Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-9079

ICMP fragmentation needed sent to pods behind a service don't seem to reach the pods

    • ?
    • Important
    • None
    • SDN Sprint 233
    • 1
    • Rejected
    • Unspecified
    • If docs needed, set a value

      Description of problem:

      note: this was raised from the integration team, and I was asked to report the bug.

      When an application exposed via a service receives a fragmentation needed icmp message, there is no guarantee that the message will receive the right pod.

      So what happens is that the icmp message receives the wrong pod behind the service, and the mtu is not reduced. In case of services with a huge number of pods, it may take a long number of reconncetions until it converges.

      One additional note is the fact that the customer is using local traffic policy, so this needs to be taken in account when addressing the issue (if addressable).

            [OCPBUGS-9079] ICMP fragmentation needed sent to pods behind a service don't seem to reach the pods

            Since the problem described in this issue should be resolved in a recent advisory, it has been closed.

            For information on the advisory (Important: OpenShift Container Platform 4.13.0 security update), and where to find the updated files, follow the link below.

            If the solution does not work for you, open a new bug report.
            https://access.redhat.com/errata/RHSA-2023:1326

            Errata Tool added a comment - Since the problem described in this issue should be resolved in a recent advisory, it has been closed. For information on the advisory (Important: OpenShift Container Platform 4.13.0 security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2023:1326

            Marc Methot added a comment -

            Per the git repo this fix has been backported as ovn-kubernetes (4.12 branch) has been updated (req 22.12.0-4 to have the fix and it now uses 22.12.0-18)

            Marc Methot added a comment - Per the git repo this fix has been backported as ovn-kubernetes (4.12 branch) has been updated (req 22.12.0-4 to have the fix and it now uses 22.12.0-18) https://github.com/openshift/ovn-kubernetes/blob/release-4.12/Dockerfile.base#L15-L23

            I think it should have gotten backported automatically considering the OVN bumps that were done. Need to double check.

            Surya Seetharaman added a comment - I think it should have gotten backported automatically considering the OVN bumps that were done. Need to double check.

            Arnab Ghosh added a comment -

            sseethar Do we have plan to backport this to 4.12?

            Arnab Ghosh added a comment - sseethar Do we have plan to backport this to 4.12?

            An internal comment was posted with id `17067737`. Red Hatters can login to bugzilla to see this comment: https://bugzilla.redhat.com/show_bug.cgi?id=2041746#c37

            OpenShift Jira Bot added a comment - An internal comment was posted with id `17067737`. Red Hatters can login to bugzilla to see this comment: https://bugzilla.redhat.com/show_bug.cgi?id=2041746#c37

            An internal comment was posted with id `17030346`. Red Hatters can login to bugzilla to see this comment: https://bugzilla.redhat.com/show_bug.cgi?id=2041746#c36

            OpenShift Jira Bot added a comment - An internal comment was posted with id `17030346`. Red Hatters can login to bugzilla to see this comment: https://bugzilla.redhat.com/show_bug.cgi?id=2041746#c36

            An internal comment was posted with id `17030279`. Red Hatters can login to bugzilla to see this comment: https://bugzilla.redhat.com/show_bug.cgi?id=2041746#c35

            OpenShift Jira Bot added a comment - An internal comment was posted with id `17030279`. Red Hatters can login to bugzilla to see this comment: https://bugzilla.redhat.com/show_bug.cgi?id=2041746#c35

            An internal comment was posted with id `16994448`. Red Hatters can login to bugzilla to see this comment: https://bugzilla.redhat.com/show_bug.cgi?id=2041746#c34

            OpenShift Jira Bot added a comment - An internal comment was posted with id `16994448`. Red Hatters can login to bugzilla to see this comment: https://bugzilla.redhat.com/show_bug.cgi?id=2041746#c34

            An internal comment was posted with id `16993113`. Red Hatters can login to bugzilla to see this comment: https://bugzilla.redhat.com/show_bug.cgi?id=2041746#c33

            OpenShift Jira Bot added a comment - An internal comment was posted with id `16993113`. Red Hatters can login to bugzilla to see this comment: https://bugzilla.redhat.com/show_bug.cgi?id=2041746#c33

            An internal comment was posted with id `16988579`. Red Hatters can login to bugzilla to see this comment: https://bugzilla.redhat.com/show_bug.cgi?id=2041746#c32

            OpenShift Jira Bot added a comment - An internal comment was posted with id `16988579`. Red Hatters can login to bugzilla to see this comment: https://bugzilla.redhat.com/show_bug.cgi?id=2041746#c32

              sseethar Surya Seetharaman
              fpaoline@redhat.com Federico Paolinelli
              Red Hat Employee
              Konstantinos Karampogias
              Votes:
              0 Vote for this issue
              Watchers:
              20 Start watching this issue

                Created:
                Updated:
                Resolved: