On Mon, Mar 31, 2014 at 3:38 PM, Shivaramakrishnan Vaidyanathan <shivaramakrishnan...@gmail.com> wrote: > Hi, > Is there a way to tweak ovs-vswitch for handling packets more than mtu size? > > I get error messages like "openvswitch dropped over-mtu packets 1542>1500" I think one way to solve it is to reduce the mtu size of your VM's network interface. I suppose this is coming from the GRE tunnel overhead.
> > > On Mon, Mar 31, 2014 at 4:10 PM, Gurucharan Shetty <shet...@nicira.com> > wrote: >> >> On Mon, Mar 31, 2014 at 12:52 PM, Shivaramakrishnan Vaidyanathan >> <shivaramakrishnan...@gmail.com> wrote: >> > Though I am able to reach any of vm's on a host from another host >> > machine.I >> > am not able to reach outside ip from the vm's. >> Well, if your bridge in the hypervisor does not have a way to reach >> outside ips, your VMs can't either. >> >> One way is to give your VMs 2 interfaces. One of them is a mgmt >> interface which should be connected to a bridge in the hypervisor that >> also has another port through which you can reach the internet. Other >> VM interface is connected to a bridge that has GRE tunnels for your >> data network. >> >> >> > >> > Also,this is where I find it strange.I have a nfs server process running >> > on >> > host1 vm1. When i try to write to a nfs share from a vm2 on another >> > host2 >> > connected via gre,i am not able to complete the write. Though the mount >> > succeeds.Is there any tweeking that needs to be done here? >> I don't have any suggestions here. May be you should ask a separate >> question for that. >> >> > >> > >> > On Mon, Mar 31, 2014 at 3:10 PM, Shivaramakrishnan Vaidyanathan >> > <shivaramakrishnan...@gmail.com> wrote: >> >> >> >> Hello, >> >> Thanks a lot,It worked. >> >> I am able to communicate now between the two vm's on different hosts >> >> using >> >> multiple gre tunnels. >> >> But I am not able to communicate to an outside ip(say 4.2.2.2) from >> >> vm.Is >> >> there a config required for this? >> >> How do i give outside connectivity for vm's. >> >> >> >> >> >> On Mon, Mar 31, 2014 at 2:41 PM, Gurucharan Shetty <shet...@nicira.com> >> >> wrote: >> >>> >> >>> On Mon, Mar 31, 2014 at 10:07 AM, Shivaramakrishnan Vaidyanathan >> >>> <shivaramakrishnan...@gmail.com> wrote: >> >>> > Thanks a lot. >> >>> > According to what i understand, >> >>> > Host 1: IP -- a.b.c.d >> >>> > >> >>> > ovs-vsctl add-port virbr3 gre2 -- set interface gre2 type=gre >> >>> > options:remote_ip:p.q.r.s options:key=30 >> >>> > >> >>> > Host2: IP -- p.q.r.s >> >>> > ovs-vsctl add-port virbr3 gre2 -- set interface gre2 type=gre >> >>> > options:remote_ip:a.b.c.d options:key=30 >> >>> > >> >>> > Is this what you mentioned?Just to confirm. >> >>> Yes. You have 2 pairs of gre tunnels. Each pair should have the same >> >>> key. In the above example that you have given, you have set one pair >> >>> as 30. You can set the other pair as 40. >> >>> >> >>> >> >>> > >> >>> > >> >>> > On Mon, Mar 31, 2014 at 12:29 PM, Gurucharan Shetty >> >>> > <shet...@nicira.com> >> >>> > wrote: >> >>> >> >> >>> >> On Mon, Mar 31, 2014 at 9:20 AM, Shivaramakrishnan Vaidyanathan >> >>> >> <shivaramakrishnan...@gmail.com> wrote: >> >>> >> > Thanks a lot Gurucharan. >> >>> >> > I am pretty new to openvswitch.Can you provide the command to >> >>> >> > achieve >> >>> >> > this? >> >>> >> > Looking forward to your reply. >> >>> >> >> >>> >> The man page says: >> >>> >> .... >> >>> >> .... >> >>> >> Tunnel Options: >> >>> >> These options apply to interfaces with type of gre, >> >>> >> ipsec_gre, >> >>> >> gre64, >> >>> >> ipsec_gre64, vxlan, and lisp. >> >>> >> >> >>> >> Each tunnel must be uniquely identified by the >> >>> >> combination >> >>> >> of >> >>> >> type, >> >>> >> options:remote_ip, options:local_ip, and options:in_key. If >> >>> >> two >> >>> >> ports >> >>> >> are defined that are the same except one has an optional >> >>> >> identifier >> >>> >> and >> >>> >> the other does not, the more specific one is >> >>> >> matched >> >>> >> first. >> >>> >> options:in_key is considered more specific than >> >>> >> options:local_ip >> >>> >> if a >> >>> >> port defines one and another port defines the other. >> >>> >> .... >> >>> >> ... >> >>> >> options : key: optional string >> >>> >> Optional. Shorthand to set in_key and out_key at the >> >>> >> same >> >>> >> time. >> >>> >> ... >> >>> >> ... >> >>> >> >> >>> >> So you can do something like: >> >>> >> * If you create a new tunnel (the key should be same at both ends >> >>> >> and >> >>> >> a different key at the other end): >> >>> >> ovs-vsctl add-port virbr3 gre2 -- set interface gre2 type=gre >> >>> >> options:remote_ip:p.q.r.s options:key=30 >> >>> >> >> >>> >> (note that your command does not have a '=' and instead has a ':'. >> >>> >> Also your "ovs-vsctl show" does not print any o/p) >> >>> >> >> >>> >> * Or just add a key to a existing tunnel >> >>> >> ovs-vsctl set interface gre0 options:key=20 >> >>> >> >> >>> >> If you can't debug well, start with a simpler configuration. i.e., >> >>> >> a >> >>> >> single gre tunnel. Once you get that working, you can build on top >> >>> >> of >> >>> >> it. >> >>> >> >> >>> >> > >> >>> >> > >> >>> >> > On Mon, Mar 31, 2014 at 12:15 PM, Gurucharan Shetty >> >>> >> > <shet...@nicira.com> >> >>> >> > wrote: >> >>> >> >> >> >>> >> >> On Mon, Mar 31, 2014 at 9:12 AM, Shivaramakrishnan Vaidyanathan >> >>> >> >> <shivaramakrishnan...@gmail.com> wrote: >> >>> >> >> > So in that case,essentially we cant have multiple gre tunnels? >> >>> >> >> I think you can use unique keys to distinguish (Read "Tunnel >> >>> >> >> Options" >> >>> >> >> in "man ovs-vswitchd.conf.db"). >> >>> >> >> >> >>> >> >> > Though I have multiple bridges that vm's to communicate >> >>> >> >> > between >> >>> >> >> > each >> >>> >> >> > other. >> >>> >> >> > The requirement is I need to have multiple internal bridges >> >>> >> >> > for >> >>> >> >> > vm's >> >>> >> >> > and >> >>> >> >> > just one external bridge. >> >>> >> >> > Is there any alternative? >> >>> >> >> > >> >>> >> >> > >> >>> >> >> > On Mon, Mar 31, 2014 at 11:44 AM, Gurucharan Shetty >> >>> >> >> > <shet...@nicira.com> >> >>> >> >> > wrote: >> >>> >> >> >> >> >>> >> >> >> On Mon, Mar 31, 2014 at 8:36 AM, Shiva >> >>> >> >> >> <shivaramakrishnan...@gmail.com> >> >>> >> >> >> wrote: >> >>> >> >> >> > Hello, >> >>> >> >> >> > >> >>> >> >> >> > I am setting up two gre tunnels between two hosts using the >> >>> >> >> >> > same >> >>> >> >> >> > external >> >>> >> >> >> > bridge.In this case (br1).I use virbr3 and virbr2 for >> >>> >> >> >> > internal >> >>> >> >> >> > communication. >> >>> >> >> >> > >> >>> >> >> >> > This is my config steps: >> >>> >> >> >> > Hypervisor 1: >> >>> >> >> >> > External communication >> >>> >> >> >> > ovs-vsctl add-br br1 >> >>> >> >> >> > ovs-vsctl add-port eth0 >> >>> >> >> >> > ifconfig br1 p.q.r.s netmask 255.255.255.0 >> >>> >> >> >> > >> >>> >> >> >> > Internal bridge for vm communication >> >>> >> >> >> > Tunnel1 : >> >>> >> >> >> > >> >>> >> >> >> > ovs-vsctl add-br virbr3 >> >>> >> >> >> > ovs-vsctl show >> >>> >> >> >> > ovs-vsctl add-port virbr3 gre2 -- set interface gre2 >> >>> >> >> >> > type=gre >> >>> >> >> >> > options:remote_ip:a.b.c.d >> >>> >> >> >> > >> >>> >> >> >> > Tunnel2: >> >>> >> >> >> > >> >>> >> >> >> > ovs-vsctl add-br virbr2 >> >>> >> >> >> > ovs-vsctl show >> >>> >> >> >> > ovs-vsctl add-port virbr2 gre0 -- set interface gre0 >> >>> >> >> >> > type=gre >> >>> >> >> >> > options:remote_ip:a.b.c.d >> >>> >> >> >> Consider the case for the traffic coming into Hypervisor1. I >> >>> >> >> >> don't >> >>> >> >> >> think it is possible to figure out which of the two end >> >>> >> >> >> points >> >>> >> >> >> the >> >>> >> >> >> packet needs to be delivered to because the 2 gre tunnels are >> >>> >> >> >> not >> >>> >> >> >> unique. >> >>> >> >> >> >> >>> >> >> >> I think if you delete one of your virbr* in each of the >> >>> >> >> >> machines, >> >>> >> >> >> you >> >>> >> >> >> should be able to communicate. >> >>> >> >> >> >> >>> >> >> >> >> >>> >> >> >> > >> >>> >> >> >> > >> >>> >> >> >> > Hypervisor 2: >> >>> >> >> >> > External communication >> >>> >> >> >> > ovs-vsctl add-br br1 >> >>> >> >> >> > ovs-vsctl add-port eth0 >> >>> >> >> >> > ifconfig br1 a.b.c.d netmask 255.255.255.0 >> >>> >> >> >> > >> >>> >> >> >> > Internal bridge for vm communication >> >>> >> >> >> > >> >>> >> >> >> > Tunnel1: >> >>> >> >> >> > >> >>> >> >> >> > >> >>> >> >> >> > ovs-vsctl add-br virbr3 >> >>> >> >> >> > ovs-vsctl show >> >>> >> >> >> > ovs-vsctl add-port virbr3 gre2 -- set interface gre2 >> >>> >> >> >> > type=gre >> >>> >> >> >> > options:remote_ip:p.q.r.s >> >>> >> >> >> > >> >>> >> >> >> > Tunnel2: >> >>> >> >> >> > >> >>> >> >> >> > ovs-vsctl add-br virbr2 >> >>> >> >> >> > ovs-vsctl show >> >>> >> >> >> > ovs-vsctl add-port virbr3 gre0 -- set interface gre0 >> >>> >> >> >> > type=gre >> >>> >> >> >> > options:remote_ip:p.q.r.s >> >>> >> >> >> > >> >>> >> >> >> > >> >>> >> >> >> > I am not able to communicate outside world from the vm's.I >> >>> >> >> >> > am >> >>> >> >> >> > just >> >>> >> >> >> > able >> >>> >> >> >> > to >> >>> >> >> >> > reach the host on which vm resides and viceversa.Can you >> >>> >> >> >> > please >> >>> >> >> >> > let >> >>> >> >> >> > me >> >>> >> >> >> > know >> >>> >> >> >> > what am i missing here? >> >>> >> >> >> > >> >>> >> >> >> > Your help in this regard is greatly appreciated. >> >>> >> >> >> > >> >>> >> >> >> > >> >>> >> >> >> > _______________________________________________ >> >>> >> >> >> > discuss mailing list >> >>> >> >> >> > discuss@openvswitch.org >> >>> >> >> >> > http://openvswitch.org/mailman/listinfo/discuss >> >>> >> >> >> > >> >>> >> >> > >> >>> >> >> > >> >>> >> > >> >>> >> > >> >>> > >> >>> > >> >> >> >> >> > > > _______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
