Re: [Openstack-operators] Help with multiple external network in openstack

Fri, 05 Jun 2015 08:08:59 -0700 

Since you are passing the tagged physical network device eth1.803 into the 
bridge, I think you need to use a flat network in the config/ external network 
create command. Otherwise it may do nested vlan tags.

Thanks,
Kevin

________________________________
From: Geo Varghese
Sent: Friday, June 05, 2015 5:38:33 AM
To: Miguel A Diaz Corchero
Cc: openstack-operators@lists.openstack.org
Subject: Re: [Openstack-operators] Help with multiple external network in 
openstack

Hi Miguel,

I am adding my content of /etc/neutron/plugins/ml2/ml2_conf.ini of controller

[ml2]
type_drivers = gre,vlan
tenant_network_types = gre,vlan
mechanism_drivers = openvswitch

[ml2_type_flat]
flat_networks =

[ml2_type_vlan]
network_vlan_ranges = physnet1:803:803,physnet2:805:805

[ml2_type_gre]
tunnel_id_ranges = 1:1000

[ml2_type_vxlan]
vni_ranges =
vxlan_group =

[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = 
neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

[ovs]
local_ip = 192.168.100.74
tunnel_type = gre
enable_tunneling = True
bridge_mappings = physnet1:br-ex803,physnet2:br-ex805

The content of /etc/neutron/l3_agent.ini of controller

[DEFAULT]
debug = True
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
gateway_external_network_id =
handle_internal_only_routers = True
external_network_bridge =
metadata_port = 9697
send_arp_for_ha = 3
periodic_interval = 40
periodic_fuzzy_delay = 5
router_delete_namespaces = False


Content of ovs-vsctl show  after creating the bridges

root@Node25:/home/geo# ovs-vsctl show
cd31399c-bdb7-4b79-9d51-acbec1a41619
    Bridge br-int
        fail_mode: secure
        Port int-br-ex
            Interface int-br-ex
        Port "qr-221f276d-81"
            tag: 1
            Interface "qr-221f276d-81"
                type: internal
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "int-br-ex805"
            Interface "int-br-ex805"
        Port "int-br-ex803"
            Interface "int-br-ex803"
        Port "qg-d3568030-c3"
            tag: 2
            Interface "qg-d3568030-c3"
                type: internal
        Port "tapd7bacca2-15"
            tag: 1
            Interface "tapd7bacca2-15"
                type: internal
        Port br-int
            Interface br-int
                type: internal
    Bridge "br-ex803"
        Port "eth1.803"
            Interface "eth1.803"
        Port "phy-br-ex803"
            Interface "phy-br-ex803"
        Port "br-ex803"
            Interface "br-ex803"
                type: internal
    Bridge br-tun
        Port "gre-c0a864fe"
            Interface "gre-c0a864fe"
                type: gre
                options: {in_key=flow, local_ip="192.168.100.74", out_key=flow, 
remote_ip="192.168.100.254"}
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
        Port br-tun
            Interface br-tun
                type: internal
    Bridge "br-ex805"
        Port "phy-br-ex805"
            Interface "phy-br-ex805"
        Port "br-ex805"
            Interface "br-ex805"
                type: internal
        Port "eth1.805"
            Interface "eth1.805"
    ovs_version: "2.0.2"


External network added by following commands

External network 1 =>

 neutron net-create ext-net1 --shared --router:external=True 
--provider:physical_network physnet1 --provider:network_type vlan 
--provider:segmentation_id 803

neutron subnet-create ext-net1 --name ext-subnet1 --allocation-pool 
start=192.168.200.150,end=192.168.200.160 --disable-dhcp 
192.168.200.0/24<http://192.168.200.0/24>

External network 2 =>
neutron net-create ext-net2 --shared --router:external=True 
--provider:physical_network physnet2 --provider:network_type vlan 
--provider:segmentation_id 805

neutron subnet-create ext-net2 --name ext-subnet1 --allocation-pool 
start=192.168.123.150,end=192.168.123.160 --disable-dhcp 
192.168.123.0/24<http://192.168.123.0/24>

Please update if you need any other details.

Thanks again for your time.


On Fri, Jun 5, 2015 at 5:05 PM, Geo Varghese 
<gvargh...@aqorn.com<mailto:gvargh...@aqorn.com>> wrote:
Hi Miguel,

Thanks for getting back to me.

I have already restarted both machines - controller and compute

Do i need to paste any commands or conf to debug it?


On Fri, Jun 5, 2015 at 4:55 PM, Miguel A Diaz Corchero 
<miguelangel.d...@externos.ciemat.es<mailto:miguelangel.d...@externos.ciemat.es>>
 wrote:
El 05/06/15 13:07, Geo Varghese escribió:
I tried it but somethig missing still, ping to floating IP seems not working
please, try to restart the L3 agent linked with that floating IP and let us know

do we have to add any changes to compute node  for it?
it shouldn't be necessary

Miguel.



On Fri, Jun 5, 2015 at 12:16 PM, Geo Varghese 
<gvargh...@aqorn.com<mailto:gvargh...@aqorn.com>> wrote:
Miguel,

Thanks thats a great link. Let me try it.

On Fri, Jun 5, 2015 at 12:04 PM, Miguel A Diaz Corchero 
<miguelangel.d...@externos.ciemat.es<mailto:miguelangel.d...@externos.ciemat.es>>
 wrote:
Following this link I configured it in my infrastructure. Maybe this can also 
help you.

https://www.softwareab.net/wordpress/openstack-adding-external-networks-neutron-gre/

Miguel.

El 04/06/15 23:15, Geo Varghese escribió:
Thanks a lot friend for explaining it. I am also using ubuntu.

let me try it. I will update you with the results.

On Fri, Jun 5, 2015 at 2:20 AM, Abrahams.Noah 
<noah.abrah...@igt.com<mailto:noah.abrah...@igt.com>> wrote:
Hi Geo,

First a disclaimer: I’m working on Ubuntu and Icehouse, so you might have 
different behavior, based on your distributions.  Also, I don’t have all the 
specifics and flags you might need, but hopefully this can point you in the 
right direction.  Also, also, the design below accounts for some VLAN 
segregation, and may be more complicated than what you need.

Since you already have the eth devices created, and assuming your routing is 
correct: I would create a new bridge for each vlan with ovs-vsctl (say, 
br-ex803 and br-ex805).  If you look at 
http://openvswitch.org/support/dist-docs/ovs-vsctl.8.txt you can find the 
syntax for add-br to create the bridge, then add-port to bind it to the eth 
device.  You can also use ovs-vsctl to set the trunks property on the port, 
after it’s created, which you’ll need for the vlan tagging.  Then, create a new 
physnet to match each one of those (physnet3, physnet4, etc) and include them 
in the bridge-mapping as “physnet3:br-ex803”, or something similar, and specify 
the VLANs as belonging to that particular physnet in the network_vlan_ranges 
parameter, like “…physnet3:803,physnet4:805”.

After all that, you’ll need to update the neutron sql database so the entry in 
the network segments table will point to the correct physnet.  Search it by the 
UUID of the network you’re creating, and update the physical_network property 
to match “physnet3” or whatever you create.  Then you can create a subnet from 
that network, allocate from it, and it should work.  You’ll also need to 
restart the openvswitch-agent and the L3-agent, probably before you create the 
subnet.

Noah Abrahams
Staff Engineer @ IGT  |  Central Platforms and Apps

From: Geo Varghese [mailto:gvargh...@aqorn.com<mailto:gvargh...@aqorn.com>]
Sent: Thursday, June 04, 2015 12:43 PM
To: Abrahams.Noah
Cc: 
openstack-operators@lists.openstack.org<mailto:openstack-operators@lists.openstack.org>
Subject: Re: [Openstack-operators] Help with multiple external network in 
openstack

Hi Noah,

Thanks a lot for valuable inputs.

I am using vlan tags for 2 external network and it configured on eth1.

The two interfaces for multiple external networks are eth1.803 and eth1.805

Currently i didn't created br-ex bridge as it is multiple network.


I have added vlan rages as =>

network_vlan_ranges = physnet1:100:2999

bridge_mappings as

bridge_mappings =


Can you please explain what are the configurations I have to do to implement it.

Thanks for your time.


On Fri, Jun 5, 2015 at 12:18 AM, Abrahams.Noah 
<noah.abrah...@igt.com<mailto:noah.abrah...@igt.com>> wrote:
Geo,

You also need to set the gateway_external_network_id variable to empty.  If you 
don’t, the L3 agent is either using the gateway from the network with the 
specified UUID, or can’t figure out which one to use.

Also, if the networks have VLAN tags that would be handled by the switch, you 
might need to create that network on an entirely separate bridge (for example: 
br-ex2) and bind it to your physical interface.  After you do that, go through 
all the associations, such as adding the new physnet# in your bridge mappings 
and vlan ranges in your ml2_conf.ini.

Noah Abrahams
Staff Engineer @ IGT  |  Central Platforms and Apps

From: Geo Varghese [mailto:gvargh...@aqorn.com<mailto:gvargh...@aqorn.com>]
Sent: Thursday, June 04, 2015 6:26 AM
To: 
openstack-operators@lists.openstack.org<mailto:openstack-operators@lists.openstack.org>;
 openst...@lists.openstack.org<mailto:openst...@lists.openstack.org>
Subject: [Openstack-operators] Help with multiple external network in openstack

Hi Team,
I need some help to setup multiple external network

In normal single external network we create br-ex bridge and add it in
/etc/neutron/l3_agent.ini
As

external_network_bridge = br-ex
It is working for me.
But in the case of multiple external network, this variable to be set to empty 
according to the docs. I did that but seems working.
Any one please specify whta other changes i have to do to make it working.
Thanks for your support guys.


--
Regards,
Geo Varghese
CONFIDENTIALITY NOTICE: This message is the property of International Game 
Technology PLC and/or its subsidiaries and may contain proprietary, 
confidential or trade secret information. This message is intended solely for 
the use of the addressee. If you are not the intended recipient and have 
received this message in error, please delete this message from your system. 
Any unauthorized reading, distribution, copying, or other use of this message 
or its attachments is strictly prohibited.



--
--
Regards,
Geo Varghese
CONFIDENTIALITY NOTICE: This message is the property of International Game 
Technology PLC and/or its subsidiaries and may contain proprietary, 
confidential or trade secret information. This message is intended solely for 
the use of the addressee. If you are not the intended recipient and have 
received this message in error, please delete this message from your system. 
Any unauthorized reading, distribution, copying, or other use of this message 
or its attachments is strictly prohibited.



--
--
Regards,
Geo Varghese



_______________________________________________
OpenStack-operators mailing list
OpenStack-operators@lists.openstack.org<mailto:OpenStack-operators@lists.openstack.org>
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators



_______________________________________________
OpenStack-operators mailing list
OpenStack-operators@lists.openstack.org<mailto:OpenStack-operators@lists.openstack.org>
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators




--
--
Regards,
Geo Varghese



--
--
Regards,
Geo Varghese




--
--
Regards,
Geo Varghese



--
--
Regards,
Geo Varghese

_______________________________________________
OpenStack-operators mailing list
OpenStack-operators@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators

Reply via email to