-
Bug
-
Resolution: Not a Bug
-
Normal
-
None
-
None
-
None
-
False
-
-
False
-
rhel-sst-network-fastdatapath
-
-
-
ssg_networking
-
Moderate
Description:
ipv6 traffic for FIP would still go through tunnel
Version:
ovn23.09-23.09.6-6.el9fdp.x86_64
Steps:
1 server: systemctl start openvswitch systemctl start ovn-northd ovn-nbctl set-connection ptcp:6641 ovn-sbctl set-connection ptcp:6642 ovs-vsctl set open . external_ids:system-id=hv1 external_ids:ovn-remote=tcp:1.1.86.25:6642 external_ids:ovn-encap-type=geneve external_ids:ovn-encap-ip=1.1.86.25 systemctl restart ovn-controllerovs-vsctl add-br br-ext ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-mappings=phynet:br-ext ovs-vsctl add-port br-ext ens1f1np1 ip link set ens1f1np1 upovn-nbctl lr-add lr1 ovn-nbctl lrp-add lr1 lr1-ls1 00:00:01:ff:02:03 192.168.1.254/24 1111::a/64 ovn-nbctl ls-add ls1 ovn-nbctl lsp-add ls1 ls1p1 ovn-nbctl lsp-set-addresses ls1p1 "00:00:01:01:01:01 192.168.1.1 1111::1" ovn-nbctl lsp-add ls1 ls1p2 ovn-nbctl lsp-set-addresses ls1p2 "00:00:01:01:01:02 192.168.1.12 1111::2" ovn-nbctl lsp-add ls1 ls1-lr1 ovn-nbctl lsp-set-type ls1-lr1 router ovn-nbctl lsp-set-options ls1-lr1 router-port=lr1-ls1 ovn-nbctl lsp-set-addresses ls1-lr1 router ovn-nbctl ls-add ls2 ovn-nbctl lsp-add ls2 ls2p1 ovn-nbctl lsp-set-addresses ls2p1 "00:00:01:01:02:01 192.168.2.1 1112::1" ovn-nbctl lsp-add ls2 ls2p2 ovn-nbctl lsp-set-addresses ls2p2 "00:00:01:01:02:02 192.168.2.2 1112::2" ovn-nbctl lrp-add lr1 lr1-ls2 00:00:01:ff:22:03 192.168.2.254/24 1112::a/64 ovn-nbctl lsp-add ls2 ls2-lr1 ovn-nbctl lsp-set-type ls2-lr1 router ovn-nbctl lsp-set-options ls2-lr1 router-port=lr1-ls2 ovn-nbctl lsp-set-addresses ls2-lr1 router ovn-nbctl ls-add pub ovn-nbctl lrp-add lr1 lr1-pub 00:00:01:ff:01:03 172.16.1.254/24 172:16::a/64 ovn-nbctl lrp-set-gateway-chassis lr1-pub hv1 ovn-nbctl lsp-add pub pub-lr1 ovn-nbctl lsp-set-type pub-lr1 router ovn-nbctl lsp-set-addresses pub-lr1 router ovn-nbctl lsp-set-options pub-lr1 router-port=lr1-pub ovn-nbctl lsp-add pub pub-ln ovn-nbctl lsp-set-type pub-ln localnet ovn-nbctl lsp-set-addresses pub-ln unknown ovn-nbctl lsp-set-options pub-ln network_name=phynet ovn-nbctl lsp-add ls1 ls1-ln ovn-nbctl lsp-set-type ls1-ln localnet ovn-nbctl lsp-set-addresses ls1-ln unknown ovn-nbctl lsp-set-options ls1-ln network_name=phynet ovn-nbctl lsp-add ls2 ls2-ln ovn-nbctl lsp-set-type ls2-ln localnet ovn-nbctl lsp-set-addresses ls2-ln unknown ovn-nbctl lsp-set-options ls2-ln network_name=phynet ovn-nbctl set logical_switch_port ls2-ln tag_request=50 #ovn-nbctl lr-nat-add lr1 dnat_and_snat 172.16.1.21 192.168.2.1 ls2p1 00:00:0f:01:02:01 #ovn-nbctl lr-nat-add lr1 dnat_and_snat 172.16.1.22 192.168.2.2 ls2p2 00:00:0f:01:02:02 ovn-nbctl lr-nat-add lr1 dnat_and_snat 172:16::21 1112::1 ls2p1 00:00:0f:01:02:01 ovn-nbctl lr-nat-add lr1 dnat_and_snat 172:16::22 1112::2 ls2p2 00:00:0f:01:02:02 ovs-vsctl add-port br-int ls1p1 -- set interface ls1p1 type=internal external_ids:iface-id=ls1p1ip netns add ls1p1 ip link set ls1p1 netns ls1p1 ip netns exec ls1p1 ip link set ls1p1 address 00:00:01:01:01:01 ip netns exec ls1p1 ip link set ls1p1 up ip netns exec ls1p1 ip addr add 192.168.1.1/24 dev ls1p1 ip netns exec ls1p1 ip route add default via 192.168.1.254 ip netns exec ls1p1 ip addr add 1111::1/64 dev ls1p1 ip netns exec ls1p1 ip -6 route add default via 1111::a ovs-vsctl add-port br-int ls2p1 -- set interface ls2p1 type=internal external_ids:iface-id=ls2p1 ip netns add ls2p1 ip link set ls2p1 netns ls2p1 ip netns exec ls2p1 ip link set ls2p1 address 00:00:01:01:02:01 ip netns exec ls2p1 ip link set ls2p1 up ip netns exec ls2p1 ip addr add 192.168.2.1/24 dev ls2p1 ip netns exec ls2p1 ip route add default via 192.168.2.254 ip netns exec ls2p1 ip addr add 1112::1/64 dev ls2p1 ip netns exec ls2p1 ip -6 route add default via 1112::a ovs-vsctl add-port br-ext ext1 -- set interface ext1 type=internal ip netns add ext1 ip link set ext1 netns ext1 ip netns exec ext1 ip link set lo up ip netns exec ext1 ip link set ext1 up ip netns exec ext1 ip addr add 172.16.1.11/24 dev ext1 ip netns exec ext1 ip addr add 172:16::11/64 dev ext1 2. client: systemctl start openvswitch ovs-vsctl set open . external_ids:system-id=hv0 external_ids:ovn-remote=tcp:1.1.86.25:6642 external_ids:ovn-encap-type=geneve external_ids:ovn-encap-ip=1.1.86.26 systemctl restart ovn-controllerovs-vsctl add-br br-ext ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-mappings=phynet:br-ext ovs-vsctl add-port br-ext ens1f1np1 ip link set ens1f1np1 up ip link set br-ext upovs-vsctl add-port br-int ls2p2 -- set interface ls2p2 type=internal external_ids:iface-id=ls2p2 ip netns add ls2p2 ip link set ls2p2 netns ls2p2 ip netns exec ls2p2 ip link set ls2p2 address 00:00:01:01:02:02 ip netns exec ls2p2 ip link set ls2p2 up ip netns exec ls2p2 ip addr add 192.168.2.2/24 dev ls2p2 ip netns exec ls2p2 ip route add default via 192.168.2.254 ip netns exec ls2p2 ip addr add 1112::2/64 dev ls2p2 ip netns exec ls2p2 ip -6 route add default via 1112::a ovs-vsctl add-port br-int ls1p2 -- set interface ls1p2 type=internal external_ids:iface-id=ls1p2 ip netns add ls1p2 ip link set ls1p2 netns ls1p2 ip netns exec ls1p2 ip link set ls1p2 address 00:00:01:01:01:02 ip netns exec ls1p2 ip link set ls1p2 up ip netns exec ls1p2 ip addr add 192.168.1.2/24 dev ls1p2 ip netns exec ls1p2 ip route add default via 192.168.1.254 ip netns exec ls1p2 ip addr add 1111::2/64 dev ls1p2 ip netns exec ls1p2 ip -6 route add default via 1111::a ovs-vsctl add-port br-ext ext2 -- set interface ext2 type=internal ip netns add ext2 ip link set ext2 netns ext2 ip netns exec ext2 ip link set lo up ip netns exec ext2 ip link set ext2 up ip netns exec ext2 ip addr add 172.16.1.12/24 dev ext2 ip netns exec ext2 ip addr add 172:16::12/64 dev ext2 3. capture packet on genev_sys_6081 on server 4. ping6 FIP on ext1 ip netns exec ext1 ping6 172:16::22 -c 5
Actual result:
icmp6 can be captured on genev_sys_6081
Expected result:
icmp6 can't be captured on genev_sys_6081, all packets should go through br-ext
Other Info
[root@wsfd-advnetlab18 ovn]# tcpdump -i genev_sys_6081 -nnle -v
dropped privs to tcpdump
tcpdump: listening on genev_sys_6081, link-type EN10MB (Ethernet), snapshot length 262144 bytes
03:53:12.929936 00:00:01:ff:01:03 > 00:00:0f:01:02:02, ethertype IPv6 (0x86dd), length 118: (flowlabel 0x785a5, hlim 63, next-header ICMPv6 (58) payload length: 64) 172:16::11 > 172:16::22: [icmp6 sum ok] ICMP6, echo request, id 490, seq 1
[root@wsfd-advnetlab18 ovn]# ovn-nbctl lr-nat-list lr1
TYPE GATEWAY_PORT EXTERNAL_IP EXTERNAL_PORT LOGICAL_IP EXTERNAL_MAC LOGICAL_PORT
dnat_and_snat 172:16::21 1112::1 00:00:0f:01:02:01 ls2p1
dnat_and_snat 172:16::22 1112::2 00:00:0f:01:02:02 ls2p2
[root@wsfd-advnetlab18 test]# rpm -qa | grep -E "openvswitch3.3|ovn23.09"
openvswitch3.3-3.3.0-58.el9fdp.x86_64
python3-openvswitch3.3-3.3.0-58.el9fdp.x86_64
openvswitch3.3-ipsec-3.3.0-58.el9fdp.x86_64
ovn23.09-23.09.6-6.el9fdp.x86_64
ovn23.09-central-23.09.6-6.el9fdp.x86_64
ovn23.09-host-23.09.6-6.el9fdp.x86_64
the issue also exist on 24.G, ovn23.09-23.09.4-33.el9fdp.x86_64
