Re: [Openstack] dhcp namespace and vert pairs?
Eno4 should not be in the int bride. Inviato da iPhone > Il giorno 17 lug 2017, alle ore 03:46, Ali Volkan Atli > ha scritto: > > > I have a VM launched using OpenStack and a laptop added directly into > integration bridge using ovs-vsctl add-port option. Also I used ./stack > script from devstack github and my local.conf as below: > >argela@cloud:~$ sudo ovs-vsctl add-port br-int eno4 tag=1 > >argela@cloud:~$ sudo ovs-vsctl show >... >Bridge br-int >Port "tapb22e0bb6-c6" >tag: 1 >Interface "tapb22e0bb6-c6" >type: internal >Port "eno4" >tag: 1 >Interface "eno4" > ... > >root@cloud:~/devstack# cat local.conf >[[local|localrc]] >ADMIN_PASSWORD=admin >DATABASE_PASSWORD=$ADMIN_PASSWORD >RABBIT_PASSWORD=$ADMIN_PASSWORD >SERVICE_PASSWORD=$ADMIN_PASSWORD > >FLAT_INTERFACE=eno1,eno3,eno4,eno5,eno6,eno7,eno8 > ># Fixed and floating subnets >FIXED_RANGE=10.254.1.0/24 >FLOATING_RANGE="192.168.111.0/24" > > When I run dhclient in the instance launched from OpenStack, I can see the > bootp/dhcp messages in the dhcp network space, but when I tried to run > dhclient in external laptop, I can only see the discover message in dhcp > namespace, the laptop cannot get any response. So VM can get an IP address > but the laptop cannot. I checked the iptables and flow-entries in OvS but I > could not understand why laptop cannot get response from dhcp namespace. > >stack@cloud:~/devstack$ ip netns list >qrouter-b1285ebf-d7f6-4af5-bf13-54356b073ca2 >qdhcp-f0d79126-a5f2-46a6-90a9-b0e2f805f93d > > dhcp namespace iptable is as follows: > >root@cloud:~/devstack# iptables -S >-P INPUT ACCEPT >-P FORWARD ACCEPT >-P OUTPUT ACCEPT >-N neutron-dhcp-age-FORWARD >-N neutron-dhcp-age-INPUT >-N neutron-dhcp-age-OUTPUT >-N neutron-dhcp-age-local >-N neutron-filter-top >-A INPUT -j neutron-dhcp-age-INPUT >-A FORWARD -j neutron-filter-top >-A FORWARD -j neutron-dhcp-age-FORWARD >-A OUTPUT -j neutron-filter-top >-A OUTPUT -j neutron-dhcp-age-OUTPUT >-A neutron-filter-top -j neutron-dhcp-age-local > > One more question. I can see that there are namespaces created by OpenStack, > qrouter and qdhcp. I know that if I want to connect the namespace to OvS, I > need to create Veth Pairs (e.g. ip link add veth0 type veth peer name veth1), > and then assign one peer to a namespace (e.g. ip link set veth1 netns blue) > and the other into OvS. But for OpenStack I also cannot any vert pairs. How > did OpenStack connect the dhcp namespace to OvS? How can I find out which > "vert peer" the dhcp namespaces use. > > Hope someone answers. Thanks in advance. > > - Volkan > > ___ > Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > Post to : openstack@lists.openstack.org > Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > > !DSPAM:1,596c95d4237511802556061! > ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] dhcp namespace and vert pairs?
Hello, AFAIK DHCP namespace is connected to OVS with „internal” port created in br-int bridge (tap). This „tap” interface is then moved qdhcp namespace. Neutron is configuring dnsmasq exactly for specified MAC addresses assigned to ports so You can’t get IP from this DHCP server for Your laptop as DHCP request is sent from not known MAC address. — Best regards Slawek Kaplonski sla...@kaplonski.pl > Wiadomość napisana przez Ali Volkan Atli w dniu > 17.07.2017, o godz. 12:46: > > > I have a VM launched using OpenStack and a laptop added directly into > integration bridge using ovs-vsctl add-port option. Also I used ./stack > script from devstack github and my local.conf as below: > >argela@cloud:~$ sudo ovs-vsctl add-port br-int eno4 tag=1 > >argela@cloud:~$ sudo ovs-vsctl show >... >Bridge br-int >Port "tapb22e0bb6-c6" >tag: 1 >Interface "tapb22e0bb6-c6" >type: internal >Port "eno4" >tag: 1 >Interface "eno4" > ... > >root@cloud:~/devstack# cat local.conf >[[local|localrc]] >ADMIN_PASSWORD=admin >DATABASE_PASSWORD=$ADMIN_PASSWORD >RABBIT_PASSWORD=$ADMIN_PASSWORD >SERVICE_PASSWORD=$ADMIN_PASSWORD > >FLAT_INTERFACE=eno1,eno3,eno4,eno5,eno6,eno7,eno8 > ># Fixed and floating subnets >FIXED_RANGE=10.254.1.0/24 >FLOATING_RANGE="192.168.111.0/24" > > When I run dhclient in the instance launched from OpenStack, I can see the > bootp/dhcp messages in the dhcp network space, but when I tried to run > dhclient in external laptop, I can only see the discover message in dhcp > namespace, the laptop cannot get any response. So VM can get an IP address > but the laptop cannot. I checked the iptables and flow-entries in OvS but I > could not understand why laptop cannot get response from dhcp namespace. > >stack@cloud:~/devstack$ ip netns list >qrouter-b1285ebf-d7f6-4af5-bf13-54356b073ca2 >qdhcp-f0d79126-a5f2-46a6-90a9-b0e2f805f93d > > dhcp namespace iptable is as follows: > >root@cloud:~/devstack# iptables -S >-P INPUT ACCEPT >-P FORWARD ACCEPT >-P OUTPUT ACCEPT >-N neutron-dhcp-age-FORWARD >-N neutron-dhcp-age-INPUT >-N neutron-dhcp-age-OUTPUT >-N neutron-dhcp-age-local >-N neutron-filter-top >-A INPUT -j neutron-dhcp-age-INPUT >-A FORWARD -j neutron-filter-top >-A FORWARD -j neutron-dhcp-age-FORWARD >-A OUTPUT -j neutron-filter-top >-A OUTPUT -j neutron-dhcp-age-OUTPUT >-A neutron-filter-top -j neutron-dhcp-age-local > > One more question. I can see that there are namespaces created by OpenStack, > qrouter and qdhcp. I know that if I want to connect the namespace to OvS, I > need to create Veth Pairs (e.g. ip link add veth0 type veth peer name veth1), > and then assign one peer to a namespace (e.g. ip link set veth1 netns blue) > and the other into OvS. But for OpenStack I also cannot any vert pairs. How > did OpenStack connect the dhcp namespace to OvS? How can I find out which > "vert peer" the dhcp namespaces use. > > Hope someone answers. Thanks in advance. > > - Volkan > > ___ > Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > Post to : openstack@lists.openstack.org > Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack signature.asc Description: Message signed with OpenPGP ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] dhcp namespace and vert pairs?
Hi! I think that the DHCP server does not work for the laptop because it only server MAC:IP pairs configured by Neutron. You can confirm by stealing a MAC address configured to an instance. Stop it and try dhclient ;-). However, I'm not enough of a Neutron guru to guarantee you that you will be able to communicate everywhere when you patch in like this. Mainly in Neutron DVR, there is some filtering and rewriting being done in OpenvSwitch. Tomas -Original Message- From: Ali Volkan Atli [mailto:volkan.a...@argela.com.tr] Sent: Monday, July 17, 2017 12:46 PM To: openstack@lists.openstack.org Subject: [Openstack] dhcp namespace and vert pairs? I have a VM launched using OpenStack and a laptop added directly into integration bridge using ovs-vsctl add-port option. Also I used ./stack script from devstack github and my local.conf as below: argela@cloud:~$ sudo ovs-vsctl add-port br-int eno4 tag=1 argela@cloud:~$ sudo ovs-vsctl show ... Bridge br-int Port "tapb22e0bb6-c6" tag: 1 Interface "tapb22e0bb6-c6" type: internal Port "eno4" tag: 1 Interface "eno4" ... root@cloud:~/devstack# cat local.conf [[local|localrc]] ADMIN_PASSWORD=admin DATABASE_PASSWORD=$ADMIN_PASSWORD RABBIT_PASSWORD=$ADMIN_PASSWORD SERVICE_PASSWORD=$ADMIN_PASSWORD FLAT_INTERFACE=eno1,eno3,eno4,eno5,eno6,eno7,eno8 # Fixed and floating subnets FIXED_RANGE=10.254.1.0/24 FLOATING_RANGE="192.168.111.0/24" When I run dhclient in the instance launched from OpenStack, I can see the bootp/dhcp messages in the dhcp network space, but when I tried to run dhclient in external laptop, I can only see the discover message in dhcp namespace, the laptop cannot get any response. So VM can get an IP address but the laptop cannot. I checked the iptables and flow-entries in OvS but I could not understand why laptop cannot get response from dhcp namespace. stack@cloud:~/devstack$ ip netns list qrouter-b1285ebf-d7f6-4af5-bf13-54356b073ca2 qdhcp-f0d79126-a5f2-46a6-90a9-b0e2f805f93d dhcp namespace iptable is as follows: root@cloud:~/devstack# iptables -S -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT -N neutron-dhcp-age-FORWARD -N neutron-dhcp-age-INPUT -N neutron-dhcp-age-OUTPUT -N neutron-dhcp-age-local -N neutron-filter-top -A INPUT -j neutron-dhcp-age-INPUT -A FORWARD -j neutron-filter-top -A FORWARD -j neutron-dhcp-age-FORWARD -A OUTPUT -j neutron-filter-top -A OUTPUT -j neutron-dhcp-age-OUTPUT -A neutron-filter-top -j neutron-dhcp-age-local One more question. I can see that there are namespaces created by OpenStack, qrouter and qdhcp. I know that if I want to connect the namespace to OvS, I need to create Veth Pairs (e.g. ip link add veth0 type veth peer name veth1), and then assign one peer to a namespace (e.g. ip link set veth1 netns blue) and the other into OvS. But for OpenStack I also cannot any vert pairs. How did OpenStack connect the dhcp namespace to OvS? How can I find out which "vert peer" the dhcp namespaces use. Hope someone answers. Thanks in advance. - Volkan ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] dhcp namespace and vert pairs?
I have a VM launched using OpenStack and a laptop added directly into integration bridge using ovs-vsctl add-port option. Also I used ./stack script from devstack github and my local.conf as below: argela@cloud:~$ sudo ovs-vsctl add-port br-int eno4 tag=1 argela@cloud:~$ sudo ovs-vsctl show ... Bridge br-int Port "tapb22e0bb6-c6" tag: 1 Interface "tapb22e0bb6-c6" type: internal Port "eno4" tag: 1 Interface "eno4" ... root@cloud:~/devstack# cat local.conf [[local|localrc]] ADMIN_PASSWORD=admin DATABASE_PASSWORD=$ADMIN_PASSWORD RABBIT_PASSWORD=$ADMIN_PASSWORD SERVICE_PASSWORD=$ADMIN_PASSWORD FLAT_INTERFACE=eno1,eno3,eno4,eno5,eno6,eno7,eno8 # Fixed and floating subnets FIXED_RANGE=10.254.1.0/24 FLOATING_RANGE="192.168.111.0/24" When I run dhclient in the instance launched from OpenStack, I can see the bootp/dhcp messages in the dhcp network space, but when I tried to run dhclient in external laptop, I can only see the discover message in dhcp namespace, the laptop cannot get any response. So VM can get an IP address but the laptop cannot. I checked the iptables and flow-entries in OvS but I could not understand why laptop cannot get response from dhcp namespace. stack@cloud:~/devstack$ ip netns list qrouter-b1285ebf-d7f6-4af5-bf13-54356b073ca2 qdhcp-f0d79126-a5f2-46a6-90a9-b0e2f805f93d dhcp namespace iptable is as follows: root@cloud:~/devstack# iptables -S -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT -N neutron-dhcp-age-FORWARD -N neutron-dhcp-age-INPUT -N neutron-dhcp-age-OUTPUT -N neutron-dhcp-age-local -N neutron-filter-top -A INPUT -j neutron-dhcp-age-INPUT -A FORWARD -j neutron-filter-top -A FORWARD -j neutron-dhcp-age-FORWARD -A OUTPUT -j neutron-filter-top -A OUTPUT -j neutron-dhcp-age-OUTPUT -A neutron-filter-top -j neutron-dhcp-age-local One more question. I can see that there are namespaces created by OpenStack, qrouter and qdhcp. I know that if I want to connect the namespace to OvS, I need to create Veth Pairs (e.g. ip link add veth0 type veth peer name veth1), and then assign one peer to a namespace (e.g. ip link set veth1 netns blue) and the other into OvS. But for OpenStack I also cannot any vert pairs. How did OpenStack connect the dhcp namespace to OvS? How can I find out which "vert peer" the dhcp namespaces use. Hope someone answers. Thanks in advance. - Volkan ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
