Hi all, Just would like to share a way to test Tricircle north-south L3 networking without requiring the third interface.
In the Tricircle readme, it is said that you need to add an interface in your host to br-ext bridge. One interface to access the host, one interface for east-west networking and one interface for north-south networking, so all together three interfaces are required. What if your host only have two interfaces? Here is another deployment choice. First, change your external network type to flat type. If you are using the DevStack script provided by Tricircle, do the following changes in node2 local.conf then run DevStack in node2. (1) change Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS from (network_vlan_ranges=bridge:2001:3000,extern:3001:4000) to (network_vlan_ranges=bridge:2001:3000) (since we going to use flat external network, no need to configure VLAN range for extern) (2) add PHYSICAL_NETWORK=extern (3) keep OVS_BRIDGE_MAPPINGS=bridge:br-bridge,extern:br-ext Second, specify flat type when creating external network. curl -X POST http://127.0.0.1:9696/v2.0/networks -H "Content-Type: application/json" \ -H "X-Auth-Token: $token" \ -d '{"network": {"name": "ext-net", "admin_state_up": true, "router:external": true, "provider:network_type": "flat", "provider:physical_network": "extern", "availability_zone_hints": ["Pod2"]}}' Third, configure IP address of br-ext. sudo ifconfig br-ext 163.3.124.1 netmask 255.255.255.0 Here 163.3.124.1 is your external network gateway IP, set net mask according to your CIDR. After the above steps, you can access your VM via floating IP in node2. Also your VM can ping the external gateway. Would like your VM to access the Internet?(Of course node2 should be able to access the Internet) Two more steps to follow: (1) Enable packet forward in node2 sudo bash echo 1 >/proc/sys/net/ipv4/ip_forward (2) Configure SNAT in node2 sudo iptables -t nat -I POSTROUTING -s 163.3.124.0/24 -o eth1 -j SNAT --to-source 10.250.201.21 163.3.124.0/24 is your external network CIDR, eth1 is the interface associated with your default route in node2 and 10.250.201.21 is the IP of eth1. Hope this information helps. BR Zhiyuan
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev