git.net

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Openstack] [netvirt-dev] VM as a router with ODL/OpenStack


Hi Jaime

Thank you - I will try this and see how it works.

David

-----Original Message-----
From: Jaime Caamaño Ruiz [mailto:jcaamano at suse.de] 
Sent: 20 July 2018 14:23
To: Lake D Mr (PG/R - Elec Electronic Eng) <d.lake at surrey.ac.uk>; netvirt-dev at lists.opendaylight.org; openstack at lists.openstack.org
Cc: Ge C Dr (Elec Electronic Eng) <c.ge at surrey.ac.uk>
Subject: Re: [netvirt-dev] VM as a router with ODL/OpenStack

Hello David

On the router VM, you would probably dedicate a port for management with a floating ip assigned.

The you would have extra ports for as many nets the router is servicing, two in the case of trex simple setup. These ports would have port security disabled:

openstack port set <port> --no-security-group --disable-port-security

If running trex in the cloud vm, more less the same. Have one port for management. Then two other ports for trex traffic. On these ports, add allowed address pairs for 16.0.0.0/8 and 48.0.0.0/8 respectively

openstack port set <port> --allowed-address ip-address=16.0.0.0/8

If you have any routers in the middle, add static routes.

Not actually tried with ODL, but this works with neutron ovs driver.

BR
Jaime.
 
-----Original Message-----
From: d.lake at surrey.ac.uk
To: netvirt-dev at lists.opendaylight.org, openstack at lists.openstack.org, jcaamano at suse.de
Cc: c.ge at surrey.ac.uk
Subject: [netvirt-dev] VM as a router with ODL/OpenStack
Date: Fri, 20 Jul 2018 07:32:49 +0000

Hello

Iâ??m trying to use a VM as a router in an OpenStack + ODL installation.

I have the VM set up with two internal addresses - 10.10.5.21 and
10.10.6.21.   They are allocated floating public addresses of
10.201.81.21 and 10.201.82.21 respectively.

I am using a TREx load generator which sources from 16.0.0.0/8 and
sinks to 48.0.0.0/8.   

I have added routes both ways on the routers between the floating and private addresses.

I have read that I need to disable â??port securityâ?? on the VM ports to allow IP spoofing - does this also include the router ports?

Also, when I start a test session generating traffic from 16.0.0.0 -> 48.0.0.0. I see a flow in OVS which matches but has an action of â??drop.â??

How do I overcome this?

Thanks in advance

David

Sent from my iPhone
_______________________________________________
netvirt-dev mailing list
netvirt-dev at lists.opendaylight.org
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev