Public bug reported: Under /etc/neutron/l3_agent.ini when configuring external_network_bridge = br-ex OVS does not create dump-flow for this vlan so we get external access.
version : # rpm -qa |grep neutron openstack-neutron-7.0.1-2.el7ost.noarch python-neutronclient-3.1.0-1.el7ost.noarch python-neutron-7.0.1-2.el7ost.noarch openstack-neutron-openvswitch-7.0.1-2.el7ost.noarch openstack-neutron-common-7.0.1-2.el7ost.noarch openstack-neutron-ml2-7.0.1-2.el7ost.noarch [root@puma06 ~(keystone_admin)]# rpm -qa |grep openvswitch python-openvswitch-2.4.0-1.el7.noarch openstack-neutron-openvswitch-7.0.1-2.el7ost.noarch openvswitch-2.4.0-1.el7.x86_64 Installed by packstack OSP-8 step to reproduce : 1. Deploy with packstack OSP-8 , set ETX bridge parameter --> CONFIG_NEUTRON_L3_EXT_BRIDGE= br-ex 2. setup ENV : # neutron net-create external_network --provider:network_type=vlan --provider:segmentation_id=181 --provider:physical_network physnet --router:external # neutron subnet-create external_network 10.35.166.0/24 --disable-dhcp --gateway 10.35.166.254 --allocation-pool start=10.35.166.1,end=10.35.166.100 # neutron net-create int_net # neutron subnet-create int_net 192.168.1.0/24 --dns_nameservers list=true 10.35.28.28 --name int_sub # neutron router-create Router_eNet # neutron router-interface-add Router_eNet subnet=int_sub # neutron router-gateway-set Router_eNet external_network 3. ovs-ofctl dump-flows br-ex NXST_FLOW reply (xid=0x4): cookie=0x0, duration=57707.344s, table=0, n_packets=21, n_bytes=1638, idle_age=60, priority=2,in_port=2 actions=drop cookie=0x0, duration=57707.394s, table=0, n_packets=1233857, n_bytes=85172234, idle_age=0, priority=0 actions=NORMAL try to ping EXT network (8.8.8.8) -- no connectivity 4. When we change external_network_bridge = provider and creating the ENV again (new router & new routr ports ) I get EXT access and the flow created : # ovs-ofctl dump-flows br-ex NXST_FLOW reply (xid=0x4): cookie=0x0, duration=105.955s, table=0, n_packets=5, n_bytes=402, idle_age=97, priority=4,in_port=2,dl_vlan=2 actions=mod_vlan_vid:181,NORMAL cookie=0x0, duration=58222.490s, table=0, n_packets=39, n_bytes=3174, idle_age=105, priority=2,in_port=2 actions=drop cookie=0x0, duration=58222.540s, table=0, n_packets=1244856, n_bytes=85931346, idle_age=0, priority=0 actions=NORMAL ** Affects: neutron Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1530038 Title: when external_network_bridge is set to br-ex ovs does not create flow to EXT access Status in neutron: New Bug description: Under /etc/neutron/l3_agent.ini when configuring external_network_bridge = br-ex OVS does not create dump-flow for this vlan so we get external access. version : # rpm -qa |grep neutron openstack-neutron-7.0.1-2.el7ost.noarch python-neutronclient-3.1.0-1.el7ost.noarch python-neutron-7.0.1-2.el7ost.noarch openstack-neutron-openvswitch-7.0.1-2.el7ost.noarch openstack-neutron-common-7.0.1-2.el7ost.noarch openstack-neutron-ml2-7.0.1-2.el7ost.noarch [root@puma06 ~(keystone_admin)]# rpm -qa |grep openvswitch python-openvswitch-2.4.0-1.el7.noarch openstack-neutron-openvswitch-7.0.1-2.el7ost.noarch openvswitch-2.4.0-1.el7.x86_64 Installed by packstack OSP-8 step to reproduce : 1. Deploy with packstack OSP-8 , set ETX bridge parameter --> CONFIG_NEUTRON_L3_EXT_BRIDGE= br-ex 2. setup ENV : # neutron net-create external_network --provider:network_type=vlan --provider:segmentation_id=181 --provider:physical_network physnet --router:external # neutron subnet-create external_network 10.35.166.0/24 --disable-dhcp --gateway 10.35.166.254 --allocation-pool start=10.35.166.1,end=10.35.166.100 # neutron net-create int_net # neutron subnet-create int_net 192.168.1.0/24 --dns_nameservers list=true 10.35.28.28 --name int_sub # neutron router-create Router_eNet # neutron router-interface-add Router_eNet subnet=int_sub # neutron router-gateway-set Router_eNet external_network 3. ovs-ofctl dump-flows br-ex NXST_FLOW reply (xid=0x4): cookie=0x0, duration=57707.344s, table=0, n_packets=21, n_bytes=1638, idle_age=60, priority=2,in_port=2 actions=drop cookie=0x0, duration=57707.394s, table=0, n_packets=1233857, n_bytes=85172234, idle_age=0, priority=0 actions=NORMAL try to ping EXT network (8.8.8.8) -- no connectivity 4. When we change external_network_bridge = provider and creating the ENV again (new router & new routr ports ) I get EXT access and the flow created : # ovs-ofctl dump-flows br-ex NXST_FLOW reply (xid=0x4): cookie=0x0, duration=105.955s, table=0, n_packets=5, n_bytes=402, idle_age=97, priority=4,in_port=2,dl_vlan=2 actions=mod_vlan_vid:181,NORMAL cookie=0x0, duration=58222.490s, table=0, n_packets=39, n_bytes=3174, idle_age=105, priority=2,in_port=2 actions=drop cookie=0x0, duration=58222.540s, table=0, n_packets=1244856, n_bytes=85931346, idle_age=0, priority=0 actions=NORMAL To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1530038/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp