yahoo-eng-team team mailing list archive

Thread
Date

[Bug 2059405] [NEW] OVN DNS not working as documented

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <2059405@xxxxxxxxxxxxxxxxxx>
Date: Fri, 05 Apr 2024 08:19:07 -0000
Reply-to: Bug 2059405 <2059405@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

You have been subscribed to a public bug:

Env: 2023.1

As far as I can tell, I have configured OVN and DNS as documented.

In kolla.yml
kolla_enable_ovn: true

In kolla/globals.yml:
neutron_plugin_agent: ovn
neutron_enable_ovn_agent: true

It seems that it does not matter what I put in dns.yml, and
documentation confirms that because OVN should be doing dns responses by
grabbing queries to port 53. The behavior however is very strange. I
only have two instances, vm1 (172.30.89.175) and vm2 (172.30.89.177)

Here is the output of `ovn-sbctl list dns`:

_uuid               : cdc31ab2-a363-4585-a835-c8019d4b265d
datapaths           : [ca41c1b4-f4b1-4606-99e5-dc47a383accf]
external_ids        : {dns_id="4c6895d8-fad3-4591-acc4-6a4ed8710d2b"}
records             : {"175.89.30.172.in-addr.arpa"=vm1.aio.local, "177.89.30.172.in-addr.arpa"=vm2.aio.local, vm1="172.30.89.175", vm1.aio.local="172.30.89.175", vm2="172.30.89.177", vm2.aio.local="172.30.89.177"}


Here's the output of trying to communicate between VMs:

admin@vm1:~$ resolvectl
Global
       Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub

Link 2 (ens3)
    Current Scopes: DNS
         Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 172.30.89.76
       DNS Servers: 172.30.89.46 172.30.89.61 172.30.89.76
        DNS Domain: aio.local

admin@vm1:~$ ping vm2
ping: vm2: Temporary failure in name resolution

admin@vm1:~$ host vm2
Host vm2.aio.local not found: 5(REFUSED)

admin@vm1:~$ host vm2.aio.local
Host vm2.aio.local not found: 5(REFUSED)

admin@vm1:~$ host vm2 172.30.89.46
Using domain server:
Name: 172.30.89.46
Address: 172.30.89.46#53
Aliases:

vm2.aio.local has address 172.30.89.177
Host vm2.aio.local not found: 5(REFUSED)
Host vm2.aio.local not found: 5(REFUSED)


172.30.89.46 172.30.89.61 172.30.89.76 are the controllers, however during testing we went as far as to disable Designate, so they cannot answer. However we see that when we manually specify a dns server to query against, even if that dns server does not know the answer, OVN responds with the correct address (and then we get two additional REFUSED errors).

This is very strange behavior.. Are we missing something here?

** Affects: neutron
     Importance: Undecided
         Status: New

-- 
OVN DNS not working as documented
https://bugs.launchpad.net/bugs/2059405
You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron.