Dear list,

i got problems with a virtual router gateway ip.

I setup a 3-node openstack-setup (one controller, two compute nodes), using liberty on centos7 carefully following the instructions under

I'm using self-service networks with one flat provider-network for external communication. I use VXLAN for overlay-networks. As mechanism drivers I use linuxbridge and l2population. I can create project-networks and initiate instances, with will get ips from the dhcp-server.

So far, so good. When I try to create a virtual router to ssh to my vm, i can't ping the external gateway ip of the router on the controller node.

As you can see the router has a gateway-port with an external ip ( The second one is the ip from the project network:

[root@controller ~]# source
[root@controller ~]# neutron router-port-list router
| id | name | mac_address | fixed_ips |
| 89724c5b-d8eb-45ed-a45d-051412d9cf2d | | fa:16:3e:71:d2:7c | {"subnet_id": "ec0d4301-53b2-4eab-90c9-a03e1b784717", "ip_address": ""} | | b1aeaf23-1bae-4f63-899d-30a50513c3c1 | | fa:16:3e:d1:df:2e | {"subnet_id": "fc6a8af9-c510-4665-a083-b190989f75de", "ip_address": ""} |

This ip is not pingable neither from outside nor on the controller node. The needed netnamespaces are available:

[root@controller ~]# ip netns show

But I can ping the ip inside the router namespace:

[root@controller ~]# ip netns exec qrouter-7236dab3-6653-4df7-90cc-b441df2ae75d ping -c1
PING ( 56(84) bytes of data.
64 bytes from icmp_seq=1 ttl=64 time=0.049 ms

In /var/log/neutron/server.log I found the following interesting logs when creating the external provider network:

2016-01-29 13:35:58.842 8337 ERROR neutron.plugins.ml2.managers [req-6502530b-eb91-4c1d-85db-5555c9820e62 - - - - -] Failed to bind port 041d3057-44a1-4aa5-ba00-aa97a28b3d64 on host 2016-01-29 13:35:58.842 8337 ERROR neutron.plugins.ml2.managers [req-6502530b-eb91-4c1d-85db-5555c9820e62 - - - - -] Failed to bind port 041d3057-44a1-4aa5-ba00-aa97a28b3d64 on host 2016-01-29 13:35:58.864 8337 INFO neutron.plugins.ml2.plugin [req-6502530b-eb91-4c1d-85db-5555c9820e62 - - - - -] Attempt 2 to bind port 041d3057-44a1-4aa5-ba00-aa97a28b3d64 2016-01-29 13:36:00.230 8337 WARNING neutron.plugins.ml2.rpc [req-de947767-5bba-43f9-9313-26941c0a24d9 - - - - -] Device tap041d3057-44 requested by agent lb00221954bc3f on network 1ff83e09-1777-4d53-95d8-bc3251eddbb1 not
bound, vif_type: binding_failed

Here are the relevant configs:

# cat /etc/neutron/plugins/ml2/ml2_conf.ini
type_drivers = flat,vlan,vxlan
tenant_network_types = vxlan
mechanism_drivers = linuxbridge,l2population
extension_drivers = port_security

flat_networks = testnet

vni_ranges = 1:1000

enable_ipset = True

# cat /etc/neutron/plugins/ml2/linuxbridge_agent.ini
physical_interface_mappings = testnet:eth0

enable_vxlan = True
local_ip =
l2_population = True

prevent_arp_spoofing = True

enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

I guess there is somthing broken with a missing bridge. Perhaps a bridge which connects to the external, physical interface eth0.

When list the bridges on the controller I got this:

[root@controller ~]# brctl show
bridge name     bridge id               STP enabled     interfaces
brqb7e5b2dd-0b          8000.0285d4793974       no      tap1f5c2967-bd

As I mentioned I'm missing the external device eth0, which points to the external net.

somebody has an idea about this?

Many thanks in advance!

Mailing list:
Post to     :
Unsubscribe :

Reply via email to