Re: [Openstack] MTU on Provider Networks

2017-09-18 Thread John Petrini 
Great! Thank you both for the information.

John Petrini
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack-operators] [Openstack] MTU on Provider Networks

2017-09-18 Thread John Petrini 
Great! Thank you both for the information.

John Petrini
___
OpenStack-operators mailing list
OpenStack-operators@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators

Re: [Openstack] MTU on Provider Networks

2017-09-15 Thread Curtis 
On Thu, Sep 14, 2017 at 12:10 PM, John Petrini 
wrote:

> Hi List,
>
> We are running Mitaka and having an MTU issue. Instances that we launch on
> our provider network use Jumbo Frames (9000 MTU). There is a Layer2 link
> between the OpenStack switches and our Core. This link uses and MTU of
> 1500.
>
> Up until recently this MTU mismatch has not been an issue because none of
> our systems are sending large enough packets to cause a problem. Recently
> we've begun implementing a SIP device that sends very large packets,
> sometimes even over 9000 bytes and requires fragmentation.
>
> What we found in our troubleshooting is that when large packets originate
> from our network to an instance in OpenStack they are being fragmented (as
> expected). Once these packets reach the qbr-XX port iptables
> defragments the packet and forwards it to the tap interface unfragmented.
> If we set the MTU on the tap interface to 1500 it will refragment the
> packet before forwarding it to the instance.
>
> A similar issue happens the other direction. Large packets originating
> from the OpenStack instance are fragmented (we set the mtu of the interface
> in the instance to 1500 so this is expected) but again once the packets
> reach the qbr--XX interface iptables defragments them again. If we
> set the MTU of the qvb-XX to 1500 the packet is refragmented.
>
> So long story short if we set the instance MTU to 1500 and the
> qbr-XX and qvb-XX ports on the compute node to 1500 MTU the
> packets remain fragmented and are able to traverse the network.
>
> So the question becomes can we modify the default MTU of our provider
> networks so that the instances created on this network receive a 1500 MTU
> from DHCP and the ports on the compute node are also configured to a 1500
> MTU?
>
> I've been looking at the following neutron config option in
> /etc/neutron/plugins/ml2/ml2_conf.ini:
>
> physical_network_mtus =physnet1:9000,providernet:9000
>
> Documentation on this setting is not very clear. Will adjusting this to
> 1500 for providernet accomplish what we need?
>

As far as I know there are 3 main options that one can use to set MTUs in
Neutron, and I use them to do things like ensure that my vxlan interfaces
have an MTU of 1500, as well as provider networks to 1500.

They are:

neutron.conf:default:global_physnet_mtu
ml2_conf.ini:ml2:path_mtu
ml2_conf.ini:ml2:physical_network_mtus

I usually set them all specifically (example: 9000, 1550, and
someprovider:1500). That said, I think only setting your providernet to
1500 would do what you want.

Thanks,
Curtis.



>
> Thank You,
>
> John Petrini
>
>
> ___
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstac
> k
> Post to : openstack@lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstac
> k
>
>


-- 
Blog: serverascode.com
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack-operators] [Openstack] MTU on Provider Networks

2017-09-15 Thread Curtis 
On Thu, Sep 14, 2017 at 12:10 PM, John Petrini 
wrote:

> Hi List,
>
> We are running Mitaka and having an MTU issue. Instances that we launch on
> our provider network use Jumbo Frames (9000 MTU). There is a Layer2 link
> between the OpenStack switches and our Core. This link uses and MTU of
> 1500.
>
> Up until recently this MTU mismatch has not been an issue because none of
> our systems are sending large enough packets to cause a problem. Recently
> we've begun implementing a SIP device that sends very large packets,
> sometimes even over 9000 bytes and requires fragmentation.
>
> What we found in our troubleshooting is that when large packets originate
> from our network to an instance in OpenStack they are being fragmented (as
> expected). Once these packets reach the qbr-XX port iptables
> defragments the packet and forwards it to the tap interface unfragmented.
> If we set the MTU on the tap interface to 1500 it will refragment the
> packet before forwarding it to the instance.
>
> A similar issue happens the other direction. Large packets originating
> from the OpenStack instance are fragmented (we set the mtu of the interface
> in the instance to 1500 so this is expected) but again once the packets
> reach the qbr--XX interface iptables defragments them again. If we
> set the MTU of the qvb-XX to 1500 the packet is refragmented.
>
> So long story short if we set the instance MTU to 1500 and the
> qbr-XX and qvb-XX ports on the compute node to 1500 MTU the
> packets remain fragmented and are able to traverse the network.
>
> So the question becomes can we modify the default MTU of our provider
> networks so that the instances created on this network receive a 1500 MTU
> from DHCP and the ports on the compute node are also configured to a 1500
> MTU?
>
> I've been looking at the following neutron config option in
> /etc/neutron/plugins/ml2/ml2_conf.ini:
>
> physical_network_mtus =physnet1:9000,providernet:9000
>
> Documentation on this setting is not very clear. Will adjusting this to
> 1500 for providernet accomplish what we need?
>

As far as I know there are 3 main options that one can use to set MTUs in
Neutron, and I use them to do things like ensure that my vxlan interfaces
have an MTU of 1500, as well as provider networks to 1500.

They are:

neutron.conf:default:global_physnet_mtu
ml2_conf.ini:ml2:path_mtu
ml2_conf.ini:ml2:physical_network_mtus

I usually set them all specifically (example: 9000, 1550, and
someprovider:1500). That said, I think only setting your providernet to
1500 would do what you want.

Thanks,
Curtis.



>
> Thank You,
>
> John Petrini
>
>
> ___
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstac
> k
> Post to : openst...@lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstac
> k
>
>


-- 
Blog: serverascode.com
___
OpenStack-operators mailing list
OpenStack-operators@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators

Re: [Openstack] MTU on Provider Networks

2017-09-14 Thread Remo Mattei 
We are running Ocata and our MTU is not set to 1450.. since out external
provider is not running on a 9000.


Remo

On 9/14/17 11:10 AM, John Petrini wrote:
> Hi List, 
>
> We are running Mitaka and having an MTU issue. Instances that we
> launch on our provider network use Jumbo Frames (9000 MTU). There is a
> Layer2 link between the OpenStack switches and our Core. This link
> uses and MTU of 1500.
>
> Up until recently this MTU mismatch has not been an issue because none
> of our systems are sending large enough packets to cause a problem.
> Recently we've begun implementing a SIP device that sends very large
> packets, sometimes even over 9000 bytes and requires fragmentation.
>
> What we found in our troubleshooting is that when large packets
> originate from our network to an instance in OpenStack they are being
> fragmented (as expected). Once these packets reach the qbr-XX
> port iptables defragments the packet and forwards it to the tap
> interface unfragmented. If we set the MTU on the tap interface to 1500
> it will refragment the packet before forwarding it to the instance.
>
> A similar issue happens the other direction. Large packets originating
> from the OpenStack instance are fragmented (we set the mtu of the
> interface in the instance to 1500 so this is expected) but again once
> the packets reach the qbr--XX interface iptables defragments
> them again. If we set the MTU of the qvb-XX to 1500 the packet
> is refragmented.
>
> So long story short if we set the instance MTU to 1500 and the
> qbr-XX and qvb-XX ports on the compute node to 1500
> MTU the packets remain fragmented and are able to traverse the network.
>
> So the question becomes can we modify the default MTU of our provider
> networks so that the instances created on this network receive a 1500
> MTU from DHCP and the ports on the compute node are also configured to
> a 1500 MTU?
>
> I've been looking at the following neutron config option in
> /etc/neutron/plugins/ml2/ml2_conf.ini:
>
> physical_network_mtus =physnet1:9000,providernet:9000
>
> Documentation on this setting is not very clear. Will adjusting this
> to 1500 for providernet accomplish what we need?
>
> Thank You,
>
> John Petrini
>  
>
>
> ___
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

[Openstack] MTU on Provider Networks

2017-09-14 Thread John Petrini 
Hi List,

We are running Mitaka and having an MTU issue. Instances that we launch on
our provider network use Jumbo Frames (9000 MTU). There is a Layer2 link
between the OpenStack switches and our Core. This link uses and MTU of
1500.

Up until recently this MTU mismatch has not been an issue because none of
our systems are sending large enough packets to cause a problem. Recently
we've begun implementing a SIP device that sends very large packets,
sometimes even over 9000 bytes and requires fragmentation.

What we found in our troubleshooting is that when large packets originate
from our network to an instance in OpenStack they are being fragmented (as
expected). Once these packets reach the qbr-XX port iptables
defragments the packet and forwards it to the tap interface unfragmented.
If we set the MTU on the tap interface to 1500 it will refragment the
packet before forwarding it to the instance.

A similar issue happens the other direction. Large packets originating from
the OpenStack instance are fragmented (we set the mtu of the interface in
the instance to 1500 so this is expected) but again once the packets reach
the qbr--XX interface iptables defragments them again. If we set
the MTU of the qvb-XX to 1500 the packet is refragmented.

So long story short if we set the instance MTU to 1500 and the
qbr-XX and qvb-XX ports on the compute node to 1500 MTU the
packets remain fragmented and are able to traverse the network.

So the question becomes can we modify the default MTU of our provider
networks so that the instances created on this network receive a 1500 MTU
from DHCP and the ports on the compute node are also configured to a 1500
MTU?

I've been looking at the following neutron config option in
/etc/neutron/plugins/ml2/ml2_conf.ini:

physical_network_mtus =physnet1:9000,providernet:9000

Documentation on this setting is not very clear. Will adjusting this to
1500 for providernet accomplish what we need?

Thank You,

John Petrini
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack