Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-44444

[Pre merge Testing] IPv6 traffic can't communicate between pods on different nodes when configuring the UDN CRD with Layer 3 and role: Secondary.

XMLWordPrintable

    • Critical
    • None
    • Proposed
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      IPv6 traffic can't communicate between pods on different nodes when configuring the UDN CRD with Layer 3 and role: Secondary. But testing passed when configuring Layer2.

      Version-Release number of selected component (if applicable):

      Client Version: 4.17.0-0.nightly-2024-09-16-195350
Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
Server Version: 4.18.0-0.test-2024-11-11-032603-ci-ln-wb12crk-latest
Kubernetes Version: v1.31.2

      How reproducible:

      Always

      Steps to Reproduce:

      1. Configuring UDN CRD for pod primary network

      apiVersion: k8s.ovn.org/v1
kind: UserDefinedNetwork
metadata:
  name: udncrd-l3-primary
  namespace: test
spec:
  topology: Layer3
  layer3:
    role: Primary
    mtu: 9000
    subnets:
      - cidr: "10.100.0.0/16"
        hostSubnet: 24

      2. Configuring UDN CRD for pod Secondary network with setting topology Layer3

      apiVersion: k8s.ovn.org/v1
kind: UserDefinedNetwork
metadata:
  name: udncrd-l3-secondary
  namespace: test
spec:
  topology: Layer3
  layer3:
    role: Secondary
    mtu: 9000
    subnets:
      - cidr: "20.100.0.0/16"
        hostSubnet: 24
      - cidr: "2010:100:0::0/48"
        hostSubnet: 64

      3. Creating three pods, 2 pods in worker1 and 1 pod in worker2

      4. Verifying all pods get ip addresses for both primary and secondary interface

      $ oc get pod -o wide
NAME         READY   STATUS    RESTARTS   AGE     IP            NODE                                        NOMINATED NODE   READINESS GATES
test-pod-1   1/1     Running   0          8m6s    10.128.2.21   ip-10-0-9-181.us-east-2.compute.internal    <none>           <none>
test-pod-2   1/1     Running   0          7m58s   10.128.2.22   ip-10-0-9-181.us-east-2.compute.internal    <none>           <none>
test-pod-3   1/1     Running   0          7m54s   10.131.0.53   ip-10-0-59-123.us-east-2.compute.internal   <none>           <none>

       

      $ oc exec test-pod-1 -- ip a
3: ovn-udn1@if34: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue state UP group default 
    link/ether 0a:58:0a:64:00:04 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.100.0.4/24 brd 10.100.0.255 scope global ovn-udn1
       valid_lft forever preferred_lft forever
    inet6 fe80::858:aff:fe64:4/64 scope link 
       valid_lft forever preferred_lft forever
4: net1@if35: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue state UP group default 
    link/ether 0a:58:14:64:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 20.100.0.3/24 brd 20.100.0.255 scope global net1
       valid_lft forever preferred_lft forever
    inet6 2010:100:0:1::3/64 scope global 
       valid_lft forever preferred_lft forever
    inet6 fe80::858:14ff:fe64:3/64 scope link 
       valid_lft forever preferred_lft forever
$ oc exec test-pod-2 -- ip a
3: ovn-udn1@if37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue state UP group default 
    link/ether 0a:58:0a:64:00:06 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.100.0.6/24 brd 10.100.0.255 scope global ovn-udn1
       valid_lft forever preferred_lft forever
    inet6 fe80::858:aff:fe64:6/64 scope link 
       valid_lft forever preferred_lft forever
4: net1@if38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue state UP group default 
    link/ether 0a:58:14:64:00:05 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 20.100.0.5/24 brd 20.100.0.255 scope global net1
       valid_lft forever preferred_lft forever
    inet6 2010:100:0:1::5/64 scope global 
       valid_lft forever preferred_lft forever
    inet6 fe80::858:14ff:fe64:5/64 scope link 
       valid_lft forever preferred_lft forever
$ oc exec test-pod-3 -- ip a
3: ovn-udn1@if74: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue state UP group default 
    link/ether 0a:58:0a:64:04:04 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.100.4.4/24 brd 10.100.4.255 scope global ovn-udn1
       valid_lft forever preferred_lft forever
    inet6 fe80::858:aff:fe64:404/64 scope link 
       valid_lft forever preferred_lft forever
4: net1@if75: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue state UP group default 
    link/ether 0a:58:14:64:04:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 20.100.4.3/24 brd 20.100.4.255 scope global net1
       valid_lft forever preferred_lft forever
    inet6 2010:100:0:5::3/64 scope global 
       valid_lft forever preferred_lft forever
    inet6 fe80::858:14ff:fe64:403/64 scope link 
       valid_lft forever preferred_lft forever

       

      5. Verifying pods' communication through secondary interfaces would pass within and cross the nodes.

      Actual results:

       

      $ oc exec test-pod-3 -- curl -g [2010:100:0:1::3]:8080
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:--  0:00:06 --:--:--     0^C
$ oc exec test-pod-3 -- curl -g [2010:100:0:1::5]:8080
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:--  0:00:03 --:--:--     0^C
$ oc exec test-pod-1 -- curl -g [2010:100:0:1::5]:8080
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100    17  100    17    0     0  20681      0 --:--:-- --:--:-- --:--Hello Test Pod-2
:-- 17000
$ oc exec test-pod-3 -- curl 20.100.0.3:8080
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0Hello Test Pod-1
100    17  100    17    0     0   5851      0 --:--:-- --:--:-- --:--:--  8500
$ oc exec test-pod-3 -- curl 20.100.0.5:8080
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0Hello Test Pod-2
100    17  100    17    0     0   6805      0 --:--:-- --:--:-- --:--:--  8500

       

      Expected results:

      IPv6 traffic testing should pass when configuring both layer2 and layer3

      Additional info:

       

              bbennett@redhat.com Ben Bennett
              weliang1@redhat.com Weibin Liang
              Weibin Liang Weibin Liang
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: