OpenVSwitch between namespaces

Question

I'm trying to configure a bridge between two TAP interfaces each created inside their own network namespace, on Linux. I'm using OpenVSwitch as software bridge.

These are the steps that I believe should work:

ip netns add test_ns1
ip netns exec test_ns1 ip tuntap add mode tap testif1
ip netns exec test_ns1 ip addr add 192.168.1.1/24 dev testif1
ip netns exec test_ns1 ip link set testif1 up

ip netns add test_ns2
ip netns exec test_ns2 ip tuntap add mode tap testif2
ip netns exec test_ns2 ip addr add 192.168.1.2/24 dev testif2
ip netns exec test_ns2 ip link set testif2 up

ovs-vsctl add-br test_br
ip netns exec test_ns1 ovs-vsctl add-port test_br testif1
ip netns exec test_ns2 ovs-vsctl add-port test_br testif2

ip netns exec test_ns1 ping -c 2 192.168.1.1
ip netns exec test_ns2 ping -c 2 192.168.1.2
ip netns exec test_ns1 ping -c 2 192.168.1.2
ip netns exec test_ns2 ping -c 2 192.168.1.1

All four ping commands will not work and report 100% packet loss.

I would expect to be able to ping the interface from inside its own namespace (testif1 from test_ns1, for example). I can do that with the Quantum interfaces, but not with mine, why?

Then, I am quite sure OpenVSwitch is installed correctly because I am running the stock Ubuntu version and I have OpenStack Quantum running on the same machine.

To ping the interface inside the namespace I need to bring up also the loopback, but still, why ovs is not working? — Daniele Venzano, Jun 18 '13 at 07:52

score 2 · Accepted Answer · answered Aug 19 '13 at 14:52

OpenStack doesn't create tap devices with ip tuntap add. Instead, it creates internal ports on the openvswitch bridge using the ovs-vsctl add-port command. Because openvswitch implements internal ports as tap devices, OpenStack labels these ports as "tapXXXX".

To create a testif1 interface on an openvswitch bridge and put it in the test_ns1 namespace, try doing this instead:

ovs-vsctl add-port test_br testif1 -- set interface testif1 type=internal
ip link set testif1 netns test_ns1
ip netns exec test_ns1 ip addr add 192.168.1.1/24 dev testif1
ip netns exec test_ns1 ip link set testif1 up

score 0 · Answer 2 · answered Mar 01 '22 at 08:45

0

yes, only internal port of ovs support L3 function, and this post has great introduction about it: https://arthurchiao.art/blog/ovs-deep-dive-6-internal-port/

answered Mar 01 '22 at 08:45

Sniper Law

1

OpenVSwitch between namespaces

2 Answers2