版本:OpenStack Liberty Neutron DVR
現象:
1、在虛擬機內部不停地dhclient
2、在虛擬機所屬的計算節點的物理網卡上抓包,發現該虛擬機發出的dhcp廣播包
3、在虛擬機所屬網絡所在的NAT節點(qdhcp所在的節點)的物理網卡上抓包,同樣發現了該虛擬機發出的dhcp廣播包,即在bond1上抓到了包:
Bridge br-int fail_mode: secure Port "sg-297691c4-9f" tag: 1 Interface "sg-297691c4-9f" type: internal Port "tap8a1db903-07" tag: 2 Interface "tap8a1db903-07" type: internal Port br-int Interface br-int type: internal Port "qr-8d397111-81" tag: 1 Interface "qr-8d397111-81" type: internal Port int-br-vlan Interface int-br-vlan type: patch options: {peer=phy-br-vlan} Port "tap15d024ee-23" tag: 1 Interface "tap15d024ee-23" type: internal Bridge br-ex Port br-ex Interface br-ex type: internal Port "qg-ab607114-19" Interface "qg-ab607114-19" type: internal Bridge br-vlan Port br-vlan Interface br-vlan type: internal Port phy-br-vlan Interface phy-br-vlan type: patch options: {peer=int-br-vlan} Port "bond1" Interface "bond1" ovs_version: "2.4.0"
4、但是在qdhcp的網卡tap15d024ee-23抓不到dhcp廣播包,查看各個ovs bridge的流表未發現什么問題,很是奇怪
原因:
后來在同事的幫助下,發現這個bond1還被加到了一個linux bridge上:
brctl show bridge name bridge id STP enabled interfaces br0 8000.1418774dd6a3 no em1 br1 8000.90e2ba8465f2 no bond1
分析:
原來這個bond1被加入到linux bridge上時,導致雖然看上去也被綁到br-vlan上,但是實際上並沒有生效,因此導致上層的br-int無法收到dhcp廣播包
解決:
將該bond1從linux bridge上解綁掉,然后重新加入到ovs bridge br-vlan上