Thank you Andreas. I'll try it. I've opened new thread with additional info (here: http://lists.openstack.org/pipermail/openstack/2015-November/014564.html) and subject: Vxlan/gre port is not created in br-tun Kilo. There are also config files.
Regards, Amir On Thu, Nov 12, 2015 at 10:17 AM, Andreas Scheuring < scheu...@linux.vnet.ibm.com> wrote: > What you see is the expected behavior. A Tun (vxlan/gre) port is created > for each other Node (that runs the neutron-openvswitch-agent) in your > Openstack Cluster. So if you have a single node - no other Openstack > node - no tun port. > > It's not a use case that an external (non Openstack managed System) Node > is participating in your Openstack internal tunnel network. > > The current ovs implementation knows exactly which vm is reachable via > which mac on which other hypervisor via which tunnel port. All these > logic is implemented via openflow rules, which steer the traffic to the > correct tun device. Traffic that does not match those rules, will be > dropped (I guess). > > You can only achieve this with an external vxlan network. I personally > haven't tried this so far creating it with Openstack. But for a prove of > concept you could create the tun port on your own on br-ex (instead of > plugging your interface into br-ex). > > Hope this helps. > > > > -- > Andreas > (IRC: scheuran) > > > > On Do, 2015-11-12 at 09:36 +0100, Amir Huskić wrote: > > Thank you all for suggestions and sorry for late answer. Now I have PC > > with two interfaces; eth0 for br-ex (LAN) and eth1 for vxlan/gre > > tunnel interface. Br-ex is working fine and also I can ping and access > > VM using floating IP. But still facing issue with vxlan/gre tunnels. > > Vxlan/gre port is not created on br-tun. > > > > > > As I already wrote I'm trying to enable L2 connectivity between VMs > > running on single node Openstack Kilo instalation (Devstack) and > > external Linux host using vxlan/gre tunnel. Since there are now two > > NICs I'll open new thread. > > > > > > Regards, > > Amir > > > > On Mon, Oct 19, 2015 at 12:36 PM, Akash Gunjal <akgun...@in.ibm.com> > > wrote: > > Hi Amir, > > > > One point to check is the security rules set in your > > controller. Check if you have set the ingress/egress rules set > > for ICMP protocol (ping) which will otherwise block traffic > > from external hosts to the tenant VM. > > > > Regards, > > Akash > > > > Inactive hide details for yatin kumbhare ---10/19/2015 > > 03:56:22 PM---Hi Amir, Not quite sure, as I haven't tried such > > a thing.yatin kumbhare ---10/19/2015 03:56:22 PM---Hi Amir, > > Not quite sure, as I haven't tried such a thing. > > > > From: yatin kumbhare <yatinkumbh...@gmail.com> > > To: Amir Huskić <amir.hus...@gmail.com> > > Cc: "openstack@lists.openstack.org" > > <openstack@lists.openstack.org> > > Date: 10/19/2015 03:56 PM > > Subject: Re: [Openstack] Openstack Kilo Vxlan tunnel single > > NIC setup > > > > > > > > ______________________________________________________________ > > > > > > > > Hi Amir, > > > > Not quite sure, as I haven't tried such a thing. > > > > but IMHO, you might require l2-gateway. > > > > Kind of this: https://www.youtube.com/watch?v=74Wfr4myf5k > > > > Regards, > > Yatin > > > > On Mon, Oct 19, 2015 at 4:35 AM, Amir Huskić > > <amir.hus...@gmail.com> wrote: > > Hello James, > > > > I use underscores in ml2 config file as You suggested. > > Also made some changes in config file. Here is > > available: > > > https://www.dropbox.com/s/fuzwiyuyfngyyl2/ml2_conf.ini?dl=0 > > > > Summary: > > - can ping from OS host to external gw and external > > linux host > > - can ping from tenant VM to external gw and external > > linux host > > - can't ping OS host and tenant VM floating IP from > > external linux host > > - tcpdump on br-ex and eth0 interface is showing arp > > request during ping request from linux external host > > using vxlan segment > > > > For additional info please check info from CLI screen > > here: > > > https://www.dropbox.com/s/fv5hen4jbo6fmby/CLI_debug.txt?dl=0 > > > > Accidently I deleted symbolic link in log files > > pointing to agent log. Unfortunately I don't know how > > to create it again with proper permissions. I tried > > with chmod and chown using reference command but > > without much success. > > > > lrwxrwxrwx 1 amir amir 43 Sep 19 15:26 > > screen-n-sch.log > > -> /opt/stack/logs/n-sch.log.2015-09-19-150746 > > -rw-r--r-- 1 amir amir 245730291 Okt 18 14:00 > > screen-q-agt.log > > lrwxrwxrwx 1 amir amir 44 Sep 19 15:25 > > screen-q-dhcp.log > > -> /opt/stack/logs/q-dhcp.log.2015-09-19-150746 > > > > > > Thank you for your help and time. > > > > Kind regards, > > Amir > > > > On Wed, Oct 14, 2015 at 4:06 PM, James Denton > > <james.den...@rackspace.com> wrote: > > Hi Amir, > > > > A couple of recommendations: > > > > - Your vxlan_group setting has an extra dot at the end > > that may be causing issues: > > [ml2_type_vxlan] > > vxlan_group = 239.0.0.0. > > - Your [OVS] block has some incorrect options. Use > > underscores rather than spaces: > > [ovs] > > bridge_mappings = public:br-ex > > local_ip = 192.168.100.100 > > vxlan_udp_port = 8472 > > tunnel type = vxlan > > tunnel id ranges = 1001:2000 > > tenant network type = vxlan > > enable tunneling = true > > - Same goes for [agent] as well: > > [agent] > > tunnel_types = vxlan > > root_helper_daemon = > > sudo /usr/local/bin/neutron-rootwrap-daemon > /etc/neutron/rootwrap.conf > > root_helper = > > sudo /usr/local/bin/neutron-rootwrap > /etc/neutron/rootwrap.conf > > #tunnel_types = vxlan > > vxlan_udp_port = 8472 > > l2 population = false > > Start by correcting those issues and restart the OVS > > agents across your hosts. The agent log may be of help > > here as well. > > > > James > > On Oct 14, 2015, at 2:38 AM, Amir > > Huskić <amir.hus...@gmail.com> wrote: > > > > Hello, > > > > there is also my ml2_conf.ini > > file: > https://dl.dropboxusercontent.com/u/4298410/ml2_conf.ini > > > > Could problem be related to single NIC > > installation? Is it possible to have > > same interface for bridge mappings and > > also for tunnel bridge? Example below: > > > > bridge_mappings = public:br-ex > > integration bridge = br-int > > tunnel bridge = br-ex > > > > Thank you. > > Regards, > > Amir > > > > > > On Mon, Oct 12, 2015 at 3:53 PM, Amir > > Huskić <amir.hus...@gmail.com> wrote: > > Hi all, > > > > I'm trying to setup up > > Openstack test lab. > > > > I deployed Openstack Kilo > > (Devstack) on PC running > > Ubuntu LTS 14.02 with single > > NIC. > > Tenants are isolated with > > vxlan networks. I can ping > > from VMs to external network > > PCs, SSH login from external > > PCs to tenants VMs floating IP > > address, etc. > > > > I would like also to connect > > tenant VMs to external network > > physical Linux host using > > vxlan tunnel and have L2 > > connectivity between VM and > > physical Linux host over L3 > > network. > > > > Vxlan interface on Linux > > physical host is up and > > running. When I am trying to > > ping from Linux physical host > > to Openstack VM (not floating > > IP) using same subnet L2 > > address (example ping from > > 192.168.10.10 to > > 192.168.10.11) UDP packets on > > port 8472 are coming to > > Openstack br-ex interface with > > ARP request. > > > > Problem is that I can't setup > > vxlan tunnel on Openstack. > > Command "sudo ovs-vsctl show" > > doesn't show any vxlan > > tunnels. > > Also when I try to ping from > > VM to Linux host using L2 IP > > address (ping from > > 192.168.10.11 to > > 192.168.10.10) tcpdump on > > br-ex doesn't show anything. > > > > My ml2_conf.ini files is > > configured following this > > guide: > > > http://www.opencloudblog.com/?p=300 > > > > Thanks in advance for your > > help, > > > > Regards, > > Amir > > > > > _______________________________________________ > > Mailing list: > > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > > Post to : > > openstack@lists.openstack.org > > Unsubscribe : > > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > > > > > > > > _______________________________________________ > > Mailing list: > > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > > Post to : openstack@lists.openstack.org > > Unsubscribe : > > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > > _______________________________________________ > > Mailing list: > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > > Post to : openstack@lists.openstack.org > > Unsubscribe : > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > > > > > > > > > > > > > > _______________________________________________ > > Mailing list: > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > > Post to : openstack@lists.openstack.org > > Unsubscribe : > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > >
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
