Uploaded image for project: 'Fast Datapath Product'
  1. Fast Datapath Product
  2. FDP-1851

QE verification: Determining outport for a router policy doesn't work when IPv6 LLAs are used

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • ovn26.03
    • False
    • Hide

      None

      Show
      None
    • False
    • Hide

      ( ) The bug has been reproduced and verified by QE members
      ( ) Test coverage has been added to downstream CI
      ( ) For new feature, failed test plans have bugs added as children to the epic
      ( ) The bug is cloned to any relevant release that we support and/or is needed

      Show
      ( ) The bug has been reproduced and verified by QE members ( ) Test coverage has been added to downstream CI ( ) For new feature, failed test plans have bugs added as children to the epic ( ) The bug is cloned to any relevant release that we support and/or is needed
    • ovn26.03-26.03.0-alpha.55.el9fdp
    • rhel-9
    • None

      This ticket is tracking the QE verification effort for the solution to the problem described below.

       Problem Description: If there are routers using only IPv6 LLA (common with BGP unnumbered use case) and a router policy is used on a router with nexthop set to the LLA of a different router then the outport is determined by matching subnets of the nexthop address and the LRPs addresses on the router with the policy. In this case, if LLAs are used then all LRPs match the criteria as all LLAs are fe80::/64 on all ports.

      https://github.com/ovn-org/ovn/blob/045b14c258c7292d1d51248f243eb201199ee45d/lib/ovn-util.c#L466-L478

       Impact Assessment: This makes routing policy not working as expected and with the reroute action traffic is sent to random ports. The workaround is to use a subnet per each router-router connection.

       

       Software Versions: All OVN versions

        Issue Type: This is a new issue

       

       Reproducibility: It can be reproduced consistently.

       

       Reproduction Steps:

      create 3 routers, 1 connecting to the other two and not configuring any IPs on the LRPs. Then use a router policy with "reroute" action and nexthop an LLA of one of the two connected LRPs.

      R1 | LRPr1 ---- LRPr2 | R2 | LRPr3 ----- LRPr4 | R3

                                                   ^
                match: inport LRPr2 reroute - nexthop: LRPr4 LLA

       Expected Behavior: The outport should be determined based on exact address given in nexthop. This can be very complex with complicated topologies

       

       Observed Behavior: Routing happens randomly

       

       Troubleshooting Actions: Looked at the generated logical flows for the router for lr_in_policy stage

       

       Logs: If you collected logs please provide them (e.g. sos report, /var/log/openvswitch/* , testpmd console)

              ovnteam@redhat.com OVN Team
              nstbot NST Bot
              OVN QE OVN QE
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: