Description of problem: After Staypuft installer the external network with VLAN tag doesn't work. Version-Release number of selected component (if applicable): ruby193-rubygem-staypuft-0.1.22.el6ost RHEL7 How reproducible: 100% Steps to Reproduce: 1.Openstack installation via Staypuft installer 2.Networker+Controller+Compute node 3.creation of 2 networks: Internal and external vith VLAN. For exemple: neutron net-create ext_net --provider:network_type vlan --provider:physical_network ext_vlan_range --provider:segmentation_id 232 --router:external=True The external transmission won't work, since the packets don't get tagged with a VLAN. According to Miguel Angel Ajo Pelayo: configuration set with staypuft/foreman/puppet scripts the external_network_bridge is kept = "br-ex" but should be empty After doing this: 488 openstack-config --set /etc/neutron/l3_agent.ini DEFAULT external_network_bridge "" 491 service neutron-ovs-cleanup restart 492 service neutron-netns-cleanup restart The network can be created with the neutron net-create ext_net --provider:network_type vlan --provider:physical_network physnet-external --provider:segmentation_id 1 --router:external=True And packets will actually get tagged. Additional info: The original bug, for provider support: https://bugzilla.redhat.com/show_bug.cgi?id=976380
This setting openstack-config --set /etc/neutron/l3_agent.ini DEFAULT external_network_bridge "" Works for both cases, external network on VLAN, or flat external network with no tagging.
Note that with this change, a VLAN device will not be created over the NIC, and SSH / management traffic from the external network will only be permitted from untagged traffic. To clarify, from Neutron's point of view, external traffic from VMs / routers / what have you will work and will be tagged appropriately. However, if you wish to SSH into the machine via its external-facing NIC, you will have to do this via untagged traffic, or SSH into another NIC / from another network.
Patch posted: https://github.com/redhat-openstack/astapor/pull/348
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2014-1090.html