramakrishnan Vaidyanathan > > <shivaramakrishnan...@gmail.com> wrote: > >> > >> Hello, > >> Thanks a lot,It worked. > >> I am able to communicate now between the two vm's on different hosts > using > >> multiple gre tunnels. > >> But I am not able to communicate to an outside ip(say 4.2.2.2) from > vm.Is > >> there a config required for this? > >> How do i give outside connectivity for vm's. > >> > >> > >> On Mon, Mar 31, 2014 at 2:41 PM, Gurucharan Shetty <shet...@nicira.com> > >> wrote: > >>> > >>> On Mon, Mar 31, 2014 at 10:07 AM, Shivaramakrishnan Vaidyanathan > >>> <shivaramakrishnan...@gmail.com> wrote: > >>> > Thanks a lot. > >>> > According to what i understand, > >>> > Host 1: IP -- a.b.c.d > >>> > > >>> > ovs-vsctl add-port virbr3 gre2 -- set interface gre2 type=gre > >>> > options:remote_ip:p.q.r.s options:key=30 > >>> > > >>> > Host2: IP -- p.q.r.s > >>> > ovs-vsctl add-port virbr3 gre2 -- set interface gre2 type=gre > >>> > options:remote_ip:a.b.c.d options:key=30 > >>> > > >>> > Is this what you mentioned?Just to confirm. > >>> Yes. You have 2 pairs of gre tunnels. Each pair should have the same > >>> key. In the above example that you have given, you have set one pair > >>> as 30. You can set the other pair as 40. > >>> > >>> > >>> > > >>> > > >>> > On Mon, Mar 31, 2014 at 12:29 PM, Gurucharan Shetty > >>> > <shet...@nicira.com> > >>> > wrote: > >>> >> > >>> >> On Mon, Mar 31, 2014 at 9:20 AM, Shivaramakrishnan Vaidyanathan > >>> >> <shivaramakrishnan...@gmail.com> wrote: > >>> >> > Thanks a lot Gurucharan. > >>> >> > I am pretty new to openvswitch.Can you provide the command to > >>> >> > achieve > >>> >> > this? > >>> >> > Looking forward to your reply. > >>> >> > >>> >> The man page says: > >>> >> .... > >>> >> .... > >>> >> Tunnel Options: > >>> >> These options apply to interfaces with type of gre, > ipsec_gre, > >>> >> gre64, > >>> >> ipsec_gre64, vxlan, and lisp. > >>> >> > >>> >> Each tunnel must be uniquely identified by the > combination > >>> >> of > >>> >> type, > >>> >> options:remote_ip, options:local_ip, and options:in_key. If > >>> >> two > >>> >> ports > >>> >> are defined that are the same except one has an optional > >>> >> identifier > >>> >> and > >>> >> the other does not, the more specific one is > matched > >>> >> first. > >>> >> options:in_key is considered more specific than > >>> >> options:local_ip > >>> >> if a > >>> >> port defines one and another port defines the other. > >>> >> .... > >>> >> ... > >>> >> options : key: optional string > >>> >> Optional. Shorthand to set in_key and out_key at the > >>> >> same > >>> >> time. > >>> >> ... > >>> >> ... > >>> >> > >>> >> So you can do something like: > >>> >> * If you create a new tunnel (the key should be same at both ends > and > >>> >> a different key at the other end): > >>> >> ovs-vsctl add-port virbr3 gre2 -- set interface gre2 type=gre > >>> >> options:remote_ip:p.q.r.s options:key=30 > >>> >> > >>> >> (note that your command does not have a '=' and instead has a ':'. > >>> >> Also your "ovs-vsctl show" does not print any o/p) > >>> >> > >>> >> * Or just add a key to a existing tunnel > >>> >> ovs-vsctl set interface gre0 options:key=20 > >>> >> > >>> >> If you can't debug well, start with a simpler configuration. i.e., a > >>> >> single gre tunnel. Once you get that working, you can build on top > of > >>> >> it. > >>> >> > >>> >> > > >>> >> > > >>> >> > On Mon, Mar 31, 2014 at 12:15 PM, Gurucharan Shetty > >>> >> > <shet...@nicira.com> > >>> >> > wrote: > >>> >> >> > >>> >> >> On Mon, Mar 31, 2014 at 9:12 AM, Shivaramakrishnan Vaidyanathan > >>> >> >> <shivaramakrishnan...@gmail.com> wrote: > >>> >> >> > So in that case,essentially we cant have multiple gre tunnels? > >>> >> >> I think you can use unique keys to distinguish (Read "Tunnel > >>> >> >> Options" > >>> >> >> in "man ovs-vswitchd.conf.db"). > >>> >> >> > >>> >> >> > Though I have multiple bridges that vm's to communicate > between > >>> >> >> > each > >>> >> >> > other. > >>> >> >> > The requirement is I need to have multiple internal bridges for > >>> >> >> > vm's > >>> >> >> > and > >>> >> >> > just one external bridge. > >>> >> >> > Is there any alternative? > >>> >> >> > > >>> >> >> > > >>> >> >> > On Mon, Mar 31, 2014 at 11:44 AM, Gurucharan Shetty > >>> >> >> > <shet...@nicira.com> > >>> >> >> > wrote: > >>> >> >> >> > >>> >> >> >> On Mon, Mar 31, 2014 at 8:36 AM, Shiva > >>> >> >> >> <shivaramakrishnan...@gmail.com> > >>> >> >> >> wrote: > >>> >> >> >> > Hello, > >>> >> >> >> > > >>> >> >> >> > I am setting up two gre tunnels between two hosts using the > >>> >> >> >> > same > >>> >> >> >> > external > >>> >> >> >> > bridge.In this case (br1).I use virbr3 and virbr2 for > internal > >>> >> >> >> > communication. > >>> >> >> >> > > >>> >> >> >> > This is my config steps: > >>> >> >> >> > Hypervisor 1: > >>> >> >> >> > External communication > >>> >> >> >> > ovs-vsctl add-br br1 > >>> >> >> >> > ovs-vsctl add-port eth0 > >>> >> >> >> > ifconfig br1 p.q.r.s netmask 255.255.255.0 > >>> >> >> >> > > >>> >> >> >> > Internal bridge for vm communication > >>> >> >> >> > Tunnel1 : > >>> >> >> >> > > >>> >> >> >> > ovs-vsctl add-br virbr3 > >>> >> >> >> > ovs-vsctl show > >>> >> >> >> > ovs-vsctl add-port virbr3 gre2 -- set interface gre2 > type=gre > >>> >> >> >> > options:remote_ip:a.b.c.d > >>> >> >> >> > > >>> >> >> >> > Tunnel2: > >>> >> >> >> > > >>> >> >> >> > ovs-vsctl add-br virbr2 > >>> >> >> >> > ovs-vsctl show > >>> >> >> >> > ovs-vsctl add-port virbr2 gre0 -- set interface gre0 > type=gre > >>> >> >> >> > options:remote_ip:a.b.c.d > >>> >> >> >> Consider the case for the traffic coming into Hypervisor1. I > >>> >> >> >> don't > >>> >> >> >> think it is possible to figure out which of the two end points > >>> >> >> >> the > >>> >> >> >> packet needs to be delivered to because the 2 gre tunnels are > >>> >> >> >> not > >>> >> >> >> unique. > >>> >> >> >> > >>> >> >> >> I think if you delete one of your virbr* in each of the > >>> >> >> >> machines, > >>> >> >> >> you > >>> >> >> >> should be able to communicate. > >>> >> >> >> > >>> >> >> >> > >>> >> >> >> > > >>> >> >> >> > > >>> >> >> >> > Hypervisor 2: > >>> >> >> >> > External communication > >>> >> >> >> > ovs-vsctl add-br br1 > >>> >> >> >> > ovs-vsctl add-port eth0 > >>> >> >> >> > ifconfig br1 a.b.c.d netmask 255.255.255.0 > >>> >> >> >> > > >>> >> >> >> > Internal bridge for vm communication > >>> >> >> >> > > >>> >> >> >> > Tunnel1: > >>> >> >> >> > > >>> >> >> >> > > >>> >> >> >> > ovs-vsctl add-br virbr3 > >>> >> >> >> > ovs-vsctl show > >>> >> >> >> > ovs-vsctl add-port virbr3 gre2 -- set interface gre2 > type=gre > >>> >> >> >> > options:remote_ip:p.q.r.s > >>> >> >> >> > > >>> >> >> >> > Tunnel2: > >>> >> >> >> > > >>> >> >> >> > ovs-vsctl add-br virbr2 > >>> >> >> >> > ovs-vsctl show > >>> >> >> >> > ovs-vsctl add-port virbr3 gre0 -- set interface gre0 > type=gre > >>> >> >> >> > options:remote_ip:p.q.r.s > >>> >> >> >> > > >>> >> >> >> > > >>> >> >> >> > I am not able to communicate outside world from the vm's.I > am > >>> >> >> >> > just > >>> >> >> >> > able > >>> >> >> >> > to > >>> >> >> >> > reach the host on which vm resides and viceversa.Can you > >>> >> >> >> > please > >>> >> >> >> > let > >>> >> >> >> > me > >>> >> >> >> > know > >>> >> >> >> > what am i missing here? > >>> >> >> >> > > >>> >> >> >> > Your help in this regard is greatly appreciated. > >>> >> >> >> > > >>> >> >> >> > > >>> >> >> >> > _______________________________________________ > >>> >> >> >> > discuss mailing list > >>> >> >> >> > discuss@openvswitch.org > >>> >> >> >> > http://openvswitch.org/mailman/listinfo/discuss > >>> >> >> >> > > >>> >> >> > > >>> >> >> > > >>> >> > > >>> >> > > >>> > > >>> > > >> > >> > > >
_______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
