← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #05891

[Bug 1242534] [NEW] Linux Bridge MTU bug when the VXLAN tunneling is used

  Thread PreviousDate PreviousThread Next 
Public bug reported:

I made some tests with the ML2 plugin and the Linux Bridge agent with
VXLAN tunneling.

By default, physical interface (used for VXLAN tunneling) has an MTU of
1500 octets. And when LB agent creates a VXLAN interface, the MTU is
automatically 50 octets less than the physical interface (so 1450
octets) [1]. Therefore, the bridge use to plug tap of VM, veth from
network namespaces (l3 or dhcp) and VXLAN interface has an MTU of 1450
octets (Linux bridges take minimum of all the underlying ports [2]).

So the bridge could only forward packets of length smaller than 1450
octets to VXLAN interface [3].

But the veth interfaces used to link network namespaces and bridges are
spawn by l3 and dhcp agents (and perhaps other agents) with an MTU of
1500 octets. So, packets which arriving from them are dropped if they
need to be forwarded to the VXLAN interface.

A simple workaround is to increase by 50 at least the MTU of the
physical interface to harmonize MTU between interfaces. But by default
(without MTU customizing), the LB/VXLAN mode have strange behavior
(cannot make curl from server behind a router or execute command with
verbose output in SSH through a floating IP (SSH connection works)...)

[1] http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/drivers/net/vxlan.c#n2437
[2] http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/net/bridge/br_if.c#n402
[3] http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/net/bridge/br_forward.c#n74

** Affects: neutron
     Importance: Undecided
         Status: Opinion

** Changed in: neutron
       Status: New => Opinion

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1242534

Title:
  Linux Bridge MTU bug when the VXLAN tunneling is used

Status in OpenStack Neutron (virtual network service):
  Opinion

Bug description:
  I made some tests with the ML2 plugin and the Linux Bridge agent with
  VXLAN tunneling.

  By default, physical interface (used for VXLAN tunneling) has an MTU
  of 1500 octets. And when LB agent creates a VXLAN interface, the MTU
  is automatically 50 octets less than the physical interface (so 1450
  octets) [1]. Therefore, the bridge use to plug tap of VM, veth from
  network namespaces (l3 or dhcp) and VXLAN interface has an MTU of 1450
  octets (Linux bridges take minimum of all the underlying ports [2]).

  So the bridge could only forward packets of length smaller than 1450
  octets to VXLAN interface [3].

  But the veth interfaces used to link network namespaces and bridges
  are spawn by l3 and dhcp agents (and perhaps other agents) with an MTU
  of 1500 octets. So, packets which arriving from them are dropped if
  they need to be forwarded to the VXLAN interface.

  A simple workaround is to increase by 50 at least the MTU of the
  physical interface to harmonize MTU between interfaces. But by default
  (without MTU customizing), the LB/VXLAN mode have strange behavior
  (cannot make curl from server behind a router or execute command with
  verbose output in SSH through a floating IP (SSH connection works)...)

  [1] http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/drivers/net/vxlan.c#n2437
  [2] http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/net/bridge/br_if.c#n402
  [3] http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/net/bridge/br_forward.c#n74

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1242534/+subscriptions

Follow ups

References

  Thread PreviousDate PreviousThread Next