[Rdo-list] multiple external networks mapped to the same l3 agent

ICHIBA Sara ichi.sara at gmail.com
Wed Aug 5 14:17:52 UTC 2015


hey there,

I'm trying to configure two provider network for openstack. I'm using the
same l3 agent. the first external network is connected to eth1 via br-eth1
and the second is connected to eth0 via br-ex.

 You can find below my configuration. My problem is that I can't ping the
external gateways from my routers

=============[root at localhost ~]# ovs-vsctl show
03e9d933-8477-46eb-8718-0b4c11c0968d
    Bridge "br-eth1"
        Port "phy-br-eth1"
            Interface "phy-br-eth1"
                type: patch
                options: {peer="int-br-eth1"}
        Port "eth1"
            Interface "eth1"
        Port "br-eth1"
            Interface "br-eth1"
                type: internal
    Bridge br-int
        fail_mode: secure
        Port "int-br-eth1"
            Interface "int-br-eth1"
                type: patch
                options: {peer="phy-br-eth1"}
        Port "qvod5cf0403-f0"
            tag: 2
            Interface "qvod5cf0403-f0"
        Port "tap56770cf6-b4"
            tag: 2
            Interface "tap56770cf6-b4"
                type: internal
        Port br-int
            Interface br-int
                type: internal
        Port "tape1cc9d1e-27"
            tag: 1
            Interface "tape1cc9d1e-27"
                type: internal
        Port "qg-ab484fdf-8a"
            tag: 3
            Interface "qg-ab484fdf-8a"
                type: internal
        Port "qr-2c33255e-e5"
            tag: 1
            Interface "qr-2c33255e-e5"
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port "qr-8a30f016-85"
            tag: 2
            Interface "qr-8a30f016-85"
                type: internal
        Port "qg-559f3ce6-f8"
            tag: 4
            Interface "qg-559f3ce6-f8"
                type: internal
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
    Bridge br-tun
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
        Port br-tun
            Interface br-tun
                type: internal
    Bridge br-ex
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port "eth0"
            Interface "eth0"
        Port br-ex
            Interface br-ex
                type: internal
    ovs_version: "2.3.1"


===========[root at localhost openvswitch]# cat ovs_neutron_plugin.ini | grep
-v ^# | grep -v ^$
[ovs]
enable_tunneling = True
network_vlan_ranges = physnet1,physnet2
bridge_mappings = physnet1:br-ex,physnet2:br-eth1
integration_bridge = br-int
tunnel_bridge = br-tun
local_ip =192.168.5.233
[agent]
polling_interval = 2
tunnel_types =vxlan
vxlan_udp_port =4789
l2_population = False
arp_responder = False
enable_distributed_routing = False
[securitygroup]
firewall_driver =
neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

===========[root at localhost neutron]# cat plugin.ini | grep -v ^# | grep -v
^$
[ml2]
type_drivers = vxlan
tenant_network_types = vxlan
mechanism_drivers =openvswitch
[ml2_type_flat]
[ml2_type_vlan]
[ml2_type_gre]
[ml2_type_vxlan]
vni_ranges =10:100
vxlan_group =224.0.0.1
[securitygroup]
enable_security_group = True
[ovs]
network_vlan_ranges = physnet1,physnet2
bridge_mappings = physnet1:br-ex,physnet2:br-eth2


=========[root at localhost neutron]# cat l3_agent.ini | grep -v ^# | grep -v
^$
[DEFAULT]
debug = False
interface_driver =neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
handle_internal_only_routers = True
metadata_port = 9697
send_arp_for_ha = 3
periodic_interval = 40
periodic_fuzzy_delay = 5
enable_metadata_proxy = True
router_delete_namespaces = False
agent_mode = legacy
allow_automatic_l3agent_failover=False


=========root at localhost ~(keystone_admin)]# ip netns exec
qrouter-4b6bf66a-296e-4cc1-ba0f-1b88a9ed621a ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
29: qr-8a30f016-85: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue state UNKNOWN
    link/ether fa:16:3e:9e:6a:e0 brd ff:ff:ff:ff:ff:ff
    inet 20.0.0.1/24 brd 20.0.0.255 scope global qr-8a30f016-85
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe9e:6ae0/64 scope link
       valid_lft forever preferred_lft forever
42: qg-559f3ce6-f8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue state UNKNOWN
    link/ether fa:16:3e:c5:c5:3d brd ff:ff:ff:ff:ff:ff
    inet 192.168.31.71/24 brd 192.168.31.255 scope global qg-559f3ce6-f8
       valid_lft forever preferred_lft forever
    inet 192.168.31.70/32 brd 192.168.31.70 scope global qg-559f3ce6-f8
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fec5:c53d/64 scope link
       valid_lft forever preferred_lft forever



============[root at localhost neutron]# ip netns exec
qrouter-e8040286-4aef-4875-b0e1-acc1c5e2e71a ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
14: qr-2c33255e-e5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue state UNKNOWN
    link/ether fa:16:3e:11:49:d8 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.1/24 brd 10.0.0.255 scope global qr-2c33255e-e5
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe11:49d8/64 scope link
       valid_lft forever preferred_lft forever
15: qg-ab484fdf-8a: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue state UNKNOWN
    link/ether fa:16:3e:51:fb:16 brd ff:ff:ff:ff:ff:ff
    inet 192.168.5.240/24 brd 192.168.5.255 scope global qg-ab484fdf-8a
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe51:fb16/64 scope link
       valid_lft forever preferred_lft forever

=====[root at localhost neutron]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=00:0c:29:0a:d1:16
DEVICETYPE=ovs
OVS_BRIDGE=br-ex
ONBOOT=yes
TYPE=OVSPort
NM_CONTROLLED=yes


===== [root at localhost neutron]# cat
/etc/sysconfig/network-scripts/ifcfg-br-ex
DEVICE=br-ex
DEVICETYPE=ovs
TYPE=OVSBridge
BOOTPROTO=static
IPADDR=192.168.5.233
NETMASK=255.255.255.0
ONBOOT=yes
GATEWAY=192.168.5.1
DNS1=8.8.8.8
DNS2=192.168.5.1


========[root at localhost neutron]# cat
/etc/sysconfig/network-scripts/ifcfg-br-eth1
DEVICE=br-eth1
DEVICETYPE=ovs
TYPE=OVSBridge
BOOTPROTO=static
IPADDR=192.168.31.233
NETMASK=255.255.255.0
ONBOOT=yes
GATEWAY=192.168.31.1
DNS1=8.8.8.8


=====[root at localhost neutron]# cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
HWADDR=00:0c:29:0a:d1:20
DEVICETYPE=ovs
OVS_BRIDGE=br-eth1
ONBOOT=yes
TYPE=OVSPort
NM_CONTROLLED=yes



In advance,thank you for your help
B.regards,
Sara
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rdoproject.org/pipermail/dev/attachments/20150805/fecbf7b2/attachment.html>


More information about the dev mailing list