#指定service_plugins
[root@master1 ~]# grep '^[a-z]' /etc/neutron/neutron.conf
auth_strategy = keystone
core_plugin = ml2
service_plugins = neutron.services.l3_router.l3_router_plugin.L3RouterPlugin
#启动neutron服务
[root@master1 ~]# systemctl restart neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-l3-agent.service neutron-metadata-agent.service
#查看服务状态
[root@master1 ~]# neutron agent-list
+--------------------------------------+--------------------+---------------+-------------------+-------+----------------+---------------------------+
| id | agent_type | host | availability_zone | alive | admin_state_up | binary |
+--------------------------------------+--------------------+---------------+-------------------+-------+----------------+---------------------------+
| 0e0c8148-71ca-4075-9d0c-20e49c923a7a | Metadata agent | master1 | | :-) | True | neutron-metadata-agent |
| 426724df-2725-4c5b-beb3-546d5b129191 | Linux bridge agent | master1 | | :-) | True | neutron-linuxbridge-agent |
| 88a2e291-f429-4011-a310-06bb06200d36 | L3 agent | master1 | nova | :-) | True | neutron-l3-agent |
| 8eb8eb17-0551-4a48-b181-d9bb844b9831 | Linux bridge agent | nova-computer | | :-) | True | neutron-linuxbridge-agent |
| 9ed0dc34-88c0-4e5e-af17-0bc24dfa7f07 | DHCP agent | master1 | nova | :-) | True | neutron-dhcp-agent |
+--------------------------------------+--------------------+---------------+-------------------+-------+----------------+---------------------------+
#创建router
[root@master1 ~]# openstack router create router_100_101
+-------------------------+--------------------------------------+
| Field | Value |
+-------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| description | |
| distributed | False |
| external_gateway_info | null |
| ha | False |
| headers | |
| id | cc3fca52-009f-4fcc-8038-23ab1d8082a0 |
| name | router_100_101 |
| routes | [] |
| status | ACTIVE |
| project_id | 3e83baa0b3d64188b036ce423002aac7 |
+-------------------------+--------------------------------------+
[root@master1 ~]# neutron router-interface-add router_100_101 subnet_172_16_101_0
Added interface fad92b88-0036-42e4-884c-abc5db829494 to router router_100_101.
[root@master1 ~]# neutron router-interface-add router_100_101 subnet_172_16_100_0
Added interface d5554972-cfb1-4c4e-8eb4-5419474ce608 to router router_100_101.
[root@master1 ~]# brctl show
bridge name bridge id STP enabled interfaces
brq2b895aa5-d3 8000.000c298c71a6 no ens33.100
tap43fd33e7-b9 #dhcp
tapbbf4bf35-9e #instance-0000001a的接口
tapd5554972-cf #router新增加的接口,和qr-d5554972-cf构成veth pair
brqf6e6c63c-d6 8000.000c298c71a6 no ens33.101
tap63bb8b90-2a
tap866a83e1-46
tapfad92b88-00 #router新增加的接口,和qr-fad92b88-00构成veth pair
#如何通信?
[root@master1 ~]# ifconfig tapd5554972-cf
tapd5554972-cf: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 72:e9:24:3d:75:5e txqueuelen 1000 (Ethernet)
RX packets 11 bytes 934 (934.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
#查看net的ns
[root@master1 ~]# ip netns
qrouter-cc3fca52-009f-4fcc-8038-23ab1d8082a0 (id: 5)
qdhcp-f6e6c63c-d60f-4e5f-bf3b-c6a4ffce6dc0 (id: 4)
qdhcp-43ad5825-5b55-4c1c-9fc4-a8c6e2ae129c (id: 3)
qdhcp-476374cb-4831-483c-bfca-a79b69cd12c6 (id: 1)
qdhcp-2b895aa5-d3b8-45d0-9058-b635d822e009 (id: 2)
qdhcp-4c796250-e068-412d-8bd6-4b2dca4cf737 (id: 0)
#查看指定的ns的详情
[root@master1 ~]# ip netns exec qrouter-cc3fca52-009f-4fcc-8038-23ab1d8082a0 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: qr-fad92b88-00@if19: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
link/ether fa:16:3e:80:3a:82 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.16.101.1/24 brd 172.16.101.255 scope global qr-fad92b88-00
valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:fe80:3a82/64 scope link
valid_lft forever preferred_lft forever
3: qr-d5554972-cf@if20: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
link/ether fa:16:3e:b8:67:95 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.16.100.1/24 brd 172.16.100.255 scope global qr-d5554972-cf
valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:feb8:6795/64 scope link
valid_lft forever preferred_lft forever
#到100.0网段的数据包,会通过qr-d5554972-cf出去,tapd5554972-cf会收到此消息;到101.0网段的同理
[root@master1 ~]# ip netns exec qrouter-cc3fca52-009f-4fcc-8038-23ab1d8082a0 route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.16.100.0 0.0.0.0 255.255.255.0 U 0 0 0 qr-d5554972-cf
172.16.101.0 0.0.0.0 255.255.255.0 U 0 0 0 qr-fad92b88-00
#为何使用ns
考虑支持网络重叠