This is a documentation issue. Since the Icehouse days I believe, Neutron allows you to configure external connectivity in one of two ways:
1) Configure the external bridge name in l3_agent.ini. This means that 'qg' external router devices are plugged directly in to the bridge, the OVS agent doesn't manage the bridge nor does it set up flows in case the segmentation type for the external network is 'vlan'. This means that you must set up a Linux VLAN device over the bridge with the external network's VLAN ID. 2) Set the external bridge name in l3_agent.ini to ''. Configure bridge mappings in the OVS agent so that it maps the external network's physical_network to a bridge (Typically still called br-ex). Then the OVS agent manages the bridge and sets up flows for VLAN translation. ** Changed in: neutron Status: New => Invalid ** Changed in: neutron Assignee: ugvddm (271025598-9) => (unassigned) -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1530038 Title: when external_network_bridge is set to br-ex ovs does not create flow to EXT access Status in neutron: Invalid Bug description: Under /etc/neutron/l3_agent.ini when configuring external_network_bridge = br-ex OVS does not create dump-flow for this vlan so we get external access. version : # rpm -qa |grep neutron openstack-neutron-7.0.1-2.el7ost.noarch python-neutronclient-3.1.0-1.el7ost.noarch python-neutron-7.0.1-2.el7ost.noarch openstack-neutron-openvswitch-7.0.1-2.el7ost.noarch openstack-neutron-common-7.0.1-2.el7ost.noarch openstack-neutron-ml2-7.0.1-2.el7ost.noarch [root@puma06 ~(keystone_admin)]# rpm -qa |grep openvswitch python-openvswitch-2.4.0-1.el7.noarch openstack-neutron-openvswitch-7.0.1-2.el7ost.noarch openvswitch-2.4.0-1.el7.x86_64 Installed by packstack OSP-8 step to reproduce : 1. Deploy with packstack OSP-8 , set ETX bridge parameter --> CONFIG_NEUTRON_L3_EXT_BRIDGE= br-ex 2. setup ENV : # neutron net-create external_network --provider:network_type=vlan --provider:segmentation_id=181 --provider:physical_network physnet --router:external # neutron subnet-create external_network 10.35.166.0/24 --disable-dhcp --gateway 10.35.166.254 --allocation-pool start=10.35.166.1,end=10.35.166.100 # neutron net-create int_net # neutron subnet-create int_net 192.168.1.0/24 --dns_nameservers list=true 10.35.28.28 --name int_sub # neutron router-create Router_eNet # neutron router-interface-add Router_eNet subnet=int_sub # neutron router-gateway-set Router_eNet external_network 3. ovs-ofctl dump-flows br-ex NXST_FLOW reply (xid=0x4): cookie=0x0, duration=57707.344s, table=0, n_packets=21, n_bytes=1638, idle_age=60, priority=2,in_port=2 actions=drop cookie=0x0, duration=57707.394s, table=0, n_packets=1233857, n_bytes=85172234, idle_age=0, priority=0 actions=NORMAL try to ping EXT network (8.8.8.8) -- no connectivity 4. When we change external_network_bridge = provider and creating the ENV again (new router & new routr ports ) I get EXT access and the flow created : # ovs-ofctl dump-flows br-ex NXST_FLOW reply (xid=0x4): cookie=0x0, duration=105.955s, table=0, n_packets=5, n_bytes=402, idle_age=97, priority=4,in_port=2,dl_vlan=2 actions=mod_vlan_vid:181,NORMAL cookie=0x0, duration=58222.490s, table=0, n_packets=39, n_bytes=3174, idle_age=105, priority=2,in_port=2 actions=drop cookie=0x0, duration=58222.540s, table=0, n_packets=1244856, n_bytes=85931346, idle_age=0, priority=0 actions=NORMAL To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1530038/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp