-
Bug
-
Resolution: Done-Errata
-
Major
-
None
-
None
-
False
-
-
False
-
-
-
Important
-
+
When a client send a Router Solicit message on an interface without an IP address - it should use the `::` (undefined address) as SourceAddr. (See: https://www.rfc-editor.org/rfc/rfc4861#page-18)
4.1. Router Solicitation Message Format < .. snip .. > IP Fields: Source Address An IP address assigned to the sending interface, or the unspecified address if no address is assigned to the sending interface.
When OVN respond to this Router Solicit it uses the `::` (undefined address) as the DestinationAddr. When comparint to radvd behaviour it will instead use the ff02::1 (All nodes on-link multicast addresses afict from rfc4291).
It looks like OVN is always sending the response to the source address of RA Solicit, I belive there should be a condition to check that the RA Solicit used `::` because interface does not have an address, and in that case the RA Advertise should instead have destination ff02::1.
Example from PCAP when OVN is doing RAs:
Frame 1: 62 bytes on wire (496 bits), 62 bytes captured (496 bits) Ethernet II, Src: RealtekU_31:83:6c (52:54:00:31:83:6c), Dst: IPv6mcast_02 (33:33:00:00:00:02) Internet Protocol Version 6, Src: ::, Dst: ff02::2 0110 .... = Version: 6 .... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT) .... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0) .... .... ..00 .... .... .... .... .... = Explicit Congestion Notification: Not ECN-Capable Transport (0) .... 0000 0000 0000 0000 0000 = Flow Label: 0x00000 Payload Length: 8 Next Header: ICMPv6 (58) Hop Limit: 255 Source Address: :: Destination Address: ff02::2 Internet Control Message Protocol v6 Type: Router Solicitation (133) Code: 0 Checksum: 0x7bb8 [correct] [Checksum Status: Good] Reserved: 00000000
Frame 2: 118 bytes on wire (944 bits), 118 bytes captured (944 bits) Ethernet II, Src: fa:16:3e:fe:76:da (fa:16:3e:fe:76:da), Dst: RealtekU_31:83:6c (52:54:00:31:83:6c) Internet Protocol Version 6, Src: fe80::f816:3eff:fefe:76da, Dst: :: 0110 .... = Version: 6 .... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT) .... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0) .... .... ..00 .... .... .... .... .... = Explicit Congestion Notification: Not ECN-Capable Transport (0) .... 0000 0000 0000 0000 0000 = Flow Label: 0x00000 Payload Length: 64 Next Header: ICMPv6 (58) Hop Limit: 255 Source Address: fe80::f816:3eff:fefe:76da Destination Address: :: Internet Control Message Protocol v6 Type: Router Advertisement (134) Code: 0 Checksum: 0xd3a3 [correct] [Checksum Status: Good] Cur hop limit: 255 Flags: 0x80, Managed address configuration, Prf (Default Router Preference): Medium 1... .... = Managed address configuration: Set .0.. .... = Other configuration: Not set ..0. .... = Home Agent: Not set ...0 0... = Prf (Default Router Preference): Medium (0) .... .0.. = Proxy: Not set .... ..0. = Reserved: 0 Router lifetime (s): 65535 Reachable time (ms): 0 Retrans timer (ms): 0 ICMPv6 Option (Source link-layer address : fa:16:3e:fe:76:da) Type: Source link-layer address (1) Length: 1 (8 bytes) Link-layer address: fa:16:3e:fe:76:da (fa:16:3e:fe:76:da) ICMPv6 Option (MTU : 1400) Type: MTU (5) Length: 1 (8 bytes) Reserved MTU: 1400 ICMPv6 Option (Prefix information : fc01::/64) Type: Prefix information (3) Length: 4 (32 bytes) Prefix Length: 64 Flag: 0x80, On-link flag(L) 1... .... = On-link flag(L): Set .0.. .... = Autonomous address-configuration flag(A): Not set ..0. .... = Router address flag(R): Not set ...0 0000 = Reserved: 0 Valid Lifetime: Infinity (4294967295) Preferred Lifetime: Infinity (4294967295) Reserved Prefix: fc01::
Example from PCAP when RADVD is doing RAs:
Frame 9: 62 bytes on wire (496 bits), 62 bytes captured (496 bits) Ethernet II, Src: RealtekU_d9:3d:5c (52:54:00:d9:3d:5c), Dst: IPv6mcast_02 (33:33:00:00:00:02) Internet Protocol Version 6, Src: ::, Dst: ff02::2 0110 .... = Version: 6 .... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT) .... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0) .... .... ..00 .... .... .... .... .... = Explicit Congestion Notification: Not ECN-Capable Transport (0) .... 0000 0000 0000 0000 0000 = Flow Label: 0x00000 Payload Length: 8 Next Header: ICMPv6 (58) Hop Limit: 255 Source Address: :: Destination Address: ff02::2 Internet Control Message Protocol v6 Type: Router Solicitation (133) Code: 0 Checksum: 0x7bb8 [correct] [Checksum Status: Good] Reserved: 00000000
Frame 10: 142 bytes on wire (1136 bits), 142 bytes captured (1136 bits) Ethernet II, Src: fa:16:3e:38:ee:f0 (fa:16:3e:38:ee:f0), Dst: IPv6mcast_01 (33:33:00:00:00:01) Internet Protocol Version 6, Src: fe80::f816:3eff:fe38:eef0, Dst: ff02::1 0110 .... = Version: 6 .... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT) .... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0) .... .... ..00 .... .... .... .... .... = Explicit Congestion Notification: Not ECN-Capable Transport (0) .... 1101 1001 0101 1110 0111 = Flow Label: 0xd95e7 Payload Length: 88 Next Header: ICMPv6 (58) Hop Limit: 255 Source Address: fe80::f816:3eff:fe38:eef0 Destination Address: ff02::1 Internet Control Message Protocol v6 Type: Router Advertisement (134) Code: 0 Checksum: 0x2de8 [correct] [Checksum Status: Good] Cur hop limit: 64 Flags: 0x80, Managed address configuration, Prf (Default Router Preference): Medium 1... .... = Managed address configuration: Set .0.. .... = Other configuration: Not set ..0. .... = Home Agent: Not set ...0 0... = Prf (Default Router Preference): Medium (0) .... .0.. = Proxy: Not set .... ..0. = Reserved: 0 Router lifetime (s): 300 Reachable time (ms): 0 Retrans timer (ms): 0 ICMPv6 Option (Prefix information : fc01::/64) Type: Prefix information (3) Length: 4 (32 bytes) Prefix Length: 64 Flag: 0x80, On-link flag(L) 1... .... = On-link flag(L): Set .0.. .... = Autonomous address-configuration flag(A): Not set ..0. .... = Router address flag(R): Not set ...0 0000 = Reserved: 0 Valid Lifetime: 86400 Preferred Lifetime: 14400 Reserved Prefix: fc01:: ICMPv6 Option (Route Information : Medium fe80::a9fe:a9fe/128) Type: Route Information (24) Length: 3 (24 bytes) Prefix Length: 128 Flag: 0x00, Route Preference: Medium Route Lifetime: 300 Prefix: fe80::a9fe:a9fe ICMPv6 Option (MTU : 1500) Type: MTU (5) Length: 1 (8 bytes) Reserved MTU: 1500 ICMPv6 Option (Source link-layer address : fa:16:3e:38:ee:f0) Type: Source link-layer address (1) Length: 1 (8 bytes) Link-layer address: fa:16:3e:38:ee:f0 (fa:16:3e:38:ee:f0)
- is cloned by
-
-
- Dev Complete
-
-
-
- Dev Complete
-
-
-
- Dev Complete
-
-
-
- Dev Complete
-
-
-
- Dev Complete
-
-
-
- Dev Complete
-
-
-
- Dev Complete
-
-
-
- Dev Complete
-
-
-
- Closed
-
- links to
-
RHBA-2023:122875
ovn22.12
- mentioned on
[FDP-43] IPv6 Router Advertisement `::` (undefined address) as destination when Router Solicit has SrcAddr: `::`
GitLab CEE Bot
added a comment - Jianlin Shi mentioned this issue in a commit of Kernel QE / Kernel Tests on branch master:
ovn: reproducer for jira
FDP-43
GitLab CEE Bot
added a comment - Jianlin Shi mentioned this issue in a commit of Kernel QE / Kernel Tests on branch master : ovn: reproducer for jira FDP-43 
Jianlin Shi
added a comment - script to setup the env:
systemctl start openvswitch
systemctl start ovn-northd
ovn-nbctl set-connection ptcp:6641
ovn-sbctl set-connection ptcp:6642
ovs-vsctl set open . external_ids:system-id=hv1 external_ids:ovn-remote=tcp:127.0.0.1:6642 external_ids:ovn-encap-type=geneve external_ids:ovn-encap-ip=127.0.0.1
systemctl restart ovn-controller
ip netns add server0
ip link add veth0_s0 netns server0 type veth peer name veth0_s0_p
ip netns exec server0 ip link set lo up
ip netns exec server0 ip link set veth0_s0 up
ip netns exec server0 ip link set veth0_s0 address 00:00:00:01:01:02
ip netns exec server0 ip addr add 192.168.1.1/24 dev veth0_s0
ovs-vsctl add-port br-int veth0_s0_p
ip link set veth0_s0_p up
ovs-vsctl set interface veth0_s0_p external_ids:iface-id=ls1p1
ovn-nbctl ls-add ls1
ovn-nbctl lsp-add ls1 ls1p1
ovn-nbctl lsp-set-addresses ls1p1 00:00:00:01:01:02
ovn-nbctl lsp-add ls1 ls1p2
ovn-nbctl lsp-set-addresses ls1p2 00:00:00:01:02:02
ovn-nbctl lr-add lr1
ovn-nbctl lrp-add lr1 lr1-ls1 00:00:00:00:00:01 aef0:0:0:0:0:0:0:1/64
ovn-nbctl lsp-add ls1 ls1-lr1
ovn-nbctl lsp-set-type ls1-lr1 router
ovn-nbctl lsp-set-options ls1-lr1 router-port=lr1-ls1
ovn-nbctl lsp-set-addresses ls1-lr1 00:00:00:00:00:01
ovn-nbctl lsp-add ls1 ls1p3
ovn-nbctl lsp-set-addresses ls1p3 00:00:00:01:03:02
ovn-nbctl set Logical_Router_Port lr1-ls1 ipv6_ra_configs:send_periodic=true
ovn-nbctl set Logical_Router_Port lr1-ls1 ipv6_ra_configs:address_mode=slaac
ovn-nbctl set Logical_Router_Port lr1-ls1 ipv6_ra_configs:max_interval=4
ovn-nbctl set Logical_Router_Port lr1-ls1 ipv6_ra_configs:min_interval=3
ovn-nbctl --wait=hv set Logical_Router_port lr1-ls1 ipv6_ra_configs:rdnss=aef0::11
ovn-nbctl --wait=hv set Logical_Router_port lr1-ls1 ipv6_ra_configs:router_preference=LOW
ovn-nbctl --wait=hv set Logical_Router_port lr1-ls1 ipv6_ra_configs:route_info=HIGH-aef1::11/48,LOW-aef2::11/96
ovn-nbctl list logical_router_port lr1-ls1
steps to reproduce:
1. setup with above script
2. send ra from server0:
ip netns exec server0 python /usr/local/bin/send_nd.py -t rs -m 00:00:00:01:01:02 -a :: -i veth0_s0
send_nd.py is from https://gitlab.cee.redhat.com/kernel-qe/kernel/-/blob/master/networking/common/tools/send_nd.py
3. capture packet on veth0_s0: ip netns exec server0 tcpdump -i veth0_s0 -nnle -v
result on ovn22.12-22.12.0-19.el9:
[root@kvm-08-guest07 ~]# rpm -qa | grep -E "openvswitch3.1|ovn22.12"
ovn22.12-22.12.1-19.el9fdp.x86_64
ovn22.12-central-22.12.1-19.el9fdp.x86_64
ovn22.12-host-22.12.1-19.el9fdp.x86_64
openvswitch3.1-3.1.0-61.el9fdp.x86_64
22:33:12.785634 00:00:00:01:01:02 > 33:33:00:00:00:02, ethertype IPv6 (0x86dd), length 70: (hlim 255, next-header ICMPv6 (58) payload length: 16) :: > ff02::2: [icmp6 sum ok] ICMP6, router solicitation, length 16
source link-address option (1), length 8 (1): 00:00:00:01:01:02
22:33:12.786392 00:00:00:00:00:01 > 00:00:00:01:01:02, ethertype IPv6 (0x86dd), length 174: (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::200:ff:fe00:1 > ::: [icmp6 sum ok] ICMP6, router advertisement, length 120
hop limit 255, Flags [none], pref low, router lifetime 65535s, reachable time 0ms, retrans timer 0ms
source link-address option (1), length 8 (1): 00:00:00:00:00:01
rdnss option (25), length 24 (3): lifetime 4294967295s, addr: aef0::11
route info option (24), length 16 (2): aef1::/48, pref=high, lifetime=infinity
route info option (24), length 24 (3): aef2::/96, pref=low, lifetime=infinity
prefix info option (3), length 32 (4): aef0::/64, Flags [onlink, auto], valid time infinity, pref. time infinity
<=== dst addr for ra is ::
result on ovn22.12-22.12.0-35.el9:
[root@kvm-08-guest07 ~]# rpm -qa | grep -E "openvswitch3.1|ovn22.12"
openvswitch3.1-3.1.0-61.el9fdp.x86_64
ovn22.12-22.12.1-35.el9fdp.x86_64
ovn22.12-central-22.12.1-35.el9fdp.x86_64
ovn22.12-host-22.12.1-35.el9fdp.x86_64
22:35:02.993575 00:00:00:01:01:02 > 33:33:00:00:00:02, ethertype IPv6 (0x86dd), length 70: (hlim 255, next-header ICMPv6 (58) payload length: 16) :: > ff02::2: [icmp6 sum ok] ICMP6, router solicitation, length 16
source link-address option (1), length 8 (1): 00:00:00:01:01:02
22:35:02.994001 00:00:00:00:00:01 > 00:00:00:01:01:02, ethertype IPv6 (0x86dd), length 174: (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::200:ff:fe00:1 > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 120
hop limit 255, Flags [none], pref low, router lifetime 65535s, reachable time 0ms, retrans timer 0ms
source link-address option (1), length 8 (1): 00:00:00:00:00:01
rdnss option (25), length 24 (3): lifetime 4294967295s, addr: aef0::11
route info option (24), length 16 (2): aef1::/48, pref=high, lifetime=infinity
route info option (24), length 24 (3): aef2::/96, pref=low, lifetime=infinity
prefix info option (3), length 32 (4): aef0::/64, Flags [onlink, auto], valid time infinity, pref. time infinity
<=== dst addr for ra is ff02::1
Jianlin Shi
added a comment - script to setup the env:
systemctl start openvswitch
systemctl start ovn-northd
ovn-nbctl set-connection ptcp:6641
ovn-sbctl set-connection ptcp:6642
ovs-vsctl set open . external_ids:system-id=hv1 external_ids:ovn-remote=tcp:127.0.0.1:6642 external_ids:ovn-encap-type=geneve external_ids:ovn-encap-ip=127.0.0.1
systemctl restart ovn-controller
ip netns add server0
ip link add veth0_s0 netns server0 type veth peer name veth0_s0_p
ip netns exec server0 ip link set lo up
ip netns exec server0 ip link set veth0_s0 up
ip netns exec server0 ip link set veth0_s0 address 00:00:00:01:01:02
ip netns exec server0 ip addr add 192.168.1.1/24 dev veth0_s0
ovs-vsctl add-port br-int veth0_s0_p
ip link set veth0_s0_p up
ovs-vsctl set interface veth0_s0_p external_ids:iface-id=ls1p1
ovn-nbctl ls-add ls1
ovn-nbctl lsp-add ls1 ls1p1
ovn-nbctl lsp-set-addresses ls1p1 00:00:00:01:01:02
ovn-nbctl lsp-add ls1 ls1p2
ovn-nbctl lsp-set-addresses ls1p2 00:00:00:01:02:02
ovn-nbctl lr-add lr1
ovn-nbctl lrp-add lr1 lr1-ls1 00:00:00:00:00:01 aef0:0:0:0:0:0:0:1/64
ovn-nbctl lsp-add ls1 ls1-lr1
ovn-nbctl lsp-set-type ls1-lr1 router
ovn-nbctl lsp-set-options ls1-lr1 router-port=lr1-ls1
ovn-nbctl lsp-set-addresses ls1-lr1 00:00:00:00:00:01
ovn-nbctl lsp-add ls1 ls1p3
ovn-nbctl lsp-set-addresses ls1p3 00:00:00:01:03:02
ovn-nbctl set Logical_Router_Port lr1-ls1 ipv6_ra_configs:send_periodic=true
ovn-nbctl set Logical_Router_Port lr1-ls1 ipv6_ra_configs:address_mode=slaac
ovn-nbctl set Logical_Router_Port lr1-ls1 ipv6_ra_configs:max_interval=4
ovn-nbctl set Logical_Router_Port lr1-ls1 ipv6_ra_configs:min_interval=3
ovn-nbctl --wait=hv set Logical_Router_port lr1-ls1 ipv6_ra_configs:rdnss=aef0::11
ovn-nbctl --wait=hv set Logical_Router_port lr1-ls1 ipv6_ra_configs:router_preference=LOW
ovn-nbctl --wait=hv set Logical_Router_port lr1-ls1 ipv6_ra_configs:route_info=HIGH-aef1::11/48,LOW-aef2::11/96
ovn-nbctl list logical_router_port lr1-ls1
steps to reproduce:
1. setup with above script
2. send ra from server0:
ip netns exec server0 python /usr/local/bin/send_nd.py -t rs -m 00:00:00:01:01:02 -a :: -i veth0_s0
send_nd.py is from https://gitlab.cee.redhat.com/kernel-qe/kernel/-/blob/master/networking/common/tools/send_nd.py
3. capture packet on veth0_s0: ip netns exec server0 tcpdump -i veth0_s0 -nnle -v
result on ovn22.12-22.12.0-19.el9:
[root@kvm-08-guest07 ~] # rpm -qa | grep -E "openvswitch3.1|ovn22.12"
ovn22.12-22.12.1-19.el9fdp.x86_64
ovn22.12-central-22.12.1-19.el9fdp.x86_64
ovn22.12-host-22.12.1-19.el9fdp.x86_64
openvswitch3.1-3.1.0-61.el9fdp.x86_64
22:33:12.785634 00:00:00:01:01:02 > 33:33:00:00:00:02, ethertype IPv6 (0x86dd), length 70: (hlim 255, next-header ICMPv6 (58) payload length: 16) :: > ff02::2: [icmp6 sum ok] ICMP6, router solicitation, length 16
source link-address option (1), length 8 (1): 00:00:00:01:01:02
22:33:12.786392 00:00:00:00:00:01 > 00:00:00:01:01:02, ethertype IPv6 (0x86dd), length 174: (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::200:ff:fe00:1 > ::: [icmp6 sum ok] ICMP6, router advertisement, length 120
hop limit 255, Flags [none] , pref low, router lifetime 65535s, reachable time 0ms, retrans timer 0ms
source link-address option (1), length 8 (1): 00:00:00:00:00:01
rdnss option (25), length 24 (3): lifetime 4294967295s, addr: aef0::11
route info option (24), length 16 (2): aef1::/48, pref=high, lifetime=infinity
route info option (24), length 24 (3): aef2::/96, pref=low, lifetime=infinity
prefix info option (3), length 32 (4): aef0::/64, Flags [onlink, auto] , valid time infinity, pref. time infinity
<=== dst addr for ra is ::
result on ovn22.12-22.12.0-35.el9:
[root@kvm-08-guest07 ~] # rpm -qa | grep -E "openvswitch3.1|ovn22.12"
openvswitch3.1-3.1.0-61.el9fdp.x86_64
ovn22.12-22.12.1-35.el9fdp.x86_64
ovn22.12-central-22.12.1-35.el9fdp.x86_64
ovn22.12-host-22.12.1-35.el9fdp.x86_64
22:35:02.993575 00:00:00:01:01:02 > 33:33:00:00:00:02, ethertype IPv6 (0x86dd), length 70: (hlim 255, next-header ICMPv6 (58) payload length: 16) :: > ff02::2: [icmp6 sum ok] ICMP6, router solicitation, length 16
source link-address option (1), length 8 (1): 00:00:00:01:01:02
22:35:02.994001 00:00:00:00:00:01 > 00:00:00:01:01:02, ethertype IPv6 (0x86dd), length 174: (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::200:ff:fe00:1 > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 120
hop limit 255, Flags [none] , pref low, router lifetime 65535s, reachable time 0ms, retrans timer 0ms
source link-address option (1), length 8 (1): 00:00:00:00:00:01
rdnss option (25), length 24 (3): lifetime 4294967295s, addr: aef0::11
route info option (24), length 16 (2): aef1::/48, pref=high, lifetime=infinity
route info option (24), length 24 (3): aef2::/96, pref=low, lifetime=infinity
prefix info option (3), length 32 (4): aef0::/64, Flags [onlink, auto] , valid time infinity, pref. time infinity
<=== dst addr for ra is ff02::1 Thanks Ales!
Today I finally had time to test your patch, and can confirm that it works.
I can see UEFI firmware fetching iPXE, iPXE is succesfully configured by DHCPv6+RA's from OVN and the initial iPXE script file successfully downloads and executes.
>>Start PXE over IPv6.. Station IP address is FC01:0:0:0:0:0:0:137 IPv6 Gateway IP address is 0:0:0:0:0:0:0:0 DEBUG: Mtftp status -> 0 Server IP address is FC00:0:0:0:0:0:0:1 NBP filename is snponly.efi NBP filesize is 219680 Bytes Downloading NBP file... NBP file downloaded successfully. BdsDxe: loading Boot0002 "UEFI PXEv6 (MAC:525400FDB38D)" from PciRoot(0x0)/Pci(0x1,0x0)/Pci(0x0,0x0)/MAC(525400FDB38D,0x1)/IPv6(0000:0000:0000:0000:0000:0000:0000:0000,0x0,Static,0000:0000:0000:0000:0000:0000:0000:0000,0x40,0000:0000:0000:0000:0000:0000:0000:0000) BdsDxe: starting Boot0002 "UEFI PXEv6 (MAC:525400FDB38D)" from PciRoot(0x0)/Pci(0x1,0x0)/Pci(0x0,0x0)/MAC(525400FDB38D,0x1)/IPv6(0000:0000:0000:0000:0000:0000:0000:0000,0x0,Static,0000:0000:0000:0000:0000:0000:0000:0000,0x40,0000:0000:0000:0000:0000:0000:0000:0000) iPXE initialising devices...okESC[1mESC[37mESC[40miPXE 1.0.0+ (4bd064de)ESC[0mESC[37mESC[40m -- Open Source Network Boot Firmware -- ESC[0mESC[36mESC[40mhttp://ipxe.orgESC[0mESC[37mESC[40m Features: DNS HTTP HTTPS iSCSI TFTP VLAN AoE EFI Menunet0: 52:54:00:fd:b3:8d using SNP on SNP-0000:01:00.0 (open) [Link:up, TX:0 TXE:0 RX:0 RXE:0] Configuring (net0 52:54:00:fd:b3:8d)............................................................... ok net0: fc01::137/64 gw fe80::f816:3eff:fe1f:4672 net0: fe80::5054:ff:fefd:b38d/64 Filename: http://[fc00::1]:3928/boot.ipxe http://[fc00::1]:3928/boot.ipxe... ok boot.ipxe : 1004 bytes [script] Attempting to boot from MAC 52-54-00-fd-b3-8d pxelinux.cfg/52-54-00-fd-b3-8d............................................................................................................ Connection reset (http://ipxe.org/0f0a6095) PXE boot failed! No configuration found for any of the present NICs. Press any key to reboot... Could not boot image: Connection timed out (http://ipxe.org/4c22e092) No more network devices
Based on what I see in traffic capture, the failure downloading the ``pxelinux.cfg/52-54-00-fd-b3-8d`` file is likely due to a separate issue with MTU https://bugs.launchpad.net/neutron/+bug/2032817.
Patch posted: https://patchwork.ozlabs.org/project/ovn/patch/20230915121533.174687-1-amusil@redhat.com/
I made a slight hack to verify that sending the RA response to `::` is the reason firmware is not getting an IPv6 route and thus failing to download the file.
Hardcoding the destination to ff02::1 in {{build_ND_RA_flows_for_lrouter_port ...
}}
diff --git a/northd/northd.c b/northd/northd.c index e9cb906e2..77c7daab5 100644 --- a/northd/northd.c +++ b/northd/northd.c @@ -12903,7 +12903,7 @@ build_ND_RA_flows_for_lrouter_port( memset(ip6_str, 0, sizeof(ip6_str)); ipv6_string_mapped(ip6_str, &lla); ds_put_format(actions, "eth.dst = eth.src; eth.src = %s; " - "ip6.dst = ip6.src; ip6.src = %s; " + "ip6.dst = ff02::1; ip6.src = %s; " "outport = inport; flags.loopback = 1; " "output;", op->lrp_networks.ea_s, ip6_str);
... indeed, firmware successfully downloads the NBP
>Start PXE over IPv6.. Station IP address is FC01:0:0:0:0:0:0:1B3 Server IP address is FC00:0:0:0:0:0:0:1 NBP filename is snponly.efi NBP filesize is 219680 Bytes Downloading NBP file... NBP file downloaded successfully. BdsDxe: loading Boot0002 "UEFI PXEv6 (MAC:52540046F2F2)" from PciRoot(0x0)/Pci(0x1,0x0)/Pci(0x0,0x0)/MAC(52540046F2F2,0x1)/IPv6(0000:0000:0000:0000:0000:0000:0000:0000,0x0,Static,0000:0000:0000:0000:0000:0000:0000:0000,0x40,0000:0000:000 0:0000:0000:0000:0000:0000) BdsDxe: starting Boot0002 "UEFI PXEv6 (MAC:52540046F2F2)" from PciRoot(0x0)/Pci(0x1,0x0)/Pci(0x0,0x0)/MAC(52540046F2F2,0x1)/IPv6(0000:0000:0000:0000:0000:0000:0000:0000,0x0,Static,0000:0000:0000:0000:0000:0000:0000:0000,0x40,0000:0000:00 00:0000:0000:0000:0000:0000) iPXE initialising devices...ok iPXE 1.0.0+ (4bd064de) -- Open Source Network Boot Firmware -- http://ipxe.org Features: DNS HTTP HTTPS iSCSI TFTP VLAN AoE EFI Menu net0: 52:54:00:46:f2:f2 using SNP on SNP-0000:01:00.0 (open) [Link:up, TX:0 TXE:0 RX:0 RXE:0] Configuring (net0 52:54:00:46:f2:f2)............................................................... No configuration methods succeeded (http://ipxe.org/040ee186) No more network devices
Since the problem described in this issue should be resolved in a recent advisory, it has been closed.
For information on the advisory (ovn22.12 bug fix and enhancement update), and where to find the updated files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHBA-2023:7596