2

I want to connect VMs located on two different machines with ovs bridge and VxLAN tunnel, suppose the topology as the picture topology shows, my configuration on host A like this(configuration on host B is almost the same except changing remote_ip to address of host A'eth0):

ovs-vsctl add-br ovs-br0
ovs-vsctl add-port ovs-br0 vtep -- set interface vtep type=vxlan options:remote_ip=172.168.1.200 options:key=5000

tap0 is created and automatically added to bridge ovs-br0 while starting VMs with qemu, but I cannot ping from VM1 to VM2.

I also googled some links like this: http://networkstatic.net/configuring-vxlan-and-gre-tunnels-on-openvswitch/ , which says I have to create two ovs-bridge, unfortunately, it doesn't tell whether(and how to) it is necessary to link these two bridges together.

I am confused that how does the ovs-br0 and eth0 communicate, does that the kernel TCP/IP stack help doing this job, or I have to create another ovs-bridge and connect these two bridges with patch ports ?

So please correct me if my topology or configurations aren't right, and many thanks in advance.

sujz
  • 31
  • 1
  • 4
  • I successfully captured ARP requests from VM1 on port tap0, but nothing was captured on vtep. – sujz Jul 16 '17 at 14:32
  • I also tried to configure vtep: ovs-vsctl add-port ovs-br0 vtep -- set interface vtep type=vxlan options:remote_ip=flow options:local_ip=flow options:key=flow Then add flow entry explicitly to match ARP request from VM1 and forward them to vtep. ovs-ofctl add-flow ovs-br0 "table=0, priority=50, in_port=ofport_of_tap0, actions=output:ofport_of_vtep". After ping from VM1 to VM2, dump-flows showed that the added entry was matched (according to the entry matched packets should be forwarded to vtep), but dump-ports showed that vtep received nothing, I don't know why, any hints are appreciated. – sujz Jul 16 '17 at 14:50
  • I am using Ubuntu14.04.1 and OpenVSwitch 2.7.0 – sujz Jul 16 '17 at 14:57

1 Answers1

1

I have solved this problem.

My configurations on vxlan tunnel with ovs bridge is correct, the reason that I can't ping from VM1 to VM2 is wrong steps in installing ovs. I forgot make modules_install to install the built .ko files to kernel lib path.

One ovs bridge is enough to build ovs vxlan tunnel, packets coming from VMs will be enpsulated with outter header at vtep port, then routed according to routing table and forwarded to physical port eth0. We don't need to connect and physical port explicitly, OS kernel will help do that for us.

sujz
  • 31
  • 1
  • 4