On 3/25/21 12:36 PM, Dumitru Ceara wrote: > On 3/25/21 12:16 PM, Moshe Levi wrote: >> >> >>> -----Original Message----- >>> From: Dumitru Ceara <[email protected]> >>> Sent: Thursday, March 25, 2021 12:49 PM >>> To: Moshe Levi <[email protected]>; [email protected] >>> Subject: Re: [ovs-discuss] [ovn] help with creating logical topology with l3 >>> gateway >>> >>> External email: Use caution opening links or attachments >>> >>> >>> On 3/24/21 11:31 PM, Moshe Levi wrote: >>>> Hi all, >>> >>> Hi Moshe, >>> >>>> I trying to create logical topology with l3 gateway. >>>> I have create the following logical topology: >>>> I able to ping from ns to 100.64.0.1 but it failed to ping 100.64.0.2 >>>> (port on >>> the gw-worker1). >>>> Below I pasted the command I am using. Can you help me understand what >>> is missing or what I doing wrong? >>> >>> The problem is gw-worker1 has no route to reach 10.0.0.0/16. >>> >>>> >>>> ____|____ >>>> | router | gw-worker1 >>>> --------- port 'gw-worker1-join': 100.64.0.2/16 >>>> ____|____ >>>> | switch | join 100.64.0.0/16 >>>> --------- >>>> ____|____ >>>> | router | join-router port 'join-router-ls-join': 100.64.0.1/16 >>>> --------- port 'join-router-worker1-net': 10.0.1.1/24 >>>> | >>>> ____|____ >>>> | switch | join-router 10.0.1.0/24 >>>> --------- >>>> / >>>> _______/_ >>>> | ns | >>>> --------- >>>> >>>> >>>> ## worker 1 - worker1-net >>>> ovn-nbctl ls-add worker1-net >>>> ovn-nbctl lsp-add worker1-net vm1 >>>> ovn-nbctl lsp-set-addresses vm1 "40:44:00:00:00:01 10.0.1.2" >>>> >>>> >>>> >>>> ## create join router >>>> ovn-nbctl lr-add join-router >>>> >>>> ## create router port to connect >>>> ovn-nbctl lrp-add join-router join-router-worker1-net >>>> 40:44:00:00:00:03 10.0.1.1/24 ovn-nbctl lrp-add join-router >>>> join-router-worker2-net 40:44:00:00:00:04 10.0.2.1/24 >>>> >>>> >>>> ## create the 'worker1-net' switch port for connection to 'join-router' >>>> ovn-nbctl lsp-add worker1-net worker1-net-join-router ovn-nbctl >>>> lsp-set-type worker1-net-join-router router ovn-nbctl >>>> lsp-set-addresses worker1-net-join-router router ovn-nbctl >>>> lsp-set-options worker1-net-join-router >>>> router-port=join-router-worker1-net >>>> >>>> >>>> >>>> >>>> #worker 1 >>>> ovs-vsctl add-port br-int vm1 -- set Interface vm1 type=internal -- >>>> set Interface vm1 external_ids:iface-id=vm1 ip netns add vm1 ip link >>>> set vm1 netns vm1 ip netns exec vm1 ip link set vm1 address >>>> 40:44:00:00:00:01 ip netns exec vm1 ip addr add 10.0.1.2/24 dev vm1 ip >>>> netns exec vm1 ip link set vm1 up ip netns exec vm1 ip route add >>>> default via 10.0.1.1 >>>> >>>> >>>> >>>> >>>> # create gw-worker1 >>>> ovn-nbctl create Logical_Router name=gw-worker1 >>>> options:chassis=9a790be7-a876-48a9-b7c5-1c45c6946dd4 >>> >>> This should fix it: >>> >>> ovn-nbctl lr-route-add gw-worker1 10.0.0.0/16 100.64.0.1 >> Dumitru, thanks for the response. I added the above route but It is still >> don't work. Anything else that I am missing? > > That's weird because it did fix it when I configured the topology using > the commands you shared; can you please also get the output of: > > ovn-nbctl lr-route-list gw-worker1 > > Also, to see exactly where the packet is dropped, please share the > output of: > > inport=$(ovs-vsctl --bare --columns ofport list interface vm1) > flow=40440000000340440000000108004500005417cd40004001b3980a000102644000020800e1d35d0a0001c1635c6000000000d789050000000000101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031323334353637
To "demystify" this a bit, I got the packet contents by running the following command while ping was running from vm1: ip netns exec vm1 tcpdump -vvvnne -i vm1 -c1 -XX | ovs-tcpundump > ovs-appctl ofproto/trace br-int in_port=$in_port $flow | ovn-detrace > > _______________________________________________ discuss mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
