Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. OpenStack>
  3. Dev
Is it possible to use OVS inside an Openstack VM ?
dfernandes at toulouse
Jun 18, 2018, 3:26 AM
Post #1 of 3 (309 views)
Permalink
Hi guys,

I have just 1 question. Is it possible to use OVS inside an Openstack VM
? Let me explain my issue.

I have created 2 Ubuntu 16.04 VMs and installed last version of OVS in
both. Both VMs are connected to the same network and they can ping each
other.
Then, I have created an OVS bridge (namely "br-test") in the first VM
and I have added the port of the VM (ens1) to the ovs bridge as usual.
At this point I cant't ping from one VM to the other.
If I perform tcpdump on the bridge (tcpdump br-test), I see that ARP
requests are sent but they are not sent by the interface of the VM (ens1).
I tried to add the MAC addreses manually to the ARP table of each VM.
When I ping, I see the same case :  icmp packets outgoing the bridge
br-test but never sent by the interface ens1 of the VM.

I have tried the same scenario using a linux bridge instead of OVS
swithch and it works.

Do you have any idea of why there are issues binding VM interface to OVS
bridges ? Any information will be really apreciated !! Thanks in advance
!!!

David
Re: Is it possible to use OVS inside an Openstack VM ? [ In reply to ]
haleyb.dev at gmail
Jun 18, 2018, 11:21 AM
Post #2 of 3 (307 views)
Permalink
On 06/18/2018 06:26 AM, David Fernandes wrote:
> Hi guys,
>
> I have just 1 question. Is it possible to use OVS inside an Openstack VM
> ? Let me explain my issue.
>
> I have created 2 Ubuntu 16.04 VMs and installed last version of OVS in
> both. Both VMs are connected to the same network and they can ping each
> other.
> Then, I have created an OVS bridge (namely "br-test") in the first VM
> and I have added the port of the VM (ens1) to the ovs bridge as usual.
> At this point I cant't ping from one VM to the other.
> If I perform tcpdump on the bridge (tcpdump br-test), I see that ARP
> requests are sent but they are not sent by the interface of the VM (ens1).
> I tried to add the MAC addreses manually to the ARP table of each VM.
> When I ping, I see the same case :  icmp packets outgoing the bridge
> br-test but never sent by the interface ens1 of the VM.

I can only guess things are being blocked by the MAC anti-spoofing rules
neutron adds - perhaps the source MAC of the bridge is being used which
is different from the NIC?

-Brian


> I have tried the same scenario using a linux bridge instead of OVS
> swithch and it works.
>
> Do you have any idea of why there are issues binding VM interface to OVS
> bridges ? Any information will be really apreciated !! Thanks in advance
> !!!
>
> David
>
>
>
> _______________________________________________
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>

_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: Is it possible to use OVS inside an Openstack VM ? [ In reply to ]
dfernandes at toulouse
Jun 20, 2018, 1:15 AM
Post #3 of 3 (305 views)
Permalink
Yo are totally Right Brian !

I tried to allow the bridge address pair to the VM port using the
following command and it works !!!

neutron port-update <VM_port_uuid> --allowed-address-pairs type=dict
list=true mac_address=<bridge_MAC>,ip_address=<bridge_ip>

Thank you so much !!

David

Le 18/06/2018 à 20:21, Brian Haley a écrit :
> On 06/18/2018 06:26 AM, David Fernandes wrote:
>> Hi guys,
>>
>> I have just 1 question. Is it possible to use OVS inside an Openstack
>> VM ? Let me explain my issue.
>>
>> I have created 2 Ubuntu 16.04 VMs and installed last version of OVS
>> in both. Both VMs are connected to the same network and they can ping
>> each other.
>> Then, I have created an OVS bridge (namely "br-test") in the first VM
>> and I have added the port of the VM (ens1) to the ovs bridge as
>> usual. At this point I cant't ping from one VM to the other.
>> If I perform tcpdump on the bridge (tcpdump br-test), I see that ARP
>> requests are sent but they are not sent by the interface of the VM
>> (ens1).
>> I tried to add the MAC addreses manually to the ARP table of each VM.
>> When I ping, I see the same case :  icmp packets outgoing the bridge
>> br-test but never sent by the interface ens1 of the VM.
>
> I can only guess things are being blocked by the MAC anti-spoofing
> rules neutron adds - perhaps the source MAC of the bridge is being
> used which is different from the NIC?
>
> -Brian
>
>
>> I have tried the same scenario using a linux bridge instead of OVS
>> swithch and it works.
>>
>> Do you have any idea of why there are issues binding VM interface to
>> OVS bridges ? Any information will be really apreciated !! Thanks in
>> advance !!!
>>
>> David
>>
>>
>>
>> _______________________________________________
>> Mailing list:
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> Post to     : openstack@lists.openstack.org
>> Unsubscribe :
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>


_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal