- What about using Neutrons "allowed address pairs"? - Or setting up a tunnel network within your existing openstack tunnel network?
-- ----- Andreas IRC: andreas_s On Sa, 2016-06-18 at 18:52 +0200, Joerg Streckfuss wrote: > Dear list, > > I'm trying set up an isolated network for testing clustermanagers like > keepalived on linux and carp on openbsd. This means there are ips which > are bound to multiple ports. The main problem is when I try to configure > new ip-addresses inside the vms and _not_ in neutron, these ips are not > visible by the other vms. When I try to ping this ips I can see an local > arp request inside the bridge of the requesting vm but this request does > not reach the bridge of the destination vm. So my assumption is neutron > in particular the l2population works only for ip addresses which are > known by neutron ports. So in case of disabling dhcp I have to configure > it for the neutron port and inside the vm, right? > > My setup is a 4-node openstack environment (one controller, three > compute nodes), using liberty on centos7 carefully following the > instructions under http://docs.openstack.org/liberty/install-guide-rdo/. > > I'm using self-service networks with one flat provider-network for > external communication. I use VXLAN for overlay-networks. As mechanism > drivers I use linuxbridge and l2population. > > The isolated network and the vms are initiated by heat templates. I > disabled port security for each neutron port by setting > 'port_security_enabled: false' inside the heat template. > > So what can I do, that a neutron isolated network behaves like a > standard linuxbridge or especially a hardware switch, where no port > security is configured and which forwards all kind of arp traffic? > > Thanks in advance, > > Joerg > > _______________________________________________ > Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > Post to : openstack@lists.openstack.org > Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > _______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
