Shulou(Shulou.com)06/01 Report--

Today, I will talk to you about how to use linux_bridge in openstack to achieve a vxlan network. Many people may not know much about it. In order to make you understand better, the editor has summarized the following content for you. I hope you can get something according to this article.

Openstack environment:

Version 1: ocata

2 system: ubuntu16.04.2

3 1 control node + 1 computing node

4 the control node network card is ens33,ip = 172.171.5.200 ens34 manual mode without IP

Why does the external network card ens34 have no IP address? This is another story, which is explained in a special chapter. )

Compute node network card ens33, ip = 172.171.5.201

One vxlan configuration

1 Control node:

Edit / etc/neutron/plugins/ml2/ml2_conf.ini file

Configure tenant_network_types = vxlan. The significance of this configuration is that the internal network created in the project is of type vxlan.

Configure the flat external network labeled provider, which is used when creating an external network.

Edit / etc/neutron/plugins/ml2/linuxbridge_agent.ini file

Configure the mapping of the physical network card, that is, specify the external network card. Ens34 is the external network card in this environment.

Specifies the encapsulated IP of the vxlan, that is, the outer IP.

2 Computing nodes

Similarly, the compute node should be configured, and the label label should be consistent with the control node.

The tunnel encapsulation IP is the IP address of ens33

Restart the network service.

Service neutron-server restartservice neutron-linuxbridge-agent restart

Second, create a network process on dashboard

1. Admin users create a public network

The first thing to create here is the public network. There are two types of public networks: falt and vlan. When the type flat is specified, the label configured above is filled in in the physical network. Indicates that the flat network uses the network card bound by label to go out of the public network.

Be sure to distinguish between creating an external network and a non-external network. As shown in the following figure, if you check the external network, you must create a public network, which is the network of all VM out of the public network. Admin users can also create an intranet for a project without checking the external network.

The flat network creates subnets. The subnet network segment is a network segment that can go out of the external network. For example, if you fill in the 172.171.5.0ax 24 network segment here, every IP address in this network segment can go out of the public network.

Fill in the address pool, DNS server. The creation of the public network is finished here. Next, create an intranet for the project demo project in this environment.

When the external network is created, the underlying bridge of the corresponding control node changes. As the screenshot of the blog post is not written in time, here is the screenshot after the network has been created and the example.

When the external network is created, the bridge information in the red box appears. The bridge connects the ens34 network card and the dhcp node tap543aa81e.

As shown in the following picture (average drawing skill, excuse me)

Log in as demo user

Create an internal network. Log in to the demo project using the demo user, and the internal network type created is specified in tenant_network_types and is vxlan.

This configuration specifies the internal network type, such as flat,vlan,gre, and so on.

Assign the ip address of the intranet. The internal network address specifies that the network segment is any network segment, because the address of the network segment has to be translated by the router to the IP address of the external network.

Private network address is recommended. This environment uses 192.168.0.0amp 24.

Configure the address pool, all of which can be used without configuration.

After configuring the intranet, create a router to connect the intranet and the extranet. Create the router as follows, and select the external network name created above. This environment is out_side_net.

Then add the interface as the internal network. The subnet refers to the internal network created above.

Finally, open an instance. The network selected when creating the instance is the internal network.

After the internal network and instance are created, the vxlan tunnel is established. A VTEP for vxlan is created at the control node and a VTEP for vxlan is created at the compute node.

As shown in the following figure, the first is the control node, and the second is the vxlan12; created for the compute node, which is also vxlan12. These two VTEP devices make up the two endpoints of the vxlan tunnel.

You can see that the vxlan12 is connected to the ens33 Nic by looking at the details of the ens33 on the compute node.

At this point, the network of the tunnel is shown below.

The following figure shows the creation of the external network, the internal network, and the network topology behind the router.

The situation of the internal network is roughly shown in the following figure.

Login instance, ping external network, pass. At this time, the network traffic process of the external network is as follows:

1. VM generates ICMP packets and sends them to the bridge. The packet source IP is 192.168.0.X.

two。 Encapsulate the outer packet on the vxlan12 over the bridge.

3. Data through the ens33 network card out of the computing node, to the control node, that is, the network node.

4. Unwrap the outer encapsulation at the vxlan12 of the control node and restore the ICMP package of VM.

5. The data stream reaches the router router and is translated by the router NAT address. From 192.168.0.X to one of the public network address 172.171.5.2300240.

6. The data flow passes through the bridge and goes out from the ens34 to the public network.

The process of returning the package is probably the other way around, no longer tired.

After reading the above, do you have any further understanding of how to use linux_bridge to implement a vxlan network in openstack? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.