Hi Amir, One point to check is the security rules set in your controller. Check if you have set the ingress/egress rules set for ICMP protocol (ping) which will otherwise block traffic from external hosts to the tenant VM.
Regards, Akash From: yatin kumbhare <yatinkumbh...@gmail.com> To: Amir Huskić <amir.hus...@gmail.com> Cc: "openstack@lists.openstack.org" <openstack@lists.openstack.org> Date: 10/19/2015 03:56 PM Subject: Re: [Openstack] Openstack Kilo Vxlan tunnel single NIC setup Hi Amir, Not quite sure, as I haven't tried such a thing. but IMHO, you might require l2-gateway. Kind of this: https://www.youtube.com/watch?v=74Wfr4myf5k Regards, Yatin On Mon, Oct 19, 2015 at 4:35 AM, Amir Huskić <amir.hus...@gmail.com> wrote: Hello James, I use underscores in ml2 config file as You suggested. Also made some changes in config file. Here is available: https://www.dropbox.com/s/fuzwiyuyfngyyl2/ml2_conf.ini?dl=0 Summary: - can ping from OS host to external gw and external linux host - can ping from tenant VM to external gw and external linux host - can't ping OS host and tenant VM floating IP from external linux host - tcpdump on br-ex and eth0 interface is showing arp request during ping request from linux external host using vxlan segment For additional info please check info from CLI screen here: https://www.dropbox.com/s/fv5hen4jbo6fmby/CLI_debug.txt?dl=0 Accidently I deleted symbolic link in log files pointing to agent log. Unfortunately I don't know how to create it again with proper permissions. I tried with chmod and chown using reference command but without much success. lrwxrwxrwx 1 amir amir 43 Sep 19 15:26 screen-n-sch.log -> /opt/stack/logs/n-sch.log.2015-09-19-150746 -rw-r--r-- 1 amir amir 245730291 Okt 18 14:00 screen-q-agt.log lrwxrwxrwx 1 amir amir 44 Sep 19 15:25 screen-q-dhcp.log -> /opt/stack/logs/q-dhcp.log.2015-09-19-150746 Thank you for your help and time. Kind regards, Amir On Wed, Oct 14, 2015 at 4:06 PM, James Denton <james.den...@rackspace.com > wrote: Hi Amir, A couple of recommendations: - Your vxlan_group setting has an extra dot at the end that may be causing issues: [ml2_type_vxlan] vxlan_group = 239.0.0.0. - Your [OVS] block has some incorrect options. Use underscores rather than spaces: [ovs] bridge_mappings = public:br-ex local_ip = 192.168.100.100 vxlan_udp_port = 8472 tunnel type = vxlan tunnel id ranges = 1001:2000 tenant network type = vxlan enable tunneling = true - Same goes for [agent] as well: [agent] tunnel_types = vxlan root_helper_daemon = sudo /usr/local/bin/neutron-rootwrap-daemon /etc/neutron/rootwrap.conf root_helper = sudo /usr/local/bin/neutron-rootwrap /etc/neutron/rootwrap.conf #tunnel_types = vxlan vxlan_udp_port = 8472 l2 population = false Start by correcting those issues and restart the OVS agents across your hosts. The agent log may be of help here as well. James On Oct 14, 2015, at 2:38 AM, Amir Huskić <amir.hus...@gmail.com> wrote: Hello, there is also my ml2_conf.ini file: https://dl.dropboxusercontent.com/u/4298410/ml2_conf.ini Could problem be related to single NIC installation? Is it possible to have same interface for bridge mappings and also for tunnel bridge? Example below: bridge_mappings = public:br-ex integration bridge = br-int tunnel bridge = br-ex Thank you. Regards, Amir On Mon, Oct 12, 2015 at 3:53 PM, Amir Huskić < amir.hus...@gmail.com> wrote: Hi all, I'm trying to setup up Openstack test lab. I deployed Openstack Kilo (Devstack) on PC running Ubuntu LTS 14.02 with single NIC. Tenants are isolated with vxlan networks. I can ping from VMs to external network PCs, SSH login from external PCs to tenants VMs floating IP address, etc. I would like also to connect tenant VMs to external network physical Linux host using vxlan tunnel and have L2 connectivity between VM and physical Linux host over L3 network. Vxlan interface on Linux physical host is up and running. When I am trying to ping from Linux physical host to Openstack VM (not floating IP) using same subnet L2 address (example ping from 192.168.10.10 to 192.168.10.11) UDP packets on port 8472 are coming to Openstack br-ex interface with ARP request. Problem is that I can't setup vxlan tunnel on Openstack. Command "sudo ovs-vsctl show" doesn't show any vxlan tunnels. Also when I try to ping from VM to Linux host using L2 IP address (ping from 192.168.10.11 to 192.168.10.10) tcpdump on br-ex doesn't show anything. My ml2_conf.ini files is configured following this guide: http://www.opencloudblog.com/?p=300 Thanks in advance for your help, Regards, Amir _______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack _______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack _______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
