[ovs-discuss] openvswitch gre tunneling issues

Shivaramakrishnan Vaidyanathan shivaramakrishnan740 at gmail.com
Mon Mar 31 19:10:05 UTC 2014 

Hello,
Thanks a lot,It worked.
I am able to communicate now between the two vm's on different hosts using
multiple gre tunnels.
But I am not able to communicate to an outside ip(say 4.2.2.2)  from vm.Is
there a config required for this?
How do i give outside connectivity for vm's.


On Mon, Mar 31, 2014 at 2:41 PM, Gurucharan Shetty <shettyg at nicira.com>wrote:

> On Mon, Mar 31, 2014 at 10:07 AM, Shivaramakrishnan Vaidyanathan
> <shivaramakrishnan740 at gmail.com> wrote:
> > Thanks a lot.
> > According to what i understand,
> > Host 1: IP -- a.b.c.d
> >
> > ovs-vsctl add-port virbr3 gre2 -- set interface gre2 type=gre
> > options:remote_ip:p.q.r.s options:key=30
> >
> > Host2: IP -- p.q.r.s
> > ovs-vsctl add-port virbr3 gre2 -- set interface gre2 type=gre
> > options:remote_ip:a.b.c.d options:key=30
> >
> > Is this what you mentioned?Just to confirm.
> Yes. You have 2 pairs of gre tunnels. Each pair should have the same
> key. In the above example that you have given, you have set one pair
> as 30. You can set the other pair as 40.
>
>
> >
> >
> > On Mon, Mar 31, 2014 at 12:29 PM, Gurucharan Shetty <shettyg at nicira.com>
> > wrote:
> >>
> >> On Mon, Mar 31, 2014 at 9:20 AM, Shivaramakrishnan Vaidyanathan
> >> <shivaramakrishnan740 at gmail.com> wrote:
> >> > Thanks a lot Gurucharan.
> >> > I am pretty new to openvswitch.Can you provide the command to achieve
> >> > this?
> >> > Looking forward to your reply.
> >>
> >> The man page says:
> >> ....
> >> ....
> >> Tunnel Options:
> >>        These options apply to interfaces with type of gre,  ipsec_gre,
> >> gre64,
> >>        ipsec_gre64, vxlan, and lisp.
> >>
> >>        Each  tunnel  must  be  uniquely identified by the combination of
> >> type,
> >>        options:remote_ip, options:local_ip, and options:in_key.  If two
> >> ports
> >>        are defined that are the same except one has an optional
> identifier
> >> and
> >>        the  other  does  not,  the  more  specific  one  is   matched
> >> first.
> >>        options:in_key  is  considered more specific than
> options:local_ip
> >> if a
> >>        port defines one and another port defines the other.
> >> ....
> >> ...
> >> options : key: optional string
> >>               Optional.  Shorthand to set in_key and out_key at the same
> >> time.
> >> ...
> >> ...
> >>
> >> So you can do something like:
> >> * If you create a new tunnel (the key should be same at both ends and
> >> a different key at the other end):
> >> ovs-vsctl add-port virbr3 gre2 -- set interface gre2 type=gre
> >> options:remote_ip:p.q.r.s options:key=30
> >>
> >> (note that your command does not have a '=' and instead has a ':'.
> >> Also your "ovs-vsctl show" does not print any o/p)
> >>
> >> * Or just add a key to a existing tunnel
> >> ovs-vsctl set interface gre0 options:key=20
> >>
> >> If you can't debug well, start with a simpler configuration. i.e., a
> >> single gre tunnel. Once you get that working, you can build on top of
> >> it.
> >>
> >> >
> >> >
> >> > On Mon, Mar 31, 2014 at 12:15 PM, Gurucharan Shetty <
> shettyg at nicira.com>
> >> > wrote:
> >> >>
> >> >> On Mon, Mar 31, 2014 at 9:12 AM, Shivaramakrishnan Vaidyanathan
> >> >> <shivaramakrishnan740 at gmail.com> wrote:
> >> >> > So in that case,essentially we cant have multiple gre tunnels?
> >> >> I think you can use unique keys to distinguish (Read "Tunnel Options"
> >> >> in "man ovs-vswitchd.conf.db").
> >> >>
> >> >> > Though I have multiple bridges that vm's  to communicate between
> each
> >> >> > other.
> >> >> > The requirement is I need to have multiple internal bridges for
> vm's
> >> >> > and
> >> >> > just one external bridge.
> >> >> > Is there any alternative?
> >> >> >
> >> >> >
> >> >> > On Mon, Mar 31, 2014 at 11:44 AM, Gurucharan Shetty
> >> >> > <shettyg at nicira.com>
> >> >> > wrote:
> >> >> >>
> >> >> >> On Mon, Mar 31, 2014 at 8:36 AM, Shiva
> >> >> >> <shivaramakrishnan740 at gmail.com>
> >> >> >> wrote:
> >> >> >> > Hello,
> >> >> >> >
> >> >> >> > I am setting up two gre tunnels between two hosts using the same
> >> >> >> > external
> >> >> >> > bridge.In this case (br1).I use virbr3 and virbr2 for internal
> >> >> >> > communication.
> >> >> >> >
> >> >> >> > This is my config steps:
> >> >> >> > Hypervisor 1:
> >> >> >> > External communication
> >> >> >> > ovs-vsctl add-br br1
> >> >> >> > ovs-vsctl add-port eth0
> >> >> >> > ifconfig br1 p.q.r.s netmask 255.255.255.0
> >> >> >> >
> >> >> >> > Internal bridge for vm communication
> >> >> >> > Tunnel1 :
> >> >> >> >
> >> >> >> > ovs-vsctl add-br virbr3
> >> >> >> > ovs-vsctl show
> >> >> >> > ovs-vsctl add-port virbr3 gre2 -- set interface gre2 type=gre
> >> >> >> > options:remote_ip:a.b.c.d
> >> >> >> >
> >> >> >> > Tunnel2:
> >> >> >> >
> >> >> >> > ovs-vsctl add-br virbr2
> >> >> >> > ovs-vsctl show
> >> >> >> > ovs-vsctl add-port virbr2 gre0 -- set interface gre0 type=gre
> >> >> >> > options:remote_ip:a.b.c.d
> >> >> >> Consider the case for the traffic coming into Hypervisor1. I don't
> >> >> >> think it is possible to figure out which of the two end points the
> >> >> >> packet needs to be delivered to because the 2 gre tunnels are not
> >> >> >> unique.
> >> >> >>
> >> >> >> I think if you delete one of your virbr* in each of the machines,
> >> >> >> you
> >> >> >> should be able to communicate.
> >> >> >>
> >> >> >>
> >> >> >> >
> >> >> >> >
> >> >> >> > Hypervisor 2:
> >> >> >> > External communication
> >> >> >> > ovs-vsctl add-br br1
> >> >> >> > ovs-vsctl add-port eth0
> >> >> >> > ifconfig br1 a.b.c.d netmask 255.255.255.0
> >> >> >> >
> >> >> >> > Internal bridge for vm communication
> >> >> >> >
> >> >> >> > Tunnel1:
> >> >> >> >
> >> >> >> >
> >> >> >> > ovs-vsctl add-br virbr3
> >> >> >> > ovs-vsctl show
> >> >> >> > ovs-vsctl add-port virbr3 gre2 -- set interface gre2 type=gre
> >> >> >> > options:remote_ip:p.q.r.s
> >> >> >> >
> >> >> >> > Tunnel2:
> >> >> >> >
> >> >> >> > ovs-vsctl add-br virbr2
> >> >> >> > ovs-vsctl show
> >> >> >> > ovs-vsctl add-port virbr3 gre0 -- set interface gre0 type=gre
> >> >> >> > options:remote_ip:p.q.r.s
> >> >> >> >
> >> >> >> >
> >> >> >> > I am not able to communicate outside world from the vm's.I am
> just
> >> >> >> > able
> >> >> >> > to
> >> >> >> > reach the host on which vm resides and viceversa.Can you please
> >> >> >> > let
> >> >> >> > me
> >> >> >> > know
> >> >> >> > what am i missing here?
> >> >> >> >
> >> >> >> > Your help in this regard is greatly appreciated.
> >> >> >> >
> >> >> >> >
> >> >> >> > _______________________________________________
> >> >> >> > discuss mailing list
> >> >> >> > discuss at openvswitch.org
> >> >> >> > http://openvswitch.org/mailman/listinfo/discuss
> >> >> >> >
> >> >> >
> >> >> >
> >> >
> >> >
> >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20140331/847c831b/attachment-0002.html>

More information about the discuss mailing list