yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1421232] [NEW] Restarting neutron openvswitch while having broadcast/multicast traffic going into br-tun makes a broadcast storm over the tunnel network

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Miguel Angel Ajo <majopela@xxxxxxxxxx>
Date: Thu, 12 Feb 2015 14:18:35 -0000
Reply-to: Bug 1421232 <1421232@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

As a result from the following bug (br-tun being reset across agent
restarts) https://bugs.launchpad.net/neutron/+bug/1383674

If in addition, we have a broadcast or multicast packet jumping into
br-tun from br-int, openvswitch will bring down the network creating
a broadcast storm.

It's necessary to have at least 3 nodes connected via tunnels:

The packets will go:

NodeA -> NodeB -> NodeC -> NodeA

Or more amplified if we had more nodes.

This would be avoided if we re-created br-tun in fail-mode "secure" at least, because that doesn't introduce the "NORMAL" default switching rule
on the switch at creation (origin of this problem.)

** Affects: neutron
     Importance: Undecided
     Assignee: Miguel Angel Ajo (mangelajo)
         Status: Confirmed

** Changed in: neutron
       Status: New => Confirmed

** Changed in: neutron
     Assignee: (unassigned) => Miguel Angel Ajo (mangelajo)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1421232

Title:
  Restarting neutron openvswitch while having broadcast/multicast
  traffic going into br-tun makes a broadcast storm over the tunnel
  network

Status in OpenStack Neutron (virtual network service):
  Confirmed

Bug description:
  As a result from the following bug (br-tun being reset across agent
  restarts) https://bugs.launchpad.net/neutron/+bug/1383674

  If in addition, we have a broadcast or multicast packet jumping into
  br-tun from br-int, openvswitch will bring down the network creating
  a broadcast storm.

  It's necessary to have at least 3 nodes connected via tunnels:

  The packets will go:

  NodeA -> NodeB -> NodeC -> NodeA

  Or more amplified if we had more nodes.

  This would be avoided if we re-created br-tun in fail-mode "secure" at least, because that doesn't introduce the "NORMAL" default switching rule
  on the switch at creation (origin of this problem.)

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1421232/+subscriptions

Follow ups

[Bug 1421232] Re: Restarting neutron openvswitch while having broadcast/multicast traffic going into br-tun makes a broadcast storm over the tunnel network
From: Adam Gandelman, 2015-04-10
[Bug 1421232] Re: Restarting neutron openvswitch while having broadcast/multicast traffic going into br-tun makes a broadcast storm over the tunnel network
From: Adam Gandelman, 2015-04-09
[Bug 1421232] Re: Restarting neutron openvswitch while having broadcast/multicast traffic going into br-tun makes a broadcast storm over the tunnel network
From: Thierry Carrez, 2015-03-19
[Bug 1421232] [NEW] Restarting neutron openvswitch while having broadcast/multicast traffic going into br-tun makes a broadcast storm over the tunnel network
From: Miguel Angel Ajo, 2015-02-12

References

[Bug 1421232] [NEW] Restarting neutron openvswitch while having broadcast/multicast traffic going into br-tun makes a broadcast storm over the tunnel network
From: Miguel Angel Ajo, 2015-02-12