yahoo-eng-team team mailing list archive

Thread
Date

[Bug 2048745] [NEW] [ovn] FIP not working when mixing vlan and geneve tenant networks

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Luis Tomas <2048745@xxxxxxxxxxxxxxxxxx>
Date: Tue, 09 Jan 2024 07:41:39 -0000
Reply-to: Bug 2048745 <2048745@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

Public bug reported:

The flag redirect-type=bridge can only be used when there is no mix of
geneve and vlan networks in the same router, as handled here [1].

When there is such a mix, the flag reside-on-redirect-chassis is being used, but it is not working for all cases:
- Either you centralize the traffic and you make it work for VM with FIPs (also meaning no DVR)
- Or you distribute the traffic and make it work for VMs without FIPs (enabling DVR but breaking traffic for VMs with FIPs as SNAT is not perform on the traffic out)

Due to this, we should block the option to mix geneve and vlan networks
in the same router so that the "redirect-type=bridge" can be used and we
can have DVR + vlan tenant networks + NATing


[1] https://bugs.launchpad.net/neutron/+bug/2012712

[2] https://issues.redhat.com/browse/FDP-209

** Affects: neutron
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/2048745

Title:
  [ovn] FIP not working when mixing vlan and geneve tenant networks

Status in neutron:
  New

Bug description:
  The flag redirect-type=bridge can only be used when there is no mix of
  geneve and vlan networks in the same router, as handled here [1].

  When there is such a mix, the flag reside-on-redirect-chassis is being used, but it is not working for all cases:
  - Either you centralize the traffic and you make it work for VM with FIPs (also meaning no DVR)
  - Or you distribute the traffic and make it work for VMs without FIPs (enabling DVR but breaking traffic for VMs with FIPs as SNAT is not perform on the traffic out)

  Due to this, we should block the option to mix geneve and vlan
  networks in the same router so that the "redirect-type=bridge" can be
  used and we can have DVR + vlan tenant networks + NATing

  
  [1] https://bugs.launchpad.net/neutron/+bug/2012712

  [2] https://issues.redhat.com/browse/FDP-209

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/2048745/+subscriptions