yahoo-eng-team team mailing list archive

[OpenStack Infra <2073987@xxxxxxxxxxxxxxxxxx>]

Reviewed:  https://review.opendev.org/c/openstack/neutron/+/925007
Committed: https://opendev.org/openstack/neutron/commit/4b1bfb93e380b8dce78935395b2cda57076e5476
Submitter: "Zuul (22348)"
Branch:    master

commit 4b1bfb93e380b8dce78935395b2cda57076e5476
Author: Slawek Kaplonski <skaplons@xxxxxxxxxx>
Date:   Fri Jul 26 12:02:27 2024 +0200

    Fix setting correct 'reside-on-chassis-redirect' in the maintenance task
    
    Setting of the 'reside-on-chassis-redirect' was skipped for LRP ports of
    the provider tenant networks in patch [1] but later patch [2] removed
    this limitation from the ovn_client but not from the maintenance task.
    Due to that this option wasn't updated after e.g. change of the
    'enable_distributed_floating_ip' config option and connectivity to the
    existing Floating IPs associated to the ports in vlan tenant networks
    was broken.
    
    This patch removes that limitation and this option is now updated for
    all of the Logical_Router_Ports for vlan networks, not only for external
    gateways.
    
    [1] https://review.opendev.org/c/openstack/neutron/+/871252
    [2] https://review.opendev.org/c/openstack/neutron/+/878450
    
    Closes-bug: #2073987
    Change-Id: I56e791847c8f4f3a07f543689bf22fde8160c9b7


** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/2073987

Title:
  Switch from distributed to centralized Floating IPs breaks
  connectivity to the existing FIPs

Status in neutron:
  Fix Released

Bug description:
  This affects only ML2/OVN deployments. I was checking it with
  initially enabled distributed floating ips
  (enable_distributed_floating_ip=True in the neutron ml2 plugin's
  config file).

  Steps to reproduce the issue:

  1. Create vlan tenant network -- THIS IS VERY IMPORTANT, USING TUNNEL NETWORKS WILL NOT CAUSE THAT PROBLEM AT ALL
  2. Create external network - can be vlan or flat
  3. Create router and attach vlan tenant network to that router
  4. Set external network as router's gateway
  5. Create vm connected to that vlan tenant network and add Floating IP to it,
  6. Check connectivity to the VM using Floating IP - all works fine until now...

  7. Change 'enable_distributed_floating_ip' config option in Neutron to be FALSE
  8. Restart neutron-server
  9. FIP is not working anymore - it is because SNAT_AND_DNAT entry was changed to be centralized (no external_mac not set anymore in ovn-nb) but Logical_Router_Port still have option "reside-on-redirect-chassis" set to "false". After updating it manually to "True" connectiity over centralized gateway chassis works again.

  This option reside-on-redirect-chassis was added with patch
  https://review.opendev.org/c/openstack/neutron/+/871252. Additionally
  patch https://review.opendev.org/c/openstack/neutron/+/878450 added
  maintenance task to set correct value of the redirect-type in the
  Logical_Router's gateway port. But it seems that we are missing update
  of the 'reside-on-redirect-chassis' option for the existing
  Logical_Router_Ports when this config option is changed. Maybe we
  should have maintenance task for that also.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/2073987/+subscriptions