Hi everyone,
Apologies if this has already been discussed. I searched the archives, but
can't find anything quite like this.
The immediate symptom is that my OS bridge shows a port using 'ovs-vsctl
show' but 'ovs-ofctl show' does not reflect the port. There's more to it
detailed below, but here's the quick view:
Bridge br-backend
Port "em1"
Interface "em1"
Port phy-br-backend
Interface phy-br-backend
Port br-backend
Interface br-backend
type: internal
# ovs-ofctl show br-backend
OFPT_FEATURES_REPLY (xid=0x2): dpid:0000561ee1bd5f4e
n_tables:254, n_buffers:256
capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP
actions: OUTPUT SET_VLAN_VID SET_VLAN_PCP STRIP_VLAN SET_DL_SRC SET_DL_DST
SET_NW_SRC SET_NW_DST SET_NW_TOS SET_TP_SRC SET_TP_DST ENQUEUE
2(phy-br-backend): addr:52:b2:14:ff:67:11
config: 0
state: 0
current: 10GB-FD COPPER
speed: 10000 Mbps now, 0 Mbps max
LOCAL(br-backend): addr:56:1e:e1:bd:5f:4e
config: 0
state: 0
speed: 0 Mbps now, 0 Mbps max
OFPT_GET_CONFIG_REPLY (xid=0x4): frags=normal miss_send_len=0
This system is a single ethernet system that I'm setting up as a network
gateway for a small openstack cluster. It's an Intel NUC system (basically
a demo openstack cloud that we can easily bring with us to shows).
Openstack's neutron networking uses several openvswitch bridges with patch
ports between them to connect VMs onto virtual networks and then connect
those virtual networks to the public interface through a software layer 3
router (which is little more than a NAT). In any event, Openstack's
networking model with VLANs uses 3 bridges: a bridge for the public
interface, an 'integration' bridge where VM ports are patched with one set
of VLAN ids, and a 'backend' bridge that allows patching VMs onto a
physical network while mapping to a different set of VLAN ids.
This image from the OpenStack docs lays it out pretty well:
http://docs.openstack.org/trunk/openstack-ops/content/figures/8/figures/osog_1202.png
Since this system only has 1 ethernet interface, the separate physical
networks are being replaced with VLAN interfaces. However, the physical
interface that has the "tentant vlans" (eth1 in this diagram) still has to
map to the physical interface so that multiple vlans can be assigned on top
of it. This ends up with a rather complex setup:
em1.1 is the public network and is added as a port to br-ex
em1.2 is used as a communication path for the compute nodes to reach the
network node (and provide dhcp isolation), but is not added as a port to
any bridge explicitly
em1 (the whole interface) is added as a port to br-backend , and openstack
then uses VLAN ids 100-199 for tenant networks as needed.
The problem seems to be that both em1 and em1.1 cannot be successfully
added as ports - even though they are attempted to be added as different
bridges.
Further, adding these reports success and they show up in the list-ports
for each bridge, but not in the flow list. Additionally,
/var/log/openvswitch/ovs-vswitchd.log logs an error when em1 is added to
br-backend if em1.1 is already in br-ex:
#ovs-vsctl add-port br-backend em1
2014-06-20T15:05:26.282Z|00028|dpif|WARN|system@ovs-system: failed to add
em1 as port: File exists
As another datapoint, I don't believe this happened in Ubuntu 12.04. My
suspicion is that I was using openvswitch in userspace (without the kernel
module) in 12.04, but it was also a much older version of openvswitch so
that may not be the critical difference.
My questions:
1) Is this configuration supposed to work/not work? Is adding both the
physical interface and a VLAN virtual interface from the same physical
interface to different openvswitch bridges an allowed configuration?
2) My thought for working around this is to drop em1.1 from the public
bridge, and instead make a patch port from br-backend VLAN 1 into the
public bridge. Does that seem like the cleanest way to work around this
(given that OpenStack needs all of these bridges to exist so it can do its
thing)?
Thanks to anyone who read this far, and double thanks to anyone that can
wrap all this in their head. It certainly took me awhile to work through!
Full ovs-vsctl show:
# ovs-vsctl show
0033cf90-003e-4e47-a436-0b5586348924
Bridge br-int
Port "qvo0f2f51b1-56"
tag: 1
Interface "qvo0f2f51b1-56"
Port br-int
Interface br-int
type: internal
Port int-br-backend
Interface int-br-backend
Port "qr-a6777ccb-74"
tag: 1
Interface "qr-a6777ccb-74"
type: internal
Port "tapa579fd68-57"
tag: 1
Interface "tapa579fd68-57"
type: internal
Bridge br-ex
Port br-ex
Interface br-ex
type: internal
Port "em1.1"
Interface "em1.1"
Port "qg-57425986-b3"
Interface "qg-57425986-b3"
type: internal
Bridge br-backend
Port phy-br-backend
Interface phy-br-backend
Port br-backend
Interface br-backend
type: internal
Port "em1"
Interface "em1"
ovs_version: "2.0.1"
--
Andrew Mann
DivvyCloud Inc.
www.divvycloud.com
_______________________________________________
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss
