Normal With a simple topology:
VIF — logical switch — logical router
If the router port connecting the switch and router is removed and the re-created (with a different tunnel key) ovn-controller fails to process the change and doesn't update the openflow rules in the switch egress pipeline, i.e.:
- the old rule to forward using the tunnel key of the deleted port is not removed
- a new rule to forward using the tunnel key of the created router port is not added
Steps to reproduce the issue:
1. create the topology:
$ ovn-nbctl \ -- ls-add ls \ -- lr-add lr \ -- set logical_router lr options:mac_binding_age_threshold=3600 \ -- lrp-add lr lr-ls 00:00:00:00:10:00 192.168.10.1/24 \ -- set logical_router_port lr-ls options:requested-tnl-key=42 \ -- lsp-add ls ls-lr \ -- lsp-set-type ls-lr router \ -- lsp-set-addresses ls-lr router \ -- lsp-set-options ls-lr router-port=lr-ls \ -- lsp-add ls vif \ -- lsp-set-addresses vif "00:00:00:00:10:10 192.168.10.10"
2. Bind the VIF
$ ovs-vsctl \ -- add-port br-int vif \ -- set interface vif external-ids:iface-id=vif
3. check openflows:
$ ovn-sbctl list datapath_binding ls_uuid : fdfb2a90-61b7-4e1e-b663-edebaf098a30external_ids : {logical-switch="c0104398-8571-48d4-b43b-bc166a689318", name=ls}load_balancers : []tunnel_key : 1
$ ovs-ofctl dump-flows br-int table=65,metadata=1 | grep NXM_NX_REG14 cookie=0x9dadfb8c, duration=78.120s, table=65, n_packets=0, n_bytes=0, idle_age=78, priority=100,reg15=0x2,metadata=0x1 actions=clone(ct_clear,load:0->NXM_NX_REG11[],load:0->NXM_NX_REG12[],load:0->NXM_NX_REG13[0..15],load:0x2->NXM_NX_REG11[],load:0x3->NXM_NX_REG12[],load:0x2->OXM_OF_METADATA[],load:0x2a->NXM_NX_REG14[],load:0->NXM_NX_REG10[],load:0->NXM_NX_REG15[],load:0->NXM_NX_REG0[],load:0->NXM_NX_REG1[],load:0->NXM_NX_REG2[],load:0->NXM_NX_REG3[],load:0->NXM_NX_REG4[],load:0->NXM_NX_REG5[],load:0->NXM_NX_REG6[],load:0->NXM_NX_REG7[],load:0->NXM_NX_REG8[],load:0->NXM_NX_REG9[],resubmit(,8))
the router port tunnel key is 42: load:0x2a->NXM_NX_REG14[]
4. remove LRP add new one:
$ ovn-nbctl lrp-del lr-ls $ ovn-nbctl \ -- lrp-add lr lr-ls 00:00:00:00:10:00 192.168.10.1/24 \ -- set logical_router_port lr-ls options:requested-tnl-key=43 $ ovn-nbctl --wait=hv sync
5. Check openflows:
$ ovs-ofctl dump-flows br-int table=65,metadata=1 | grep NXM_NX_REG14 cookie=0x9dadfb8c, duration=172.191s, table=65, n_packets=0, n_bytes=0, idle_age=172, priority=100,reg15=0x2,metadata=0x1 actions=clone(ct_clear,load:0->NXM_NX_REG11[],load:0->NXM_NX_REG12[],load:0->NXM_NX_REG13[0..15],load:0x2->NXM_NX_REG11[],load:0x3->NXM_NX_REG12[],load:0x2->OXM_OF_METADATA[],load:0x2a->NXM_NX_REG14[],load:0->NXM_NX_REG10[],load:0->NXM_NX_REG15[],load:0->NXM_NX_REG0[],load:0->NXM_NX_REG1[],load:0->NXM_NX_REG2[],load:0->NXM_NX_REG3[],load:0->NXM_NX_REG4[],load:0->NXM_NX_REG5[],load:0->NXM_NX_REG6[],load:0->NXM_NX_REG7[],load:0->NXM_NX_REG8[],load:0->NXM_NX_REG9[],resubmit(,8)
The router port tunnel key value didn't change, it's still 42.
6. Trigger ovn-controller recompute and check flows:
$ ovn-appctl -t ovn-controller inc-engine/recompute$ ovs-ofctl dump-flows br-int table=65,metadata=1 | grep NXM_NX_REG14 cookie=0x9dadfb8c, duration=216.720s, table=65, n_packets=0, n_bytes=0, idle_age=216, hard_age=13, priority=100,reg15=0x2,metadata=0x1 actions=clone(ct_clear,load:0->NXM_NX_REG11[],load:0->NXM_NX_REG12[],load:0->NXM_NX_REG13[0..15],load:0x2->NXM_NX_REG11[],load:0x3->NXM_NX_REG12[],load:0x2->OXM_OF_METADATA[],load:0x2b->NXM_NX_REG14[],load:0->NXM_NX_REG10[],load:0->NXM_NX_REG15[],load:0->NXM_NX_REG0[],load:0->NXM_NX_REG1[],load:0->NXM_NX_REG2[],load:0->NXM_NX_REG3[],load:0->NXM_NX_REG4[],load:0->NXM_NX_REG5[],load:0->NXM_NX_REG6[],load:0->NXM_NX_REG7[],load:0->NXM_NX_REG8[],load:0->NXM_NX_REG9[],resubmit(,8))
The flow was changed to use the new tunnel key, 43.
