← Back to team overview

openstack team mailing list archive

Folsom - Quantum - Tenant networks have no isolation feature with OpenvSwitch Plugin in GRE mode or VLAN mode

 

Hello,

I have a problem using Quantum OpenvSwitch plugin.

I can't figure out why the tenant networks have no isolation feature with
GRE mode or VLAN mode.

I can ping from VMs in tenant network A to VMs in tenant network B (there
are no virtual router connection).


There is my environment settings:

One control node and two compute nodes with CentOS 6.3 and OpenvSwitch 1.9.

Control node runs nova, glance..., and the services of network node, like:
quantum server, l3-agent, dhcp-agent.

Compute nodes runs KVM, nova, quantum-ovs-agent.


ovs_quantum_plugin.ini setting:

GRE mode:
----------------------------------------------------------------------
[DATABASE]
sql_connection = mysql://quantum:xxx@controller/quantum_ovs
[OVS]
tenant_network_type = gre
enable_tunneling = True
network_vlan_ranges =
tunnel_id_ranges = 1:1000
integration_bridge = br-int
tunnel_bridge = br-tun
local_ip = xxx.xxx.xxx.xxx
[AGENT]
root_helper = sudo quantum-rootwrap /etc/quantum/rootwrap.conf
----------------------------------------------------------------------

VLAN mode:
----------------------------------------------------------------------
[DATABASE]
sql_connection = mysql://quantum:xxx@controller/quantum_ovs
reconnect_interval = 2
[OVS]
tenant_network_type = vlan
network_vlan_ranges = phynet1:20:26
integration_bridge = br-int
bridge_mappings = phynet1:br-eth1
[AGENT]
polling_interval = 2
root_helper = sudo quantum-rootwrap /etc/quantum/rootwrap.conf
----------------------------------------------------------------------


Do anyone know possible reasons for that?  Needing more information?

Please advise.

Thanks,
Jian-Hua lee