Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-31556

Traffic is always coming with Native VLAN Tag instead of NAD Tag when using existing ovs `br-ex` bridge to attach additional network

XMLWordPrintable

    • No
    • 3
    • Rejected
    • False
    • Hide

      None

      Show
      None

      Description of problem:

       Traffic is always coming with Native VLAN Tag instead of NAD Tag when using existing ovs `br-ex` bridge to attach additional network.

---
## nncp shared bridge using default OVN BRIDGE BR-EX

apiVersion: nmstate.io/v1
kind: NodeNetworkConfigurationPolicy
metadata:
  name: ovs-brx-<<hostname>>
spec:
  desiredState:
    ovn:
      bridge-mappings:
      - bridge: br-ex
        localnet: localnet1
        state: present
  nodeSelector:
    kubernetes.io/hostname: <<hostname>>#### NAD CONFIGURATION OF THE SHARED BRIDGE WITH VLAN 
---
apiVersion: k8s.cni.cncf.io/v1
kind: NetworkAttachmentDefinition
metadata:
  name: nad
  namespace: default
spec:
  config: |
    {
      "name": "localnet1",
      "type": "ovn-k8s-cni-overlay",
      "cniVersion": "0.3.1",
      "topology": "localnet",
      "netAttachDefName": "default/nad",
      "vlanID": yyyy
    }
    

 A VM was created using the above NAD, Customer reported that when they try to communicate from VM, the physical switch is seeing the traffic on `xxxx` VLAN which is native VLAN instead of nad vlan 'yyyy'


The communication works fine(on correct vlan as defined in the nad) in below scenario:
1. create Dedicated bridge using other interfaces(secondary interface). OR
2. use linux bridge in place of ovs bridge.

Also customer has one more query:

`OVS Bridges doesn’t work in default namespace with VLAN tags. Although we don’t use default namespace as per our design and Red hat doesn’t recommend too but same should be specified in documentation that its not supported in default namespace.`

       

       

      Version-Release number of selected component (if applicable):

      ocp 4.15

      How reproducible:

      Not having the setup to test this, However customer tested this in their env and shared the results/observation with us.

      Steps to Reproduce:

          1. create a nad(type: ovn-k8s-cni-overlay) using a particular vlan
    2. Map the additional network to the existing  ovs bridge 'br-ex'
    3. create a VM using above NAD

      Actual results:

      1. NAD vlan tag is not working when using bridge br-ex for attaching the additional network   

2. Default namespace cannot be used when using shared or dedicated ovs bridge for attaching additional network(using vlan).

      Expected results:

          1. Existing ovs bridge `br-ex` should support communication over multiple vlans i.e NAD vlan tag should get applied on the packets from VM.

    2. Clarification on using default namespace for nad (`ovn-k8s-cni-overlay`) using vlan tags

      Additional info:

              mduarted@redhat.com Miguel Duarte de Mora Barroso
              rhn-support-mroy Manish Roy
              Weibin Liang Weibin Liang
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: