Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: ovn24.03
Labels:
None

Story Points:
5
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Acceptance Criteria:

Hide

Given a DVR topology with a tenant VLAN LS routed to a provider LS and the router’s reside_on_redirect_chassis=false,

When a packet from a tenant VM to a provider VM egresses br-ex,

Then the controller loads router datapath metadata, the pipeline keeps outport = provider VM LSP, and the packet is forwarded.

Show
Given a DVR topology with a tenant VLAN LS routed to a provider LS and the router’s reside_on_redirect_chassis=false, When a packet from a tenant VM to a provider VM egresses br-ex, Then the controller loads router datapath metadata, the pipeline keeps outport = provider VM LSP, and the packet is forwarded.
Fixed in Build:
ovn24.03-24.03.6-45.el9fdp
OS:
rhel-9
Planning:
None
AssignedTeam:
rhel-net-ovn
Intelligence Requested:
Market:
Sub-System Group:

ssg_networking

Sprint:
OVN FDP Sprint 8, OVN FDP Sprint 9
sprint_count:
2

SFDC Cases Links:
SFDC Cases Open:
SFDC Cases Counter:

We are not able to establish communication to a VM on the external network from a VM on a VLAN tenant network. The tenant and external network are routed via a OVN router with reside-on-redirect-chassis = "false"

I this point I am not sure if we are missing some OVN configuration or if there is a bug in OVN. I read an old email from Numan about the reside-on-redirect-chassis config and I think we are configuring this setup correctly. I.e. we set it to false such that traffic to the external network is not centralized through a GW chassis.

Here is a diagram showing the topology in question. In this diagram the VM2 (VLAN tenant network IP 192.0.2.7) should be able to communicate with the VM-Public(Public network IP 10.0.0.248).

I am attaching OVN DBs, ovn-trace of a ICMP ping from a tenant VM(vm2) to the external VM (vm-public) and `ovn-sbctl list lflow <router>` output from this setup

Tested on OVN 24.03

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

nbctl_show.txt
2025/06/24 7:33 PM
2 kB
Miro Tomaska
ovnnb_db.db
2025/06/24 7:33 PM
71 kB
Miro Tomaska
ovnsb_db.db
2025/06/24 7:33 PM
539 kB
Miro Tomaska
ovn-trace.txt
2025/06/24 7:33 PM
3 kB
Miro Tomaska
ovs-trace.txt
2025/06/24 7:33 PM
8 kB
Miro Tomaska

blocks

OSPRH-17095 [DVR + VLAN tenant + SNAT] Connectivity issues from tenant VM to external provider VM

Backlog

is cloned by

FDP-1719 CLONE [ovn26.03 fast-datapath-rhel-9] - DVR + VLAN Tenant Network + reside_on_redirect_chassis False . Connectivity issue to external network

Dev Complete

FDP-1721 CLONE [ovn25.03 fast-datapath-rhel-10] - DVR + VLAN Tenant Network + reside_on_redirect_chassis False . Connectivity issue to external network

Dev Complete

FDP-1725 CLONE [ovn25.03 fast-datapath-rhel-9] - DVR + VLAN Tenant Network + reside_on_redirect_chassis False . Connectivity issue to external network

Dev Complete

FDP-1727 CLONE [ovn24.09 fast-datapath-rhel-9] - DVR + VLAN Tenant Network + reside_on_redirect_chassis False . Connectivity issue to external network

Dev Complete

FDP-1720 CLONE [ovn25.09 fast-datapath-rhel-9] - DVR + VLAN Tenant Network + reside_on_redirect_chassis False . Connectivity issue to external network

Testing

links to

RHBA-2025:155230 ovn24.03 bug fix and enhancement update

(1 is cloned by, 1 links to)

Assignee:: Mark Michelson

Reporter:: Miro Tomaska

Votes:: 0 Vote for this issue

Watchers:: 9 Start watching this issue

Created:: 2025/06/09 1:58 PM

Updated:: 2025/10/14 6:07 PM

Details

Description

Attachments

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates