Thank you all for suggestions and sorry for late answer. Now I have PC with two interfaces; eth0 for br-ex (LAN) and eth1 for vxlan/gre tunnel interface. Br-ex is working fine and also I can ping and access VM using floating IP. But still facing issue with vxlan/gre tunnels. Vxlan/gre port is not created on br-tun.
As I already wrote I'm trying to enable L2 connectivity between VMs running on single node Openstack Kilo instalation (Devstack) and external Linux host using vxlan/gre tunnel. Since there are now two NICs I'll open new thread. Regards, Amir On Mon, Oct 19, 2015 at 12:36 PM, Akash Gunjal <akgun...@in.ibm.com> wrote: > Hi Amir, > > One point to check is the security rules set in your controller. Check if > you have set the ingress/egress rules set for ICMP protocol (ping) which > will otherwise block traffic from external hosts to the tenant VM. > > Regards, > Akash > > [image: Inactive hide details for yatin kumbhare ---10/19/2015 03:56:22 > PM---Hi Amir, Not quite sure, as I haven't tried such a thing.]yatin > kumbhare ---10/19/2015 03:56:22 PM---Hi Amir, Not quite sure, as I haven't > tried such a thing. > > From: yatin kumbhare <yatinkumbh...@gmail.com> > To: Amir Huskić <amir.hus...@gmail.com> > Cc: "openstack@lists.openstack.org" <openstack@lists.openstack.org> > Date: 10/19/2015 03:56 PM > Subject: Re: [Openstack] Openstack Kilo Vxlan tunnel single NIC setup > ------------------------------ > > > > Hi Amir, > > Not quite sure, as I haven't tried such a thing. > > but IMHO, you might require l2-gateway. > > Kind of this: *https://www.youtube.com/watch?v=74Wfr4myf5k* > <https://www.youtube.com/watch?v=74Wfr4myf5k> > > Regards, > Yatin > > On Mon, Oct 19, 2015 at 4:35 AM, Amir Huskić <*amir.hus...@gmail.com* > <amir.hus...@gmail.com>> wrote: > > Hello James, > > I use underscores in ml2 config file as You suggested. Also made some > changes in config file. Here is available: > *https://www.dropbox.com/s/fuzwiyuyfngyyl2/ml2_conf.ini?dl=0* > <https://www.dropbox.com/s/fuzwiyuyfngyyl2/ml2_conf.ini?dl=0> > > Summary: > - can ping from OS host to external gw and external linux host > - can ping from tenant VM to external gw and external linux host > - can't ping OS host and tenant VM floating IP from external linux host > - tcpdump on br-ex and eth0 interface is showing arp request during > ping request from linux external host using vxlan segment > > For additional info please check info from CLI screen here: > *https://www.dropbox.com/s/fv5hen4jbo6fmby/CLI_debug.txt?dl=0* > <https://www.dropbox.com/s/fv5hen4jbo6fmby/CLI_debug.txt?dl=0> > > Accidently I deleted symbolic link in log files pointing to agent log. > Unfortunately I don't know how to create it again with proper permissions. > I tried with chmod and chown using reference command but without much > success. > > lrwxrwxrwx 1 amir amir 43 Sep 19 15:26 screen-n-sch.log -> > /opt/stack/logs/n-sch.log.2015-09-19-150746 > * -rw-r--r-- 1 amir amir 245730291 Okt 18 14:00 screen-q-agt.log* > lrwxrwxrwx 1 amir amir 44 Sep 19 15:25 screen-q-dhcp.log -> > /opt/stack/logs/q-dhcp.log.2015-09-19-150746 > > > Thank you for your help and time. > > Kind regards, > Amir > > > On Wed, Oct 14, 2015 at 4:06 PM, James Denton < > *james.den...@rackspace.com* <james.den...@rackspace.com>> wrote: > Hi Amir, > > A couple of recommendations: > > - Your vxlan_group setting has an extra dot at the end that may be > causing issues: > [ml2_type_vxlan] > vxlan_group = 239.0.0.0. > - Your [OVS] block has some incorrect options. Use underscores rather > than spaces: > [ovs] > bridge_mappings = public:br-ex > local_ip = 192.168.100.100 > vxlan_udp_port = 8472 > tunnel type = vxlan > tunnel id ranges = 1001:2000 > tenant network type = vxlan > enable tunneling = true > - Same goes for [agent] as well: > [agent] > tunnel_types = vxlan > root_helper_daemon = sudo /usr/local/bin/neutron-rootwrap-daemon > /etc/neutron/rootwrap.conf > root_helper = sudo /usr/local/bin/neutron-rootwrap > /etc/neutron/rootwrap.conf > #tunnel_types = vxlan > vxlan_udp_port = 8472 > l2 population = false > Start by correcting those issues and restart the OVS agents across > your hosts. The agent log may be of help here as well. > > James > On Oct 14, 2015, at 2:38 AM, Amir Huskić <*amir.hus...@gmail.com* > <amir.hus...@gmail.com>> wrote: > > Hello, > > there is also my ml2_conf.ini file: > *https://dl.dropboxusercontent.com/u/4298410/ml2_conf.ini* > <https://dl.dropboxusercontent.com/u/4298410/ml2_conf.ini> > > Could problem be related to single NIC installation? Is it > possible to have same interface for bridge mappings and also for > tunnel > bridge? Example below: > > bridge_mappings = public:br-ex > integration bridge = br-int > tunnel bridge = br-ex > > Thank you. > Regards, > Amir > > > On Mon, Oct 12, 2015 at 3:53 PM, Amir Huskić < > *amir.hus...@gmail.com* <amir.hus...@gmail.com>> wrote: > Hi all, > > I'm trying to setup up Openstack test lab. > > I deployed Openstack Kilo (Devstack) on PC running Ubuntu LTS > 14.02 with single NIC. > Tenants are isolated with vxlan networks. I can ping from VMs > to external network PCs, SSH login from external PCs to tenants > VMs > floating IP address, etc. > > I would like also to connect tenant VMs to external network > physical Linux host using vxlan tunnel and have L2 connectivity > between VM > and physical Linux host over L3 network. > > Vxlan interface on Linux physical host is up and running. > When I am trying to ping from Linux physical host to Openstack VM > (not > floating IP) using same subnet L2 address (example ping from > 192.168.10.10 > to 192.168.10.11) UDP packets on port 8472 are coming to > Openstack br-ex > interface with ARP request. > > Problem is that I can't setup vxlan tunnel on Openstack. > Command "sudo ovs-vsctl show" doesn't show any vxlan tunnels. > Also when I try to ping from VM to Linux host using L2 IP > address (ping from 192.168.10.11 to 192.168.10.10) tcpdump on > br-ex doesn't > show anything. > > My ml2_conf.ini files is configured following this guide: > *http://www.opencloudblog.com/?p=300* > <http://www.opencloudblog.com/?p=300> > > Thanks in advance for your help, > > Regards, > Amir > > _______________________________________________ > Mailing list: > *http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack* > <http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack> > Post to : *openstack@lists.openstack.org* > <openstack@lists.openstack.org> > Unsubscribe : > *http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack* > <http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack> > > > > _______________________________________________ > Mailing list: > *http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack* > <http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack> > Post to : *openstack@lists.openstack.org* > <openstack@lists.openstack.org> > Unsubscribe : > *http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack* > <http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack> > > _______________________________________________ > Mailing list: > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > Post to : openstack@lists.openstack.org > Unsubscribe : > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > > >
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
