Hello, On my compute hosts I don't have any rules except those which neutron agent is creating.
-- Best regards / Pozdrawiam Sławek Kapłoński sla...@kaplonski.pl On Fri, 02 Oct 2015, Mike Lowe wrote: > One thing that I always forget is iptables rules to allow the udp port 8472 > vxlan packets in. > > > On Oct 2, 2015, at 4:41 PM, Sławek Kapłoński <sla...@kaplonski.pl> wrote: > > > > Hello, > > > > I'm trying to configure small openstack infra (one network node, 2 > > compute nodes) with linux bridge and vxlan tenant networks. I don't know > > what I'm doing wrong but my instances have no connection between > > each other. On compute hosts I run neutron-plugin-linuxbrigde-agent > > with config like: > > > > ------------------ > > [ml2_type_vxlan] > > # (ListOpt) Comma-separated list of <vni_min>:<vni_max> tuples > > # enumerating > > # ranges of VXLAN VNI IDs that are available for tenant network > > # allocation. > > # > > vni_ranges = 10000:20000 > > > > # (StrOpt) Multicast group for the VXLAN interface. When configured, > > # will > > # enable sending all broadcast traffic to this multicast group. When > > # left > > # unconfigured, will disable multicast VXLAN mode. > > # > > # vxlan_group = > > # Example: vxlan_group = 239.1.1.1 > > > > [securitygroup] > > # Controls if neutron security group is enabled or not. > > # It should be false when you use nova security group. > > enable_security_group = True > > > > # Use ipset to speed-up the iptables security groups. Enabling ipset > > # support > > # requires that ipset is installed on L2 agent node. > > enable_ipset = True > > > > firewall_driver = > > neutron.agent.linux.iptables_firewall.IptablesFirewallDriver > > > > [ovs] > > local_ip = 10.1.0.4 > > > > [agent] > > tunnel_types = vxlan > > > > [linuxbridge] > > physical_interface_mappings = physnet1:eth1 > > > > [vxlan] > > local_ip = 10.1.0.4 > > l2_population = True > > enable_vxlan = True > > ------------------- > > > > Eth1 is my "tunnel network" which should be used for tunnels. When I > > spawn vms on compute 1 and 2 and after configuring network manually on > > both vms (dhcp is not working also because of broken tunnels probably) > > it not pings. > > Even when I started two instances on same host and they are both > > connected to one bridge: > > > > ------------------- > > root@compute-2:/usr/lib/python2.7/dist-packages/neutron# brctl show > > bridge name bridge id STP enabled interfaces > > brq8fe8a32f-e6 8000.ce544d0c0e5d no > > tap691a138a-6c > > tapbc1e5179-53 > > vxlan-10052 > > virbr0 8000.5254007611ab yes virbr0-nic > > ------------------- > > > > those 2 vms are not pinging each other :/ > > I don't have any expeirence with linux bridge in fact (For now I was always > > using ovs). Maybe someone of You will know what I should check or what I > > should > > configure wrong :/ Generally I was installing this openstack according to > > official openstack documentation but in this docs there is info about > > ovs+gre > > tunnels and that is what I changed. I'm using Ubuntu 14.04 and Openstack > > Kilo > > installed from cloud archive repo. > > > > -- > > Best regards / Pozdrawiam > > Sławek Kapłoński > > sla...@kaplonski.pl > > > > _______________________________________________ > > OpenStack-operators mailing list > > openstack-operat...@lists.openstack.org > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators > _______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
