-
Epic
-
Resolution: Unresolved
-
Undefined
-
None
-
None
-
None
-
[RHEL-9 OVS-3.3] spurious warning: netdev_vport unknown geneve argument 'ipsec_encapsulation'
-
0
-
False
-
False
-
To Do
-
openvswitch3.3-3.3.8-6.el9fdp
-
rhel-9
-
None
-
rhel-net-ovs-dpdk
-
ssg_networking
When testing OCP wtih IPsec with NAT-T and ipsec_encapsulation we see log spam
ovs-vswitchd[1090]: ovs|00127|netdev_vport|WARN|ovn-9dde52-0: unknown geneve argument 'ipsec_encapsulation' ovs-vswitchd[1090]: ovs|00128|netdev_vport|WARN|ovn-da7b79-0: unknown geneve argument 'ipsec_encapsulation' ovs-vswitchd[1090]: ovs|00129|netdev_vport|WARN|ovn-95900b-0: unknown geneve argument 'ipsec_encapsulation' ovs-vswitchd[1090]: ovs|00130|netdev_vport|WARN|ovn-72a354-0: unknown geneve argument 'ipsec_encapsulation'
We only use ipsec_encapsulation on IBMCloud platform so this is limited to one platform.
openvswitch3.1 3.1.0-104.el9fdp
OCP 4.16.0-0.nightly-2024-09-06-042551
https://github.com/openvswitch/ovs/blob/main/lib/netdev-vport.c#L841
} else if (!strcmp(node->key, "remote_cert") ||
!strcmp(node->key, "remote_name") ||
!strcmp(node->key, "psk")) {
/* When configuring OVS for IPsec, these keys may be set in the
tunnel port's 'options' column. 'ovs-vswitchd' does not directly
use them, but they are read by 'ovs-monitor-ipsec'. In order to
suppress the "unknown %s argument" warning message below, we
handle them here by ignoring them. */
}