SlideShare a Scribd company logo

Networking in OpenStack for non-networking people: Neutron, Open vSwitch and friends

Download as ODP, PDF
Dave Neary
Dave Neary
Technology
1 of 20
DAVE NEARY1 Networking in OpenStack for non- networking people: Neutron, OVS and friends Dave Neary dneary@redhat.com Open Source and Standards Red Hat
REDHAT OPENSTACK |2013DOC144908-20130513r1 AGENDA ● Networking review: the OSI model ● Networking in a virtual world ● Neutron and OVS ● Debugging and fixing networking issues
DAVE NEARY3 Networking: The OSI model Layer 1 Layer 7
DAVE NEARY4 Networking: The OSI model Layer 1 Layer 7 Cables Switching Routers Hardware Software TCP/IP SMTP
DAVE NEARY5 Switches and routers
DAVE NEARY6 Networking in a virtual world CC BY from OpenStack Operations Guide: http://bit.ly/OpenStackNetworking
DAVE NEARY7 Networking in a virtual world: Open vSwitch
DAVE NEARY9 Networking in a virtual world: Neutron ● Abstracts away internals of switching and SDN provider ● Provides high-level abstractions (router, subnet, network, gateway) ● “Law of Leaky Abstractions” applies
DAVE NEARY10 Neutron: Creating a subnet ● neutron router-create router1 ● neutron net-create net1 ● neutron subnet-create net1 172.17.0.0/24 --name subnet1 ● neutron router-interface-add router1 subnet1
DAVE NEARY11 Neutron: Attaching a public subnet ● neutron net-create net2 --router-external=True ● neutron subnet-create net2 192.168.0.0/24 --name subnet2 --enable_dhcp=False --allocation-pool start=192.168.0.32,end=192.168.0.63 --gateway=192.168.0.1 ● neutron router-gateway-set router1 net2
DAVE NEARY12 Neutron: Floating IPs ● To connect from an external machine to an instance, you need a routable IP address ● Floating IP addresses are public aliases for private IP addresses ● They survive changes in private IPs, enable load balancing, etc. ● Equivalent to Elastic IPs in AWS
DAVE NEARY13 Neutron: Floating IPs ● neutron floatingip-create net2 ● neutron floatingip-list ● neutron port-list ● neutron floatingip-associate <floating-ip> <port>
DAVE NEARY14 Debugging network issues: Devices ● ip a shows status of all physical and virtual devices ● ovs-vsctl show shows interfaces and bridges in the virtual switch ● ovs-dpctl show shows datapaths on the switch
DAVE NEARY15 Debugging network issues: Tracking packets ● tcpdump is your friend ● tcpdump -n -i <interface> -w <filename> ● Set interface to vnet device, instance eth0, bridge device, or host ethernet device to see where packets are not getting through ● -i any for all interfaces ● iptables -L to check iptables rules
DAVE NEARY16 Debugging network issues: Network namespaces ● Network namespaces allow VLANs to share overlapping address space – important for bigger deployments, and to provide multi-tenant networks ● ip netns list – lists all known network namespaces ● ip netns exec <namespace id> route -n ● Shows routing table inside specific namespace ● Execute arbitrary commands (incl. ssh, ping)
DAVE NEARY17 Debugging networking issues: DHCP ● Scenario: Instance is not getting IP address ● Step 1: nova console-log <instance name> ● DHCP request sent, no reply received ● Step 2: Verify neutron-dhcp-agent is running ● Step 3: Check host logs (/var/log/messages and /var/log/neutron/*) ● Step 4: If host is not seeing DHCP traffic: tcpdump -i all | grep -i dhcp
DAVE NEARY18 Debugging networking issues: Access/routing ● Scenario: I can't SSH into an instance ● Step 1: Security groups: port 22 TCP & all ICMP allowed? ● Step 2: Is floating IP address routable from client? ● route -n on client ● Verify that public subnet in OpenStack is accessible from client (eg. for local LAN, that it matches 192.168.0.0/24) ● Step 3: Bridges OK?
DAVE NEARY19 Debugging networking issues: Access/routing ● Bridge issues: ● ovs-vsctl show – is ethernet card attached to same bridge as public network? ● neutron router show router1 – are the private subnet and public subnet connected to the router? ● ip netns exec <public namespace id> ping <floating IP> - does the public network match the local LAN exactly? ● ip netns exec <private namespace id> route -n – is traffic being correctly routed from the instance out?
DAVE NEARY20 Resources ● OpenStack Network troubleshooting: http://bit.ly/OpenStackNetworking ● OpenStack Networking: L3 workflow: http://bit.ly/L3Workflow ● RDO Networking: http://bit.ly/RDONetworking ● RDO: Neutron with an external network: http://bit.ly/RDONeutronExtNet ● OpenStack Tales from the Crypt: http://bit.ly/OpenStackCrypt
REDHAT OPENSTACK |2013DOC144908-20130513r1 QUESTIONS?

Recommended

Neutron behind the scenes
Neutron behind the scenesNeutron behind the scenes
Neutron behind the scenesinbroker
 
OpenStack Neutron Advanced Services by Akanda
OpenStack Neutron Advanced Services by AkandaOpenStack Neutron Advanced Services by Akanda
OpenStack Neutron Advanced Services by AkandaSean Roberts
 
OpenStack Neutron 201 1hr
OpenStack Neutron 201 1hr OpenStack Neutron 201 1hr
OpenStack Neutron 201 1hr David Lenwell
 
OpenStack Networking and Automation
OpenStack Networking and AutomationOpenStack Networking and Automation
OpenStack Networking and AutomationAdam Johnson
 
Quantum (OpenStack Meetup Feb 9th, 2012)
Quantum (OpenStack Meetup Feb 9th, 2012)Quantum (OpenStack Meetup Feb 9th, 2012)
Quantum (OpenStack Meetup Feb 9th, 2012)Dan Wendlandt
 
Openstack Basic with Neutron
Openstack Basic with NeutronOpenstack Basic with Neutron
Openstack Basic with NeutronKwonSun Bae
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge MigrationJames Denton
 
Openstack Neutron and SDN
Openstack Neutron and SDNOpenstack Neutron and SDN
Openstack Neutron and SDNinakipascual
 

Recommended

Neutron behind the scenes
Neutron behind the scenesNeutron behind the scenes
Neutron behind the scenesinbroker
 
OpenStack Neutron Advanced Services by Akanda
OpenStack Neutron Advanced Services by AkandaOpenStack Neutron Advanced Services by Akanda
OpenStack Neutron Advanced Services by AkandaSean Roberts
 
OpenStack Neutron 201 1hr
OpenStack Neutron 201 1hr OpenStack Neutron 201 1hr
OpenStack Neutron 201 1hr David Lenwell
 
OpenStack Networking and Automation
OpenStack Networking and AutomationOpenStack Networking and Automation
OpenStack Networking and AutomationAdam Johnson
 
Quantum (OpenStack Meetup Feb 9th, 2012)
Quantum (OpenStack Meetup Feb 9th, 2012)Quantum (OpenStack Meetup Feb 9th, 2012)
Quantum (OpenStack Meetup Feb 9th, 2012)Dan Wendlandt
 
Openstack Basic with Neutron
Openstack Basic with NeutronOpenstack Basic with Neutron
Openstack Basic with NeutronKwonSun Bae
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge MigrationJames Denton
 
Openstack Neutron and SDN
Openstack Neutron and SDNOpenstack Neutron and SDN
Openstack Neutron and SDNinakipascual
 
OpenStack networking - Neutron deep dive with PLUMgrid
OpenStack networking - Neutron deep dive with PLUMgridOpenStack networking - Neutron deep dive with PLUMgrid
OpenStack networking - Neutron deep dive with PLUMgridKamesh Pemmaraju
 
Introduction to Software Defined Networking and OpenStack Neutron
Introduction to Software Defined Networking and OpenStack NeutronIntroduction to Software Defined Networking and OpenStack Neutron
Introduction to Software Defined Networking and OpenStack NeutronSana Khan
 
Linux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack NetworkingLinux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack Networkingyfauser
 
Open stack networking_101_update_2014
Open stack networking_101_update_2014Open stack networking_101_update_2014
Open stack networking_101_update_2014yfauser
 
Neutron high availability open stack architecture openstack israel event 2015
Neutron high availability open stack architecture openstack israel event 2015Neutron high availability open stack architecture openstack israel event 2015
Neutron high availability open stack architecture openstack israel event 2015Arthur Berezin
 
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack NetworkingONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networkingmarkmcclain
 
Open stack networking vlan, gre
Open stack networking vlan, greOpen stack networking vlan, gre
Open stack networking vlan, greSim Janghoon
 
Open Source Backends for OpenStack Neutron
Open Source Backends for OpenStack NeutronOpen Source Backends for OpenStack Neutron
Open Source Backends for OpenStack Neutronmestery
 
OpenStack Networking
OpenStack NetworkingOpenStack Networking
OpenStack NetworkingIlya Shakhat
 
OpenStack Neutron Liberty Updates
OpenStack Neutron Liberty UpdatesOpenStack Neutron Liberty Updates
OpenStack Neutron Liberty Updatesmestery
 
OpenStack networking (Neutron)
OpenStack networking (Neutron) OpenStack networking (Neutron)
OpenStack networking (Neutron) CREATE-NET
 
Open daylight and Openstack
Open daylight and OpenstackOpen daylight and Openstack
Open daylight and OpenstackDave Neary
 
Bridges and Tunnels a Drive Through OpenStack Networking
Bridges and Tunnels a Drive Through OpenStack NetworkingBridges and Tunnels a Drive Through OpenStack Networking
Bridges and Tunnels a Drive Through OpenStack Networkingmarkmcclain
 
Whats new in neutron for open stack havana
Whats new in neutron for open stack havanaWhats new in neutron for open stack havana
Whats new in neutron for open stack havanaKamesh Pemmaraju
 
OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...
OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...
OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...markmcclain
 
OpenStack Meetup - SDN
OpenStack Meetup - SDNOpenStack Meetup - SDN
OpenStack Meetup - SDNSzilvia Racz
 
OVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitchOVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitchmestery
 
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/NeutronOverview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/Neutronvivekkonnect
 
Inside Architecture of Neutron
Inside Architecture of NeutronInside Architecture of Neutron
Inside Architecture of Neutronmarkmcclain
 
How to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need toHow to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need tosalv_orlando
 
Networking in Openstack - Neutron 101
Networking in Openstack - Neutron 101Networking in Openstack - Neutron 101
Networking in Openstack - Neutron 101Mochamad Taufik Romdony
 
Run Your Own 6LoWPAN Based IoT Network
Run Your Own 6LoWPAN Based IoT NetworkRun Your Own 6LoWPAN Based IoT Network
Run Your Own 6LoWPAN Based IoT NetworkSamsung Open Source Group
 

More Related Content

What's hot

OpenStack networking - Neutron deep dive with PLUMgrid
OpenStack networking - Neutron deep dive with PLUMgridOpenStack networking - Neutron deep dive with PLUMgrid
OpenStack networking - Neutron deep dive with PLUMgridKamesh Pemmaraju
 
Introduction to Software Defined Networking and OpenStack Neutron
Introduction to Software Defined Networking and OpenStack NeutronIntroduction to Software Defined Networking and OpenStack Neutron
Introduction to Software Defined Networking and OpenStack NeutronSana Khan
 
Linux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack NetworkingLinux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack Networkingyfauser
 
Open stack networking_101_update_2014
Open stack networking_101_update_2014Open stack networking_101_update_2014
Open stack networking_101_update_2014yfauser
 
Neutron high availability open stack architecture openstack israel event 2015
Neutron high availability open stack architecture openstack israel event 2015Neutron high availability open stack architecture openstack israel event 2015
Neutron high availability open stack architecture openstack israel event 2015Arthur Berezin
 
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack NetworkingONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networkingmarkmcclain
 
Open stack networking vlan, gre
Open stack networking vlan, greOpen stack networking vlan, gre
Open stack networking vlan, greSim Janghoon
 
Open Source Backends for OpenStack Neutron
Open Source Backends for OpenStack NeutronOpen Source Backends for OpenStack Neutron
Open Source Backends for OpenStack Neutronmestery
 
OpenStack Networking
OpenStack NetworkingOpenStack Networking
OpenStack NetworkingIlya Shakhat
 
OpenStack Neutron Liberty Updates
OpenStack Neutron Liberty UpdatesOpenStack Neutron Liberty Updates
OpenStack Neutron Liberty Updatesmestery
 
OpenStack networking (Neutron)
OpenStack networking (Neutron) OpenStack networking (Neutron)
OpenStack networking (Neutron) CREATE-NET
 
Open daylight and Openstack
Open daylight and OpenstackOpen daylight and Openstack
Open daylight and OpenstackDave Neary
 
Bridges and Tunnels a Drive Through OpenStack Networking
Bridges and Tunnels a Drive Through OpenStack NetworkingBridges and Tunnels a Drive Through OpenStack Networking
Bridges and Tunnels a Drive Through OpenStack Networkingmarkmcclain
 
Whats new in neutron for open stack havana
Whats new in neutron for open stack havanaWhats new in neutron for open stack havana
Whats new in neutron for open stack havanaKamesh Pemmaraju
 
OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...
OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...
OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...markmcclain
 
OpenStack Meetup - SDN
OpenStack Meetup - SDNOpenStack Meetup - SDN
OpenStack Meetup - SDNSzilvia Racz
 
OVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitchOVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitchmestery
 
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/NeutronOverview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/Neutronvivekkonnect
 
Inside Architecture of Neutron
Inside Architecture of NeutronInside Architecture of Neutron
Inside Architecture of Neutronmarkmcclain
 
How to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need toHow to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need tosalv_orlando
 

What's hot (20)

OpenStack networking - Neutron deep dive with PLUMgrid
OpenStack networking - Neutron deep dive with PLUMgridOpenStack networking - Neutron deep dive with PLUMgrid
OpenStack networking - Neutron deep dive with PLUMgrid
 
Introduction to Software Defined Networking and OpenStack Neutron
Introduction to Software Defined Networking and OpenStack NeutronIntroduction to Software Defined Networking and OpenStack Neutron
Introduction to Software Defined Networking and OpenStack Neutron
 
Linux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack NetworkingLinux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack Networking
 
Open stack networking_101_update_2014
Open stack networking_101_update_2014Open stack networking_101_update_2014
Open stack networking_101_update_2014
 
Neutron high availability open stack architecture openstack israel event 2015
Neutron high availability open stack architecture openstack israel event 2015Neutron high availability open stack architecture openstack israel event 2015
Neutron high availability open stack architecture openstack israel event 2015
 
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack NetworkingONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
 
Open stack networking vlan, gre
Open stack networking vlan, greOpen stack networking vlan, gre
Open stack networking vlan, gre
 
Open Source Backends for OpenStack Neutron
Open Source Backends for OpenStack NeutronOpen Source Backends for OpenStack Neutron
Open Source Backends for OpenStack Neutron
 
OpenStack Networking
OpenStack NetworkingOpenStack Networking
OpenStack Networking
 
OpenStack Neutron Liberty Updates
OpenStack Neutron Liberty UpdatesOpenStack Neutron Liberty Updates
OpenStack Neutron Liberty Updates
 
OpenStack networking (Neutron)
OpenStack networking (Neutron) OpenStack networking (Neutron)
OpenStack networking (Neutron)
 
Open daylight and Openstack
Open daylight and OpenstackOpen daylight and Openstack
Open daylight and Openstack
 
Bridges and Tunnels a Drive Through OpenStack Networking
Bridges and Tunnels a Drive Through OpenStack NetworkingBridges and Tunnels a Drive Through OpenStack Networking
Bridges and Tunnels a Drive Through OpenStack Networking
 
Whats new in neutron for open stack havana
Whats new in neutron for open stack havanaWhats new in neutron for open stack havana
Whats new in neutron for open stack havana
 
OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...
OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...
OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...
 
OpenStack Meetup - SDN
OpenStack Meetup - SDNOpenStack Meetup - SDN
OpenStack Meetup - SDN
 
OVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitchOVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitch
 
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/NeutronOverview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
 
Inside Architecture of Neutron
Inside Architecture of NeutronInside Architecture of Neutron
Inside Architecture of Neutron
 
How to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need toHow to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need to
 

Similar to Networking in OpenStack for non-networking people: Neutron, Open vSwitch and friends

Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...Công TÔ
 
Neutron Network Namespaces and IPtables--A Technical Deep Dive
Neutron Network Namespaces and IPtables--A Technical Deep DiveNeutron Network Namespaces and IPtables--A Technical Deep Dive
Neutron Network Namespaces and IPtables--A Technical Deep DiveMirantis
 
Docker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slidesDocker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slidesDocker, Inc.
 
OpenStack Neutron Tutorial
OpenStack Neutron TutorialOpenStack Neutron Tutorial
OpenStack Neutron Tutorialmestery
 
Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under Linux
Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under LinuxPractical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under Linux
Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under LinuxSamsung Open Source Group
 
LF_DPDK17_Integrating and using DPDK with Open vSwitch
LF_DPDK17_Integrating and using DPDK with Open vSwitchLF_DPDK17_Integrating and using DPDK with Open vSwitch
LF_DPDK17_Integrating and using DPDK with Open vSwitchLF_DPDK
 
Building a sdn solution for the deployment of web application stacks in docker
Building a sdn solution for the deployment of web application stacks in dockerBuilding a sdn solution for the deployment of web application stacks in docker
Building a sdn solution for the deployment of web application stacks in dockerJorge Juan Mendoza
 
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux DeviceAdding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux DeviceSamsung Open Source Group
 
Fun with Network Interfaces
Fun with Network InterfacesFun with Network Interfaces
Fun with Network InterfacesKernel TLV
 
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...Cloud Native Day Tel Aviv
 
SDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingSDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingThomas Graf
 
Network Virtualization & Software-defined Networking
Network Virtualization & Software-defined NetworkingNetwork Virtualization & Software-defined Networking
Network Virtualization & Software-defined NetworkingDigicomp Academy AG
 
Network Test Automation 2015-04-23 #npstudy
Network Test Automation 2015-04-23 #npstudyNetwork Test Automation 2015-04-23 #npstudy
Network Test Automation 2015-04-23 #npstudyHiroshi Ota
 
Dreamhost deploying dreamcompute at scale
Dreamhost deploying dreamcompute at scaleDreamhost deploying dreamcompute at scale
Dreamhost deploying dreamcompute at scaleCumulus Networks
 
Networking and Go: An Epic Journey
Networking and Go: An Epic JourneyNetworking and Go: An Epic Journey
Networking and Go: An Epic JourneySneha Inguva
 
Wireless security beyond password cracking by Mohit Ranjan
Wireless security beyond password cracking by Mohit RanjanWireless security beyond password cracking by Mohit Ranjan
Wireless security beyond password cracking by Mohit RanjanOWASP Delhi
 

Similar to Networking in OpenStack for non-networking people: Neutron, Open vSwitch and friends (20)

Networking in Openstack - Neutron 101
Networking in Openstack - Neutron 101Networking in Openstack - Neutron 101
Networking in Openstack - Neutron 101
 
Run Your Own 6LoWPAN Based IoT Network
Run Your Own 6LoWPAN Based IoT NetworkRun Your Own 6LoWPAN Based IoT Network
Run Your Own 6LoWPAN Based IoT Network
 
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
 
What's new in Neutron Juno
What's new in Neutron JunoWhat's new in Neutron Juno
What's new in Neutron Juno
 
Netcat - A Swiss Army Tool
Netcat - A Swiss Army ToolNetcat - A Swiss Army Tool
Netcat - A Swiss Army Tool
 
Neutron Network Namespaces and IPtables--A Technical Deep Dive
Neutron Network Namespaces and IPtables--A Technical Deep DiveNeutron Network Namespaces and IPtables--A Technical Deep Dive
Neutron Network Namespaces and IPtables--A Technical Deep Dive
 
Docker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slidesDocker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slides
 
OpenStack Neutron Tutorial
OpenStack Neutron TutorialOpenStack Neutron Tutorial
OpenStack Neutron Tutorial
 
Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under Linux
Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under LinuxPractical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under Linux
Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under Linux
 
LF_DPDK17_Integrating and using DPDK with Open vSwitch
LF_DPDK17_Integrating and using DPDK with Open vSwitchLF_DPDK17_Integrating and using DPDK with Open vSwitch
LF_DPDK17_Integrating and using DPDK with Open vSwitch
 
Building a sdn solution for the deployment of web application stacks in docker
Building a sdn solution for the deployment of web application stacks in dockerBuilding a sdn solution for the deployment of web application stacks in docker
Building a sdn solution for the deployment of web application stacks in docker
 
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux DeviceAdding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
 
Fun with Network Interfaces
Fun with Network InterfacesFun with Network Interfaces
Fun with Network Interfaces
 
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
 
SDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingSDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center Networking
 
Network Virtualization & Software-defined Networking
Network Virtualization & Software-defined NetworkingNetwork Virtualization & Software-defined Networking
Network Virtualization & Software-defined Networking
 
Network Test Automation 2015-04-23 #npstudy
Network Test Automation 2015-04-23 #npstudyNetwork Test Automation 2015-04-23 #npstudy
Network Test Automation 2015-04-23 #npstudy
 
Dreamhost deploying dreamcompute at scale
Dreamhost deploying dreamcompute at scaleDreamhost deploying dreamcompute at scale
Dreamhost deploying dreamcompute at scale
 
Networking and Go: An Epic Journey
Networking and Go: An Epic JourneyNetworking and Go: An Epic Journey
Networking and Go: An Epic Journey
 
Wireless security beyond password cracking by Mohit Ranjan
Wireless security beyond password cracking by Mohit RanjanWireless security beyond password cracking by Mohit Ranjan
Wireless security beyond password cracking by Mohit Ranjan
 

More from Dave Neary

Crafting an Open Source Product Strategy
Crafting an Open Source Product StrategyCrafting an Open Source Product Strategy
Crafting an Open Source Product StrategyDave Neary
 
Community dynamics
Community dynamicsCommunity dynamics
Community dynamicsDave Neary
 
Community catalysts value of open source
Community catalysts value of open sourceCommunity catalysts value of open source
Community catalysts value of open sourceDave Neary
 
Crafting an open source product strategy
Crafting an open source product strategyCrafting an open source product strategy
Crafting an open source product strategyDave Neary
 
Open source business models
Open source business modelsOpen source business models
Open source business modelsDave Neary
 
Community Impacts of Legal Decisions
Community Impacts of Legal Decisions Community Impacts of Legal Decisions
Community Impacts of Legal Decisions Dave Neary
 
Community antipatterns
Community antipatternsCommunity antipatterns
Community antipatternsDave Neary
 
Is there a big bang going on?
Is there a big bang going on?Is there a big bang going on?
Is there a big bang going on?Dave Neary
 
Swimming upstream
Swimming upstreamSwimming upstream
Swimming upstreamDave Neary
 
NFV for beginners
NFV for beginnersNFV for beginners
NFV for beginnersDave Neary
 
Metrics gone bad
Metrics gone badMetrics gone bad
Metrics gone badDave Neary
 
A complete Open Source cloud: Storage, Virt, IaaS, PaaS
A complete Open Source cloud: Storage, Virt, IaaS, PaaSA complete Open Source cloud: Storage, Virt, IaaS, PaaS
A complete Open Source cloud: Storage, Virt, IaaS, PaaSDave Neary
 
The Ecclesiastes principle: Learning lessons of the past
The Ecclesiastes principle: Learning lessons of the pastThe Ecclesiastes principle: Learning lessons of the past
The Ecclesiastes principle: Learning lessons of the pastDave Neary
 
OpenShift on OpenStack
OpenShift on OpenStackOpenShift on OpenStack
OpenShift on OpenStackDave Neary
 
Growing the next generation of Open Source developers
Growing the next generation of Open Source developersGrowing the next generation of Open Source developers
Growing the next generation of Open Source developersDave Neary
 
Growing next generation
Growing next generationGrowing next generation
Growing next generationDave Neary
 
Foundations 101
Foundations 101Foundations 101
Foundations 101Dave Neary
 
oVirt and OpenStack
oVirt and OpenStackoVirt and OpenStack
oVirt and OpenStackDave Neary
 

More from Dave Neary (20)

Crafting an Open Source Product Strategy
Crafting an Open Source Product StrategyCrafting an Open Source Product Strategy
Crafting an Open Source Product Strategy
 
Community dynamics
Community dynamicsCommunity dynamics
Community dynamics
 
Community catalysts value of open source
Community catalysts value of open sourceCommunity catalysts value of open source
Community catalysts value of open source
 
Crafting an open source product strategy
Crafting an open source product strategyCrafting an open source product strategy
Crafting an open source product strategy
 
Open source business models
Open source business modelsOpen source business models
Open source business models
 
Nfv primer v2
Nfv primer v2Nfv primer v2
Nfv primer v2
 
Community Impacts of Legal Decisions
Community Impacts of Legal Decisions Community Impacts of Legal Decisions
Community Impacts of Legal Decisions
 
Community antipatterns
Community antipatternsCommunity antipatterns
Community antipatterns
 
Is there a big bang going on?
Is there a big bang going on?Is there a big bang going on?
Is there a big bang going on?
 
Swimming upstream
Swimming upstreamSwimming upstream
Swimming upstream
 
NFV for beginners
NFV for beginnersNFV for beginners
NFV for beginners
 
Metrics gone bad
Metrics gone badMetrics gone bad
Metrics gone bad
 
A complete Open Source cloud: Storage, Virt, IaaS, PaaS
A complete Open Source cloud: Storage, Virt, IaaS, PaaSA complete Open Source cloud: Storage, Virt, IaaS, PaaS
A complete Open Source cloud: Storage, Virt, IaaS, PaaS
 
The Ecclesiastes principle: Learning lessons of the past
The Ecclesiastes principle: Learning lessons of the pastThe Ecclesiastes principle: Learning lessons of the past
The Ecclesiastes principle: Learning lessons of the past
 
OpenShift on OpenStack
OpenShift on OpenStackOpenShift on OpenStack
OpenShift on OpenStack
 
Growing the next generation of Open Source developers
Growing the next generation of Open Source developersGrowing the next generation of Open Source developers
Growing the next generation of Open Source developers
 
Personas
PersonasPersonas
Personas
 
Growing next generation
Growing next generationGrowing next generation
Growing next generation
 
Foundations 101
Foundations 101Foundations 101
Foundations 101
 
oVirt and OpenStack
oVirt and OpenStackoVirt and OpenStack
oVirt and OpenStack
 

Recently uploaded

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 

Recently uploaded (20)

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 

Networking in OpenStack for non-networking people: Neutron, Open vSwitch and friends

  • 1. DAVE NEARY1 Networking in OpenStack for non- networking people: Neutron, OVS and friends Dave Neary dneary@redhat.com Open Source and Standards Red Hat
  • 2. REDHAT OPENSTACK |2013DOC144908-20130513r1 AGENDA ● Networking review: the OSI model ● Networking in a virtual world ● Neutron and OVS ● Debugging and fixing networking issues
  • 3. DAVE NEARY3 Networking: The OSI model Layer 1 Layer 7
  • 4. DAVE NEARY4 Networking: The OSI model Layer 1 Layer 7 Cables Switching Routers Hardware Software TCP/IP SMTP
  • 6. DAVE NEARY6 Networking in a virtual world CC BY from OpenStack Operations Guide: http://bit.ly/OpenStackNetworking
  • 7. DAVE NEARY7 Networking in a virtual world: Open vSwitch
  • 8. DAVE NEARY9 Networking in a virtual world: Neutron ● Abstracts away internals of switching and SDN provider ● Provides high-level abstractions (router, subnet, network, gateway) ● “Law of Leaky Abstractions” applies
  • 9. DAVE NEARY10 Neutron: Creating a subnet ● neutron router-create router1 ● neutron net-create net1 ● neutron subnet-create net1 172.17.0.0/24 --name subnet1 ● neutron router-interface-add router1 subnet1
  • 10. DAVE NEARY11 Neutron: Attaching a public subnet ● neutron net-create net2 --router-external=True ● neutron subnet-create net2 192.168.0.0/24 --name subnet2 --enable_dhcp=False --allocation-pool start=192.168.0.32,end=192.168.0.63 --gateway=192.168.0.1 ● neutron router-gateway-set router1 net2
  • 11. DAVE NEARY12 Neutron: Floating IPs ● To connect from an external machine to an instance, you need a routable IP address ● Floating IP addresses are public aliases for private IP addresses ● They survive changes in private IPs, enable load balancing, etc. ● Equivalent to Elastic IPs in AWS
  • 12. DAVE NEARY13 Neutron: Floating IPs ● neutron floatingip-create net2 ● neutron floatingip-list ● neutron port-list ● neutron floatingip-associate <floating-ip> <port>
  • 13. DAVE NEARY14 Debugging network issues: Devices ● ip a shows status of all physical and virtual devices ● ovs-vsctl show shows interfaces and bridges in the virtual switch ● ovs-dpctl show shows datapaths on the switch
  • 14. DAVE NEARY15 Debugging network issues: Tracking packets ● tcpdump is your friend ● tcpdump -n -i <interface> -w <filename> ● Set interface to vnet device, instance eth0, bridge device, or host ethernet device to see where packets are not getting through ● -i any for all interfaces ● iptables -L to check iptables rules
  • 15. DAVE NEARY16 Debugging network issues: Network namespaces ● Network namespaces allow VLANs to share overlapping address space – important for bigger deployments, and to provide multi-tenant networks ● ip netns list – lists all known network namespaces ● ip netns exec <namespace id> route -n ● Shows routing table inside specific namespace ● Execute arbitrary commands (incl. ssh, ping)
  • 16. DAVE NEARY17 Debugging networking issues: DHCP ● Scenario: Instance is not getting IP address ● Step 1: nova console-log <instance name> ● DHCP request sent, no reply received ● Step 2: Verify neutron-dhcp-agent is running ● Step 3: Check host logs (/var/log/messages and /var/log/neutron/*) ● Step 4: If host is not seeing DHCP traffic: tcpdump -i all | grep -i dhcp
  • 17. DAVE NEARY18 Debugging networking issues: Access/routing ● Scenario: I can't SSH into an instance ● Step 1: Security groups: port 22 TCP & all ICMP allowed? ● Step 2: Is floating IP address routable from client? ● route -n on client ● Verify that public subnet in OpenStack is accessible from client (eg. for local LAN, that it matches 192.168.0.0/24) ● Step 3: Bridges OK?
  • 18. DAVE NEARY19 Debugging networking issues: Access/routing ● Bridge issues: ● ovs-vsctl show – is ethernet card attached to same bridge as public network? ● neutron router show router1 – are the private subnet and public subnet connected to the router? ● ip netns exec <public namespace id> ping <floating IP> - does the public network match the local LAN exactly? ● ip netns exec <private namespace id> route -n – is traffic being correctly routed from the instance out?
  • 19. DAVE NEARY20 Resources ● OpenStack Network troubleshooting: http://bit.ly/OpenStackNetworking ● OpenStack Networking: L3 workflow: http://bit.ly/L3Workflow ● RDO Networking: http://bit.ly/RDONetworking ● RDO: Neutron with an external network: http://bit.ly/RDONeutronExtNet ● OpenStack Tales from the Crypt: http://bit.ly/OpenStackCrypt