Unable to access internet on namespace with faucet.
shameem2001 opened this issue · 11 comments
I have setup an OVS bridge with eth0 interface added as a port and namespace added as a port. I can do all qos and block operation with OVS commands in it. But when I set faucet controller to this setup. New flow rules are added and I can't no longer access the internet. Please give me a solution for this.
My OVS bridge setup is as follows:
OFPT_FEATURES_REPLY (OF1.3) (xid=0x2): dpid:0000b42e996236c9
n_tables:254, n_buffers:0
capabilities: FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATS QUEUE_STATS
OFPST_PORT_DESC reply (OF1.3) (xid=0x3):
1(enp4s0): addr:b4:2e:99:62:36:c9
config: 0
state: LIVE
current: 1GB-FD COPPER AUTO_NEG
advertised: 10MB-HD 10MB-FD 100MB-HD 100MB-FD 1GB-FD COPPER AUTO_NEG AUTO_PAUSE AUTO_PAUSE_ASYM
supported: 10MB-HD 10MB-FD 100MB-HD 100MB-FD 1GB-FD COPPER AUTO_NEG AUTO_PAUSE AUTO_PAUSE_ASYM
speed: 1000 Mbps now, 1000 Mbps max
2(veth1): addr:2a:c6:3e:7e:66:fa
config: 0
state: LIVE
current: 10GB-FD COPPER
speed: 10000 Mbps now, 0 Mbps max
LOCAL(ovsbridge): addr:b4:2e:99:62:36:c9
config: 0
state: LIVE
speed: 0 Mbps now, 0 Mbps max
OFPT_GET_CONFIG_REPLY (OF1.3) (xid=0x9): frags=normal miss_send_len=0
I have access to internet if I don't set the controller. I have setup namespace on the OVS by following this link https://knowtoshare.wordpress.com/2016/04/30/open-vswitch-ovs-installation-and-configuration-part2/ . Here veth1 is for namespace.
But when I set up Faucet configuration. The setup breaks down, No traffic is allowed even if it is allowed in ACL.
Here is my Faucet configuration:
faucet.yaml
include:
- /etc/faucet/acls/101.yaml
- /etc/faucet/acls/102.yaml
dps:
ovs-br1:
dp_id: 0x0000b42e996236c9
interfaces:
1:
native_vlan: office
acls_in: [101]
2:
native_vlan: office
acls_in: [102]
vlans:
office:
vid: 100
description: "Office network 100 Vlan"
acls/101.yaml
acls:
101:
- rule:
actions:
allow: 1
acls/102.yaml
acls:
102:
- rule:
actions:
allow: 1
The demos only show ping between namespaces. It would be helpful to get this solution.
I tried your topology and faucet configuration and was able to ping between my network namespace and the internet just fine:
There must be something wrong in your environment causing this issue, rather than with faucet.
Can you share your setup details as I have tried to set this up multiple times and the ping doesn't work after setting up the faucet controller.
I followed the faucet tutorial which shows how to setup namespaces and OVS:
But that's between two hosts, when it comes to internet access, how it can be configured, we added the actual physical interface(enp4s0) as a port in our OVS bridge, is there any other way? @gizmoguy
I just added my wan interface to the ovs bridge and it just worked, no change to the faucet configuration.
Faucet is just acting as a layer 2 switch, so if you're having issues it must be in your local networking/routing configuration which I can't help with.
If I just simply add the enp4s0 interface to my ovs bridge, my internet connection gets cut off. So how were you able to achieve this? Did you give any extra command?
Can you share the faucet configuration (faucet.yaml) and bridge details(output of sudo ovs-ofctl show -O OpenFlow13 ) @gizmoguy
If I just simply add the enp4s0 interface to my ovs bridge, my internet connection gets cut off. So how were you able to achieve this? Did you give any extra command?
Can you share the faucet configuration (faucet.yaml) and bridge details(output of sudo ovs-ofctl show -O OpenFlow13 ) @gizmoguy
I also lost my internet connectivity when I added my physical interface as a port in Bridge, how did you do that? @gizmoguy
@muhammednihal05 @fortunehunter44 Did you move the IP address of the interface to the bridge ?
Read this: https://docs.openvswitch.org/en/latest/faq/issues/