yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #94311
[Bug 2073987] [NEW] Switch from distributed to centralized Floating IPs breaks connectivity to the existing FIPs
Public bug reported:
This affects only ML2/OVN deployments. I was checking it with initially
enabled distributed floating ips (enable_distributed_floating_ip=True in
the neutron ml2 plugin's config file).
Steps to reproduce the issue:
1. Create vlan tenant network -- THIS IS VERY IMPORTANT, USING TUNNEL NETWORKS WILL NOT CAUSE THAT PROBLEM AT ALL
2. Create external network - can be vlan or flat
3. Create router and attach vlan tenant network to that router
4. Set external network as router's gateway
5. Create vm connected to that vlan tenant network and add Floating IP to it,
6. Check connectivity to the VM using Floating IP - all works fine until now...
7. Change 'enable_distributed_floating_ip' config option in Neutron to be FALSE
8. Restart neutron-server
9. FIP is not working anymore - it is because SNAT_AND_DNAT entry was changed to be centralized (no external_mac not set anymore in ovn-nb) but Logical_Router_Port still have option "reside-on-redirect-chassis" set to "false". After updating it manually to "True" connectiity over centralized gateway chassis works again.
This option reside-on-redirect-chassis was added with patch
https://review.opendev.org/c/openstack/neutron/+/871252. Additionally
patch https://review.opendev.org/c/openstack/neutron/+/878450 added
maintenance task to set correct value of the redirect-type in the
Logical_Router's gateway port. But it seems that we are missing update
of the 'reside-on-redirect-chassis' option for the existing
Logical_Router_Ports when this config option is changed. Maybe we should
have maintenance task for that also.
** Affects: neutron
Importance: High
Status: New
** Tags: ovn
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/2073987
Title:
Switch from distributed to centralized Floating IPs breaks
connectivity to the existing FIPs
Status in neutron:
New
Bug description:
This affects only ML2/OVN deployments. I was checking it with
initially enabled distributed floating ips
(enable_distributed_floating_ip=True in the neutron ml2 plugin's
config file).
Steps to reproduce the issue:
1. Create vlan tenant network -- THIS IS VERY IMPORTANT, USING TUNNEL NETWORKS WILL NOT CAUSE THAT PROBLEM AT ALL
2. Create external network - can be vlan or flat
3. Create router and attach vlan tenant network to that router
4. Set external network as router's gateway
5. Create vm connected to that vlan tenant network and add Floating IP to it,
6. Check connectivity to the VM using Floating IP - all works fine until now...
7. Change 'enable_distributed_floating_ip' config option in Neutron to be FALSE
8. Restart neutron-server
9. FIP is not working anymore - it is because SNAT_AND_DNAT entry was changed to be centralized (no external_mac not set anymore in ovn-nb) but Logical_Router_Port still have option "reside-on-redirect-chassis" set to "false". After updating it manually to "True" connectiity over centralized gateway chassis works again.
This option reside-on-redirect-chassis was added with patch
https://review.opendev.org/c/openstack/neutron/+/871252. Additionally
patch https://review.opendev.org/c/openstack/neutron/+/878450 added
maintenance task to set correct value of the redirect-type in the
Logical_Router's gateway port. But it seems that we are missing update
of the 'reside-on-redirect-chassis' option for the existing
Logical_Router_Ports when this config option is changed. Maybe we
should have maintenance task for that also.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/2073987/+subscriptions
Follow ups
