← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #83024

[Bug 1832021] Re: Checksum drop of metadata traffic on isolated networks with DPDK

  Thread PreviousDate PreviousThread Next 
Reviewed:  https://review.opendev.org/713719
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=11838a2bc50caa40e776bce211f5f2d1d16a14af
Submitter: Zuul
Branch:    master

commit 11838a2bc50caa40e776bce211f5f2d1d16a14af
Author: Alexander Vlasov <avlasov@xxxxxxxxxxxx>
Date:   Wed Mar 18 13:35:20 2020 -0500

    Workaround for TCP checksum issue with ovs-dpdk and  veth pair
    
    The need for this change stems from following issues:
    1) When ovs_use_veth = False with ovs-dpdk issue with ovs
    was observed - after vswitch restart interface is not comming up.
    Meaning ovs-dpdk uses ovs internal ports and it is not able to bring
    them up on restart.
    2) When ovs_use_veth = True and ovs-dpkd is used, packets sent with
    incorrect checksum due to the fact that ovs-dpdk does not do checksum
    calculations for veth interface.
    
    This commit allows to use second option and resolve checksum issue by
    disabling checksum offload.
    
    Closes-Bug: #1832021
    Related-Bug: #1831935
    
    Change-Id: Iecce8d2c6c2c46718cc1020c6e8f914cd4560e4b


** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1832021

Title:
  Checksum drop of metadata traffic on isolated networks with DPDK

Status in OpenStack neutron-openvswitch charm:
  Fix Released
Status in neutron:
  Fix Released

Bug description:
  When an isolated network using provider networks for tenants (meaning
  without virtual routers: DVR or network node), metadata access occurs
  in the qdhcp ip netns rather than the qrouter netns.

  The following options are set in the dhcp_agent.ini file:
  force_metadata = True
  enable_isolated_metadata = True

  VMs on the provider tenant network are unable to access metadata as
  packets are dropped due to checksum.

  When we added the following in the qdhcp netns, VMs regained access to
  metadata:

   iptables -t mangle -A OUTPUT -o ns-+ -p tcp --sport 80 -j CHECKSUM
  --checksum-fill

  It seems this setting was recently removed from the qrouter netns [0]
  but it never existed in the qdhcp to begin with.

  [0] https://review.opendev.org/#/c/654645/

  Related LP Bug #1831935
  See https://bugs.launchpad.net/charm-neutron-openvswitch/+bug/1831935/comments/10

To manage notifications about this bug go to:
https://bugs.launchpad.net/charm-neutron-openvswitch/+bug/1832021/+subscriptions

References

  Thread PreviousDate PreviousThread Next