Openstack Networking

CLOUD COMPUTING TEAM

CDAC
CHENNAI
Namespaces

Objectives:
 Installation of required packages
 Learn the basic commands on namespaces
 Learn how to do basic network configuration

1) Installation of required packages:

ip- netns - process network namespace management. It comes with the default linux

kernal. It is logically another copy of the network stack, with its own routes, firewall

rules, and network devices

2) basic commands in network namespaces

● # Create host namespaces

○ ip netns add h1
○ ip netns add h2
● # Create links
○ ip link add h1-eth0 type veth peer name s1-eth1
○ ip link add h2-eth0 type veth peer name s1-eth2
○ ip link show
● # Move host ports into namespaces
○ ip link set h1-eth0 netns h1
○ ip link set h2-eth0 netns h2
○ ip netns exec h1 ip link show
○ ip netns exec h2 ip link show
● # Create switch
○ ovs- vsctl add-br s1
● # Connect switch ports to OVS
○ ovs- vsctl add-port s1 s1-eth1
○ ovs- vsctl add-port s1 s1-eth2
○ ovs- vsctl show

1
 3) Network Configuration

● # Configure network
○ ip netns exec h1 ifconfig h1-eth0 10.0.0.1/24 up
○ ip netns exec h1 ifconfig lo up
○ ip netns exec h2 ifconfig h2-eth0 10.0.0.2/24 up
○ ip netns exec h2 ifconfig lo up
○ ifconfig s1-eth1 up
○ ifconfig s1-eth2 up
● # Test network
○ ip netns exec h1 ping 10.0.0.2

References:

● https://man7.org/linux/man-pages/man8/ip- netns.8.html

2
Linux bridge and OpenvSwitch

Objectives:

 Installation of required packages

 Learn the basic commands of linux bridge and ovs

1) Installation of required packages:

● By default linux bridge bundles with the linux kernel . To add bridge
utility to manage the bridge networks in linux bridge.
○ sudo apt install bridge-utils (or) sudo apt-get install bridge- utils
● For openvswitch install the following tools
○ sudo apt install openvswitch-vswitch

2) Basic commands in Linux networking

a) Linux network commands

● /etc/hosts file is used to translate hostnames or domain names to IP

addresses
● /etc/resolv.conf file configures access to a DNS server
● The ip command is used for assigning IP addresses to interface and setting
up routes to the Internet and to other networks.
● ifconfig is still very popular similar to ip command. It is displaying the
network interface information
● netstat -nr -> routing information can be displayed with this command
● ping -> To check if a host is alive
● traceroute -> To check the route that packets follow to a network host.

b) Linux bridge commands

● Create the bridge interface.

○ $:~ # brctl addbr mybridge

3
 ● Add interfaces to the bridge.
○ $:~ # brctl addif mybridge eth0
○ $:~ # brctl addif mybridge eth1
● Set Zero IP to the interfaces.
○ $:~ # ifconfig eth0 0.0.0.0
○ $:~ # ifconfig eth1 0.0.0.0
● Make it up the bridge.
○ $:~ # ifconfig mybridge up
● Set ip address for the bridge
○ $:~ # ifconfig mybridge 192.168.100.5 netmask 255.255.255.0
○ $:~ # ifconfig mybridge 192.168.100.5/24
● Display bridge information
○ brctl show
● Delete the bridge
○ brctl delbr mybridge

c) OpenvSwitch Commands

● Show OVS basic info (version, dpdk enabled, PMD cores, lcore, ODL
bridge mapping, balancing, auto-balancing etc)
○ # ovs- vsctl list Open_vSwitch
● Show OVS global switching view
○ # ovs- vsctl show
● Show OVS all detailed interfaces
○ # ovs- vsctl list interface
● Show OVS details for one interface (link speed, MAC, status, stats, etc)
○ # ovs- vsctl list interface dpdk0
● Show OVS counters for a given interface
○ # ovs- vsctl get interface dpdk0 statistics
● Show OVS all detailed ports
○ # ovs- vsctl list port
● Show OVS details for one port (link speed, MAC, status, stats, etc)
○ # ovs- vsctl list port vhu3gf0442-00
4
● Show OVS details for one bridge (datapath type, multicast snooping, stp
status etc)
○ # ovs- vsctl list bridge br-int
● Show OVS log status
○ # ovs-appctl vlog/list
● Change all OVS log to debug
○ # ovs-appctl vlog/set dbg
● Change one specific OVS subsystem to debug mode for the file log output
○ # ovs-appctl vlog/set file:backtrace:dbg
● Disable all OVS logs
○ # ovs-appctl vlog/set off
● Change all OVS subsystems to debug for file log output only
○ # ovs-appctl vlog/set file:dbg
● Show all OVS advanced commands
○ # ovs-appctl list-commands
● Show all OVS bonds
○ # ovs-appctl bond/list
● Show details about a specific OVS bond (status, bond mode, forwarding
mode, LACP status, bond members, bond member status, link status)
○ # ovs-appctl bond/show bond1
● Show advanced LACP information for members, bond and partner switch
○ # ovs-appctl lacp/show
● Show OVS MAC address table (used for action=normal)
○ # ovs-appctl fdb/show br-provider
● Show OVS datapath flows (kernel space)
○ # ovs-dpctl dump- flows - m
● Show OVS datapath flows (dpdk)
○ # ovs-appctl dpif/dump- flows - m br-provider
● Show mapping between datapath flows port number and port name
○ # ovs-dpctl show
● Show OVS OpenFlow rules in a given bridge
○ # ovs-ofctl dump- flows br-provider
5
 ● Show mapping between OpenFlow flows port number and port name
○ # ovs-ofctl show br-provider
● Set the VLAN tag
○ ovs- vsctl add-port ovs-br vlan3 tag=3 -- set interface vlan3
type=internal
● Remove the VLAN
○ ovs- vsctl del-port ovs-br vlan3
3) References:

● https://www.tldp.org/HOWTO/BRIDGE-STP-HOWTO/set- up-the-

bridge.html

● https://access.redhat.com/documentation/en-
us/red_hat_openstack_platform/10/html/ovs-
dpdk_end_to_end_troubleshooting_guide/nfv_command_cheatsheet

6
 Openstack Network Administration
Openstack Network Topology

 An OpenStack network topology shows a topological graph about devices which

connect to the specific network.
 It provides Networks, Subnets, Routers &Virtual Machine information.
 It can be viewed by chosen “Network -> Network Topology” option from the
OpenStack dashboard

 User can create networks, subnets, ports and routers based on this parameter
 “Identity -> Projects -> Modify Quota” from the OpenStack dashboard

7
Network creation - Self service

 The operation on network can be done from Network tab from the dashboard
 This option is available in “Project -> Networks -> Network” from the openstack
dashboard

Step 1: Create a New Network

8
Step 2: Input the subnet Details

Step 3: Inputs the Allocation pool (IP address range), DNS name servers and Host Routers.

9
Provider Network - Admin Privileges

This option is available in “Admin -> Networks -> Network” from the openstack dashboard

10
Router

Virtual Routers are used to communicate with different network. From Router menu we can
add new vRouter

“Projects -> Networks -> Routers” from the OpenStack dashboard

11
Add Routing rules to vRouter

Projects -> Networks -> Routers -> Interfaces -> Add Port” from the openstack
dashboard

12
Attach Network and Port to Instances

in “Project -> Compute -> Launch Instance”

13
Assign Floating IP to instances

➢ Projects -> Compute -> Associate Floating IP”

14
Security Groups

Security Rules can be added from “Security Groups” options

“Projects -> Networks -> Security Groups” from the OpenStack dashboard

15