yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #93525
[Bug 1913621] Re: Permant ARP entries not added to DVR qrouter when connected to two Networks
** Changed in: neutron
Status: New => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1913621
Title:
Permant ARP entries not added to DVR qrouter when connected to two
Networks
Status in neutron:
Fix Released
Bug description:
Hi,
I am running openstack ussuri with ovs and DVR routers.
I'm facing a problem with communication between two networks connected
to the same router. The issue is caused because there are no permanent
ARP entries added to the qrouter when a new instance is created on one
of the networks. This means that when traffic reaches the router, it
does not know how to reach the destination MAC address of the new
instance. Below is an example.
I created two Networks each with its own subnet.
NetworkA/SubnetA: 172.18.18.0/24
NetworkB/SubnetB: 172.19.19.0/24
I created one router and connected both networks to it.
The qrouter has a port with IP 172.18.18.1 and another port with IP 172.19.19.1
Then I created multiple instance on NetworkA which were spawned on different computes.
Here is the ARP table from the DVR router on one of the computes
root@compute004[SRV][PRD001][LAT]:~# ip netns exec qrouter-3fe791ef-8432-41c3-a4ac-28ae741b533f arp -a | grep 18.18
? (172.18.18.2) at fa:16:3e:13:7b:bd [ether] PERM on qr-e68fe2ed-2a
? (172.18.18.78) at fa:16:3e:66:bf:8b [ether] PERM on qr-e68fe2ed-2a
? (172.18.18.27) at fa:16:3e:85:bd:e2 [ether] PERM on qr-e68fe2ed-2a
? (172.18.18.161) at fa:16:3e:43:07:b2 [ether] PERM on qr-e68fe2ed-2a
? (172.18.18.66) at fa:16:3e:85:75:cb [ether] PERM on qr-e68fe2ed-2a
? (172.18.18.3) at fa:16:3e:7b:32:0d [ether] PERM on qr-e68fe2ed-2a
? (172.18.18.21) at fa:16:3e:05:c7:ef [ether] PERM on qr-e68fe2ed-2a
? (172.18.18.4) at fa:16:3e:02:3d:1a [ether] PERM on qr-e68fe2ed-2a
The permanent ARPs exist for DHCP (.2, .3, .4), snat (.27) and 4 instances (.78, .161, .66, .21).
No problem for now.
Then I created an instance on NetworkB. When I check the ARP table, there is no permanent entries for my new instance.
root@compute004[SRV][PRD001][LAT]:~# ip netns exec qrouter-3fe791ef-8432-41c3-a4ac-28ae741b533f arp -a | grep 19.19
? (172.19.19.3) at fa:16:3e:b4:16:3e [ether] PERM on qr-6d2d939d-1e
? (172.19.19.138) at fa:16:3e:fa:f7:f1 [ether] PERM on qr-6d2d939d-1e
? (172.19.19.4) at fa:16:3e:0c:84:53 [ether] PERM on qr-6d2d939d-1e
? (172.19.19.2) at fa:16:3e:e4:44:e3 [ether] PERM on qr-6d2d939d-1e
The only entries are for DHCP (.2, .3, .4) and the SNAT (.138).
My instance IP on NetworkB is 172.19.19.56.
Then I added a new instance but in NetworkA. The instance has IP 172.18.18.230.
This time no permanent ARP entry is added! The original instances ARP entries exist but not for the new instance.
So now, if I add any new instances on either NetworkA or NetworkB, no new permanent ARP entry is added to to the DVR qrouter. It is the same on all computes for which this qrouter exists.
So it seems that as soon as there are instances that exist on both networks connected to the same router, permanent ARP entries cease to be created.
I don't believe this is normal and and it is affecting communication
between both networks via the router. Can someone confirm this issue?
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1913621/+subscriptions
References
