Dear Mathias,
if I correctly understand your configuration, you're using bridges
inside VM and it configuration looks a bit strange:
1) you use two different bridges (OVSbr1/192.168.120.x and
OVSbr2/192.168.110.x) and there is no patch between them so they're separate
2) while ARP requests for address in OVSbr1 arrives from OVSbr2:
> 18:50:58.080478 ARP, Request who-has *192.168.120.10* tell
192.168.120.6, length 28
>
> but on the OVS bridge nothing arrives ...
>
> listening on *OVSbr2*, link-type EN10MB (Ethernet), capture size
> 262144 bytes
while these bridges are separate, ARP requests and answers will not be
passed between them.
Regarding your devstack configuration - unfortunately, I don't have
experience with devstack, so don't know, where it stores configs. In
Openstack, ml2_conf.ini points to openvswitch in ml2's mechanism_drivers
parameter, in my case it looks as the following:
[ml2]
mechanism_drivers = l2population,openvswitch
and rest of openvswitch config described in
/etc/neutron/plugins/ml2/openvswitch_agent.ini
Second - I see an ambiguity in your br-tun configuration, where
patch_int is the same as patch-int without corresponding remote peer
config, probably you should check this issue.
And third is - note that Mitaka is quite old release and probably you
can give a chance for the latest release of devstack? :-)
On 1/31/18 10:49 PM, Mathias Strufe (DFKI) wrote:
Dear Volodymyr, all,
thanks for your fast answer ...
but I'm still facing the same problem, still can't ping the instance
with configured and up OVS bridge ... may because I'm quite new to
OpenStack and OpenVswitch and didn't see the problem ;)
My setup is devstack Mitaka in single machine config ... first of all
I didn't find there the openvswitch_agent.ini anymore, I remember in
previous version it was in the neutron/plugin folder ...
Is this config now done in the ml2 config file in the [OVS] section????
I'm really wondering ...
so I can ping between the 2 instances without any problem. But as soon
I bring up the OVS bridge inside the vm the ARP requests only visible
at the ens interface but not reaching the OVSbr ...
please find attached two files which may help for troubleshooting. One
are some network information from inside the Instance that runs the
OVS and one ovs-vsctl info of the OpenStack Host.
If you need more info/logs please let me know! Thanks for your help!
BR Mathias.
On 2018-01-27 22:44, Volodymyr Litovka wrote:
Hi Mathias,
whether you have all corresponding bridges and patches between them
as described in openvswitch_agent.ini using
integration_bridge
tunnel_bridge
int_peer_patch_port
tun_peer_patch_port
bridge_mappings
parameters? And make sure, that service "neutron-ovs-cleanup" is in
use during system boot. You can check these bridges and patches using
"ovs-vsctl show" command.
On 1/27/18 9:00 PM, Mathias Strufe (DFKI) wrote:
Dear all,
I'm quite new to openstack and like to install openVSwtich inside
one Instance of our Mitika openstack Lab Enviornment ...
But it seems that ARP packets got lost between the network
interface of the instance and the OVS bridge ...
With tcpdump on the interface I see the APR packets ...
tcpdump: verbose output suppressed, use -v or -vv for full protocol
decode
listening on ens6, link-type EN10MB (Ethernet), capture size 262144
bytes
18:50:58.080478 ARP, Request who-has 192.168.120.10 tell
192.168.120.6, length 28
18:50:58.125009 ARP, Request who-has 192.168.120.1 tell
192.168.120.6, length 28
18:50:59.077315 ARP, Request who-has 192.168.120.10 tell
192.168.120.6, length 28
18:50:59.121369 ARP, Request who-has 192.168.120.1 tell
192.168.120.6, length 28
18:51:00.077327 ARP, Request who-has 192.168.120.10 tell
192.168.120.6, length 28
18:51:00.121343 ARP, Request who-has 192.168.120.1 tell
192.168.120.6, length 28
but on the OVS bridge nothing arrives ...
tcpdump: verbose output suppressed, use -v or -vv for full protocol
decode
listening on OVSbr2, link-type EN10MB (Ethernet), capture size
262144 bytes
I disabled port_security and removed the security group but nothing
changed
+-----------------------+---------------------------------------------------------------------------------------+
| Field | Value
|
+-----------------------+---------------------------------------------------------------------------------------+
| admin_state_up | True
|
| allowed_address_pairs |
|
| binding:host_id | node11
|
| binding:profile | {}
|
| binding:vif_details | {"port_filter": true, "ovs_hybrid_plug":
true} |
| binding:vif_type | ovs
|
| binding:vnic_type | normal
|
| created_at | 2018-01-27T16:45:48Z
|
| description |
|
| device_id | 74916967-984c-4617-ae33-b847de73de13
|
| device_owner | compute:nova
|
| extra_dhcp_opts |
|
| fixed_ips | {"subnet_id":
"525db7ff-2bf2-4c64-b41e-1e41570ec358", "ip_address":
"192.168.120.10"} |
| id | 74b754d6-0000-4c2e-bfd1-87f640154ac9
|
| mac_address | fa:16:3e:af:90:0c
|
| name |
|
| network_id | 917254cb-9721-4207-99c5-8ead9f95d186
|
| port_security_enabled | False
|
| project_id | c48457e73b664147a3d2d36d75dcd155
|
| revision_number | 27
|
| security_groups |
|
| status | ACTIVE
|
| tenant_id | c48457e73b664147a3d2d36d75dcd155
|
| updated_at | 2018-01-27T18:54:24Z
|
+-----------------------+---------------------------------------------------------------------------------------+
maybe the port_filter causes still the problem? But how to disable
it?
Any other idea?
Thanks and BR Mathias.
_______________________________________________
Mailing list:
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack [1]
Post to : [email protected]
Unsubscribe :
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack [1]
--
Volodymyr Litovka
"Vision without Execution is Hallucination." -- Thomas Edison
Links:
------
[1] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
--
Volodymyr Litovka
"Vision without Execution is Hallucination." -- Thomas Edison
_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : [email protected]
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
