VLANs not reaching the internet in an OVS, KVM, Linux set up

1

I have a Linux workstation and I have hit an issue with KVM and OVS over the last week. My goal was to have two VLANs (vlan10, vlan20) and both of them should be able to reach (a) each other and (b) the internet (unless restricted by iptables).

I succeeded tuesday late night, but then decided to rename them and to change their IP blocks (and a system upgrade occurred as well) and since I've done that no VM in vlan10 or vlan20 is able to reach the internet. I tried to delete and recreate the set up multiple times over, but without any luck hence I am turning to the community. Any help is much appreciated. Thanks!

Current state:

Guest_Vlan20 can ping (IP address 192.168.102.100/24):

  1. Guest in Vlan10
  2. Guest in Vlan20
  3. Host's Vlan10 and Vlan20 interface (named "vlan10" and "vlan20" respectively)
  4. Host's main LAN IP (named "mybridge")

*Guest has been assigned statically an IP as well as a default route

Guest_Vlan20 cannot ping:

  1. Router IP address or the Internet

Host view (LAN IP 192.168.1.10/24, vlan20 IP:192.168.102.1/24):

  1. Host is able to ping the Internet from (a) "mybridge" interface (b) vlan10 interface and (c) vlan20 interface
  2. Host is able to ping Guest machine in vlan10 and vlan20

*Host and Guests are not running any iptables rules (iptables -F performed)

Router view (IP 192.168.1.1/24):

  1. From the router I can ping (a) Host's LAN IP (b) "vlan20" and "vlan10" interface IPs fine
  2. From the router I cannot ping the Guest_Vlan10 or Guest_Vlan20 machines
  3. Router has static routes to both vlan10 and vlan20 IP blocks (as proven by point (1) )

Current configuration on the server/workstation:

virsh net-dumpxml ovs-mySwitch
<network connections='1'>  
  <name>ovs-mySwitch</name>
  <forward mode='bridge'/> 
  <bridge name='mybridge'/>
  <virtualport type='openvswitch'/>
  <portgroup name='vlan10'>
    <vlan>
      <tag id='10'/>
    </vlan>   
  </portgroup>
  <portgroup name='vlan20'>
    <vlan>
      <tag id='20'/>
    </vlan>
  </portgroup>
</network>

**In an attempt to isolate the issue further I remove the vlan10 from ovs-vsctl*

ovs-vsctl show
1d144a6d-0d5f-421c-4417-0be1cc44f2b9
    Bridge mybridge
        Port mybridge
            Interface mybridge
                type: internal
        Port "vlan20"
            tag: 20  
            Interface "vlan20"
                type: internal
        Port "vnet0"
            tag: 20 
            Interface "vnet0"
        Port "eno1"
            Interface "eno1"

Commands used to create this scenario:

1. Creating the bridge

ovs-vsctl add-br mybridge
ovs-vsctl add-port mybridge eno1
ip addr delete 192.168.1.10/24 dev eno1
ip link set mybridge up
ip addr add 192.168.1.10/24 dev mybridge
ip route del default via 192.168.1.1 dev eno1
ip route add default via 192.168.1.1 dev mybridge

2. Creating ports and tagging in ovs

#ovs-vsctl add-port mybridge vlan10 -- set interface vlan10 type=internal
ovs-vsctl add-port mybridge vlan20 -- set interface vlan20 type=internal

#ovs-vsctl set port vlan10 tag=10
ovs-vsctl set port vlan20 tag=20

3. Assigning IPs and turning vlan interfaces up

ip addr add 192.168.102.1/24 dev vlan20
ip link set vlan20 up

Any help would be much appreciated. Thanks.

kvmmark

Posted 2016-04-08T12:59:02.647

Reputation: 11

No answers

Asked: 2016-04-08T12:59:02.647

Viewed: 720 times

Active: 2016-04-08T12:59:02.647