yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1842988] Re: OVN deployment with DVR environment incorrectly routes FIP traffic through Controller/Chassis-GW

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Lucas Alvares Gomes <lucasagomes@xxxxxxxxx>
Date: Tue, 21 Jan 2020 13:18:19 -0000
Reply-to: Bug 1842988 <1842988@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: tripleo
     Assignee: Lucas Alvares Gomes (lucasagomes) => (unassigned)

** Also affects: neutron
   Importance: Undecided
       Status: New

** Tags added: ovn

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1842988

Title:
  OVN deployment with DVR environment incorrectly routes FIP traffic
  through Controller/Chassis-GW

Status in neutron:
  New
Status in tripleo:
  New

Bug description:
  TripleO Stein.  OVN deployment with DVR environment file incorrectly
  routes FIP traffic through Controller/Chassis-GW rather than locally.

  Steps to reproduce
  ===========
  1. Deployed overcloud enabling ovn with DVR.

  The following neutron environment files were used (in additional to
  network isolation using bonded VLAN and other customizations)

   -e $TD/environments/services/neutron-ovn-dvr-ha.yaml \
   -e $TD/environments/services/neutron-ovn-dpdk.yaml \
   -e $TD/environments/services/neutron-ovn-sriov.yaml

  2. After overcloud deployment confirmed that the neutron conf files
  and chassis settings are correct.

  neutron.conf   -> enable_dvr=True
  ml2_conf.ini   -> enable_distributed_floating_ip=True
  bridge_mapping on compute chassis  -> ovn-bridge-mappings="datacentre:br-ex"

  3. Deployed instance with Geneve Tenant network with floating IP on
  VLAN external ‘datacentre’ network.

  Expected Result
  =============
  FIP traffic is routed through the same compute node as instance via a local NAT rule.

  Actual Result
  ============
  FIP is operational but traffic routed through the Controller/Chassis-GW.

  The matching NAT entry for the FIP shows that the external_mac is Null
  and logical port was not set, so there is no local NAT routing
  occurring as observed.

  
  Environment
  ===========

  1.      Tripleo Stein using the latest current-tripleo-rdo container
  images with standard Compute role plus OvsDpdk and SR-IOV roles.

  2.	Ceph and Pure Storage
  3.	OVN networking (default in Stein) with the following neutron environment

    -e $TD/environments/services/neutron-ovn-dvr-ha.yaml \
    -e $TD/environments/services/neutron-ovn-dpdk.yaml \
    -e $TD/environments/services/neutron-ovn-sriov.yaml

      (in additional to network isolation using bonded VLAN and other
  customizations)

  Confirmed that after deployment

  •	neutron.conf   -> enable_dvr=True
  •	ml2_conf.ini   -> enable_distributed_floating_ip=True
  •	bridge_mapping on compute chassis  -> ovn-bridge-mappings="datacentre:br-ex"

  
  Logs & Configs
  ===========

  neutron.conf   -> enable_dvr=True
  ml2_conf.ini   -> enable_distributed_floating_ip=True
  bridge_mapping on compute chassis  -> ovn-bridge-mappings="datacentre:br-ex"

  ovn-nbctl lr-nat-list neutron-a53687de-ac06-400a-9104-748d2807c55a

  TYPE             EXTERNAL_IP        LOGICAL_IP            EXTERNAL_MAC         LOGICAL_PORT
  dnat_and_snat    10.3.27.20         192.168.0.18
  snat             10.3.25.207        192.168.0.0/24

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1842988/+subscriptions