Uploaded image for project: 'Fast Datapath Product'
  1. Fast Datapath Product
  2. FDP-1454

DVR + VLAN Tenant Network + reside_on_redirect_chassis False . Connectivity issue to external network

XMLWordPrintable

    • Icon: Epic Epic
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • ovn24.03
    • None
    • DVR + VLAN Tenant Network + reside_on_redirect_chassis False . Connectivity issue to external network
    • Hide

      Please mark each item below with ( / ) if completed or ( x ) if incomplete:

      ( ) The acceptance criteria defined below are met.

      Given a DVR topology with a tenant VLAN LS routed to a provider LS and the router’s reside_on_redirect_chassis=false,

      When a packet from a tenant VM to a provider VM egresses br-ex,

      Then the controller loads router datapath metadata, the pipeline keeps outport = provider VM LSP, and the packet is forwarded.

      ( ) The epics work is available in a downstream build (nightly/Async or other)

      ( ) All cards under the epic have been moved to Done

      Show
      Please mark each item below with ( / ) if completed or ( x ) if incomplete: ( ) The acceptance criteria defined below are met. Given a DVR topology with a tenant VLAN LS routed to a provider LS and the router’s reside_on_redirect_chassis=false, When a packet from a tenant VM to a provider VM egresses br-ex, Then the controller loads router datapath metadata, the pipeline keeps outport = provider VM LSP, and the packet is forwarded. ( ) The epics work is available in a downstream build (nightly/Async or other) ( ) All cards under the epic have been moved to Done
    • In Progress
    • ovn24.03-24.03.6-61.el9fdp
    • rhel-9
    • rhel-net-ovn
    • 0% To Do, 0% In Progress, 100% Done
    • ssg_networking
    • OVN FDP Sprint 8, OVN FDP Sprint 9
    • 2

      This epic tracks all the effort needed to deliver the solution related to the bug described below.
      We are not able to establish communication to a VM on the external network from a VM on a VLAN tenant network. The tenant and external network are routed via a OVN router with reside-on-redirect-chassis = "false"

      I this point I am not sure if we are missing some OVN configuration or if there is a bug in OVN. I read an old email from Numan about the reside-on-redirect-chassis config and I think we are configuring this setup correctly. I.e. we set it to false such that traffic to the external network is not centralized through a GW chassis.

      Here is a diagram showing the topology in question. In this diagram the VM2 (VLAN tenant network IP 192.0.2.7) should be able to communicate with the VM-Public(Public network IP 10.0.0.248).

      I am attaching OVN DBs, ovn-trace of a ICMP ping from a tenant VM(vm2) to the external VM (vm-public) and `ovn-sbctl list lflow <router>` output from this setup

      Tested on OVN 24.03
       

        1. nbctl_show.txt
          2 kB
          Miro Tomaska
        2. ovs-trace.txt
          8 kB
          Miro Tomaska
        3. ovnnb_db.db
          71 kB
          Miro Tomaska
        4. ovnsb_db.db
          539 kB
          Miro Tomaska
        5. ovn-trace.txt
          3 kB
          Miro Tomaska
        6. server.sh
          4 kB
          Aniss Loughlam
        7. client.sh
          0.9 kB
          Aniss Loughlam

              mmichelson Mark Michelson
              mtomaska@redhat.com Miro Tomaska
              Aniss Loughlam Aniss Loughlam
              OVN
              Votes:
              0 Vote for this issue
              Watchers:
              11 Start watching this issue

                Created:
                Updated: