Nothing seems to be able to get through br-ex... When I try and ping
something external from the instance, traffic gets through the DVR router,
which sends traffic to the SNAT namespace, to be able to forward traffic
externally, needs to populate it's next-hop arp entry, so it sends out an
arp requ
Let say I want to setup a subnet-pool that allocates /31's to customers out
of a larger block... In attempting this I see a few issues that I could
really use some help on:
- The first /31 allocation out of ip space is the addresses 0 & 1
(10.10.10.0 & 1/31) and Neutron should choose the first a
Does anyone have any idea why a console session's would be so slow from
horizon? After creating an instance, I go to Compute, Instance, then
Console tab where I click "Click here to show only console". From there,
it's EXTREMELY slow interacting with the instance itself... I can RDP or
ssh to the i
"
> camp is, check DNS. If possible, disable reverse lookups, or else ensure
> that the hosts involved all know how to reverse-resolve each other's IP
> addresses.
>
> That's where I'd start, anyway. Good luck!
>
> -Ken
>
> On 2016-06-28 20:28, S
Setup:
Openstack version: Mitaka, OVS version: 2.60
I'm trying to set our firewall driver to be openvswitch based by modifying
these parameters:
vim /etc/neutron/plugins/ml2/openvswitch_agent.ini [securitygroup]
firewall_driver = openvswitch
After successfully restarting the Openvswitch servic
Openstack version: Mitaka
I know this is a difficult question to answer, but we have been having
strange pauses (that last for 1 to 4 minutes) randomly showing up in
Horizon when we are either modify\adding\deleting objects
(network,subnet,instances,etc). It seems to happen more regularly when we
Is there a way to disable Mac and IP spoof protection for just 1 instance?
I want to run an L2TP server on that instance so I can merge a remote (over
the internet) broadcast domain at a customer site with a Openstack tenant
network. To do this though, I need Openstack to allow n number of MAC
ad
don't need to delete a port.
> You can set port_security_enabled to False by:
>
> neutron port-update --port-security-enabled=False
>
> or
>
> openstack port set --disable-port-security
>
> >
> > 09.03.2017 03:18, Sterdnot Shaken пишет:
> >>
> >> I
Anyone know if VPNaas for Openstack supports L2TP? or some form of Layer 2
extension technique?
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstac
We're running Mitaka using OVS and I have been troubleshooting some MTU
issues when I stumbled across this curiosity.
The VM OS in question has a interface MTU of 1500. When I do a tcpdump on
the tap interface on the compute node that correlates to that VM, I see
frames with a length of up to 10,0
Our info:
Openstack version: Mitaka (using OVS 2.5)
Firewall driver: Openvswitch
Anyone know why VM's that are directly on a Flat Provider Network (so the
VM would have a public IP directly assigned to it) can download data just
fine, but when we try and upload anything (iperf where the VM is the
s you've described because I'd not have expected the virtual
> router to pay attention to an arriving ICMP Destination Unreachable,
> Datagram Too Big message to have the routed version work, but it seemed a
> reasonable straw at which to grasp.
>
> rick jones
>
> P
un tcpdump on sniff0.
>
> Create such mirror ports on
>
> 1) phy-br-ex on external OVS bridge
>
> 2) int-br-ex on integration bridge
>
> 3) qvo-xxx on integration bridge
>
> Also capture packets on qvb-xxx on the linux bridge having the tap
> interface of the VM. Hopeful
s are never visible to
>>
>>mirrors, whereas in Open vSwitch 2.5 and later modifications
>> made
>>
>>before the first output that makes it eligible for mirroring to a
>> par‐
>>
>> ticular destination are visible.
>>
Openstack version: Mitaka
So we're running VM's on compute nodes and HA routers on network nodes (old
school, I know...)
There's the test setup I'm doing:
Test structure: Openstack VM is assigned to a tenant network that has
public IP and I have SNAT turned off on the Openstac, HA routers.
- Fr
Openstack version: Mitaka
Number of external bridges: 1
Whenever I spawn a new cirros image, I'm get 2 ip's out of the same ip
block assigned to each instance.
Anyone know why?
Thanks!
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listin
Hey Mikhail!
That's exactly what was happening to us. Thank you very much for the super
useful help!!
Steve
On Fri, Mar 31, 2017 at 7:09 AM, Mikhail Medvedev
wrote:
> On Thu, Mar 30, 2017 at 4:04 PM, Sterdnot Shaken
> wrote:
> > Openstack version: Mitaka
> > Number
Let's say I have 3 network nodes but set max_l3_agents_per_router to 2
(intentionally) and I want to move either the active or standby router off
of one of those nodes onto the 3rd network node… I can, using neutron
l3-agent-router-remove and neutron l3-agent-router-add do this, but how do
I delibe
Is there a way to define what MTU dhcp presents to tenants on a per network
basis?
I have some tenants who want to connect their remote DC with their tenant
network in Openstack, using L2TP. To accomplish this, I need to ensure that
their specific tenant network mtu matches that of their remote ph
that will be
> useful to help prioritize it.
>
> On Wed, May 10, 2017 at 1:07 PM, Sterdnot Shaken > wrote:
>
>> Is there a way to define what MTU dhcp presents to tenants on a per
>> network basis?
>>
>> I have some tenants who want to connect their remote DC with t
We were running Mitaka and then updated to Ocata = (Neutron) rude
awakening...
Has anyone successfully gotten the BGP speaker to work properly with
Neutron on Ocata (or Newton for that matter...) after the BGP Speaker
feature was moved to the neutron-dynamic-routing repo? We were happily
using thi
gt;
>
>
> Thanks
>
> Vikram
>
>
>
> *From:* Sterdnot Shaken [mailto:sterdnotsha...@gmail.com]
> *Sent:* 09 June 2017 05:00
> *To:* Openstack
> *Subject:* [Openstack] Openstack Neutron (Ocata), BGP speaker woes
>
>
>
> We were running Mitaka and then updated to
Is there a programmatic way to get what UUID is associated with, for
example, an l3-agent?
I know I can run "neutron agent-list" and grep based on agent type\name of
server, but I don't want to have to grep for it… Is there a more direct API
way of getting this info?
Is there a command that lists
pe' and/or '--host' to filter the results based on those
> fields.
>
> https://docs.openstack.org/python-openstackclient/latest/
> cli/command-objects/network-agent.html
>
>
> On Aug 22, 2017 5:15 PM, "Sterdnot Shaken"
> wrote:
>
>> Is th
Openstack version: Ocata
Mech driver: OVS
Security: Linuxbridge
Hello!
Anyone have any idea why DHCP for IPv4 works fine but DHCP for IPv6
doesn't? With Stateless or just SLAAC, the VM's calculate a correct IPv6
address from the IPv6 prefix I've assigned, but (for stateless) the
instances doesn't
t
still no luck:
IngressIPv6 UDP 1 - 65535
Egress IPv6 UDP 1 - 65535
Any ideas?
Thanks!
Steve
On Tue, Sep 26, 2017 at 5:58 PM, Sterdnot Shaken
wrote:
> Openstack version: Ocata
> Mech driver: OVS
> Security: Linuxbridge
>
> Hello!
>
> An
ol. These are the addresses used by IPv6.
>
> FF02:0:0:0:0:0:1:2 All-dhcp-agents
> FF05:0:0:0:0:0:1:3 All-dhcp-servers
>
> I think all-dhcp-agents is sufficient.
>
> https://www.iana.org/assignments/ipv6-multicast-addresses/ipv6-multicast-
> addresses.xhtml
>
> Regards
Version: Pike
Mech driver: OVS with vxlan for east\west
So we're running Openstack with the dedicated network nodes model. Some of
the tenant router's have HA port for vrrp hello's that work fine, while
others don't.
The ones that don't have their HA port's in a status of Down (on both
network no
Openstack version: Pike
Openvswitch version: 2.7
Let's say I have a OS project that has 2 routers. The routers are HA and
reside on 2 network nodes. Via VRRP, there are 2 Active and 2 Passive
routers. As you may know, Neutron creates a custom HA network that's
project specific and (in our case) as
Version: Pike
OVS version: 2.9
VM-A (On Compute A) - (On Compute B) VM-B
What is it in Neutron that might delay vxlan tunnel construction on the
destination compute node during live-migration? As the VM is live-migrated,
I'm watch the flows and the vxlan tunnel interfaces on br-tun on the
Com
of a
hit when I live migrate.
Thanks in advance!
Steve
On Wed, Aug 22, 2018 at 11:56 AM Sterdnot Shaken
wrote:
> Version: Pike
> OVS version: 2.9
>
> VM-A (On Compute A) - (On Compute B) VM-B
>
> What is it in Neutron that might delay vxlan tunnel construction on the
>
31 matches
Mail list logo
