Bug 1418742
Summary: | Backport OVN checksum option to downstream OVS 2.6 | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Numan Siddique <nusiddiq> |
Component: | openvswitch | Assignee: | Timothy Redaelli <tredaelli> |
Status: | CLOSED ERRATA | QA Contact: | qding |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 7.3 | CC: | aloughla, atragler, danken, kzhang, lrichard, nusiddiq, ovs-qe, qding, rhartman, tredaelli |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-07-12 15:24:15 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Numan Siddique
2017-02-02 15:34:06 UTC
This patch is applicable for OVN which I missed in the description. Hi Numan, Can you please give some suggestions on verifying the BZ? Thanks QJ By default, the tunnel checksum is enabled by OVN. If you have two chassis and Geneve tunnel established between them, when you run ovs-vsctl show, you should see "csum=true" for the geneve port. Eg. $ovs-ovsctl show Port "ovn-96c3f0-0" Interface "ovn-96c3f0-0" type: geneve options: {csum="true", key=flow, remote_ip="192.0.2.6"} You can enable or disable the tunnel checksum by running the below command on each chassis sudo ovs-vsctl set open . external_ids:ovn-encap-csum=true/false From OVN's perspective, setting the ovn-encap-csum value should get reflected in the tunnel port's option:csum value. (In reply to Numan Siddique from comment #6) > By default, the tunnel checksum is enabled by OVN. If you have two chassis > and Geneve tunnel established between them, when you run ovs-vsctl show, you > should see "csum=true" for the geneve port. > > Eg. > $ovs-ovsctl show > Port "ovn-96c3f0-0" > Interface "ovn-96c3f0-0" > type: geneve > options: {csum="true", key=flow, remote_ip="192.0.2.6"} > > > You can enable or disable the tunnel checksum by running the below command > on each chassis > > sudo ovs-vsctl set open . external_ids:ovn-encap-csum=true/false > > From OVN's perspective, setting the ovn-encap-csum value should get > reflected in the tunnel port's option:csum value. This option controls whether the outer UDP checksum is computed for Geneve tunnel encapsulation, another way to verify that this feature is working correctly would be to inspect tcpdump packet captures to see whether the outer UDP checksum for Geneve packets is always zero (csum="false") versus always non-zero (csum="true"). No effect to change external_ids:ovn-encap-csum [root@dell-per730-05 ovn]# rpm -q openvswitch openvswitch-2.6.1-10.git20161206.el7fdp.x86_64 [root@dell-per730-04 ~]# rpm -qa | grep ovn openvswitch-ovn-central-2.6.1-10.git20161206.el7fdp.x86_64 openvswitch-ovn-common-2.6.1-10.git20161206.el7fdp.x86_64 openvswitch-ovn-host-2.6.1-10.git20161206.el7fdp.x86_64 [root@dell-per730-04 ~]# [root@dell-per730-05 ovn]# ovs-vsctl set open . external_ids:ovn-encap-csum=false [root@dell-per730-05 ovn]# ovs-vsctl get open . external_ids:ovn-encap-csum "false" [root@dell-per730-05 ovn]# ovs-vsctl show 06957b2a-8fb2-48e9-8f13-fef4eeb60cf1 Bridge br-int fail_mode: secure Port "hv0_vm01_vnet1" Interface "hv0_vm01_vnet1" Port "hv0_vm01_vnet2" Interface "hv0_vm01_vnet2" Port br-int Interface br-int type: internal Port "ovn-4bd503-0" Interface "ovn-4bd503-0" type: geneve options: {csum="true", key=flow, remote_ip="192.168.1.86"} Port "hv0_vm00_vnet1" Interface "hv0_vm00_vnet1" Port "hv0_vm00_vnet2" Interface "hv0_vm00_vnet2" ovs_version: "2.6.1" [root@dell-per730-05 ovn]# Strange. I just verified it and it is working as expected. [heat-admin@overcloud-novacompute-1 ~]$ rpm -q openvswitch openvswitch-2.6.90-1.el7.centos.x86_64 [heat-admin@overcloud-novacompute-1 ~]$ rpm -q openvswitch-ovn-host openvswitch-ovn-host-2.6.1-10.git20161206.el7.centos.x86_64 [heat-admin@overcloud-novacompute-1 ~]$ sudo ovs-vsctl get open_vswitch . external_ids {hostname="overcloud-novacompute-1.localdomain", ovn-bridge-mappings="datacentre:br-ex", ovn-encap-csum="true", ovn-encap-ip="182.16.0.10", ovn-encap-type=geneve, ovn-remote="tcp:182.16.0.24:6642", system-id="1169fc23-143a-4eb3-bbc3-2129c3945fd7"} [heat-admin@overcloud-novacompute-1 ~]$ ovn-sbctl --db=tcp:182.16.0.24:6642 show Chassis "4a1aaa24-a9a9-48a8-a1c9-1e19c8f636c7" hostname: "overcloud-novacompute-0.localdomain" Encap geneve ip: "182.16.0.16" options: {csum="true"} Port_Binding "65facc81-0356-4d05-aca1-3272310bf4d6" Port_Binding "d7de27d8-0457-42c4-b026-3ed48798fe5a" Chassis "1169fc23-143a-4eb3-bbc3-2129c3945fd7" hostname: "overcloud-novacompute-1.localdomain" Encap geneve ip: "182.16.0.10" options: {csum="true"} Port_Binding "797c0c36-f888-4595-8804-98b9e35e11e0" Port_Binding "3ad7425e-a54b-482e-88ca-f98c56368b41" [heat-admin@overcloud-novacompute-1 ~]$ sudo ovs-vsctl set open_vswitch . external_ids:ovn-encap-csum=false [heat-admin@overcloud-novacompute-1 ~]$ ovn-sbctl --db=tcp:182.16.0.24:6642 show Chassis "4a1aaa24-a9a9-48a8-a1c9-1e19c8f636c7" hostname: "overcloud-novacompute-0.localdomain" Encap geneve ip: "182.16.0.16" options: {csum="false"} Port_Binding "65facc81-0356-4d05-aca1-3272310bf4d6" Port_Binding "d7de27d8-0457-42c4-b026-3ed48798fe5a" Chassis "1169fc23-143a-4eb3-bbc3-2129c3945fd7" hostname: "overcloud-novacompute-1.localdomain" Encap geneve ip: "182.16.0.10" options: {csum="false"} Port_Binding "797c0c36-f888-4595-8804-98b9e35e11e0" Port_Binding "3ad7425e-a54b-482e-88ca-f98c56368b41" [heat-admin@overcloud-novacompute-1 ~]$ [heat-admin@overcloud-novacompute-1 ~]$ [heat-admin@overcloud-novacompute-1 ~]$ sudo ovs-vsctl show ef47e930-a347-42ff-b5d3-b62774704fae Bridge br-int fail_mode: secure Port "tap797c0c36-f8" Interface "tap797c0c36-f8" Port br-int Interface br-int type: internal Port "vm1" Interface "vm1" type: internal Port "ovn-4a1aaa-0" Interface "ovn-4a1aaa-0" type: geneve options: {csum="false", key=flow, remote_ip="182.16.0.16"} ovs_version: "2.6.90" (In reply to Numan Siddique from comment #9) > > [heat-admin@overcloud-novacompute-1 ~]$ rpm -q openvswitch > openvswitch-2.6.90-1.el7.centos.x86_64 > [heat-admin@overcloud-novacompute-1 ~]$ rpm -q openvswitch-ovn-host > openvswitch-ovn-host-2.6.1-10.git20161206.el7.centos.x86_64 > We use different packages. I get packages from http://download-node-02.eng.bos.redhat.com/brewroot/packages/openvswitch/2.6.1/10.git20161206.el7fdp/x86_64/ Can you please try with the packages? And is kernel relevant? I use RHEL-7.3, kernel-3.10.0-514.el7. Thanks. Hi Numan, Could you please help have a try as in Comment#10? Thanks QJ Hi QJ, When I tested i used centos (with kernel 3.10.0-514.2...) and used the packages from the above link. I downloaded the src rpm and built myself. I no longer have the access to the setup where I tested it. I will test locally on my setup (with centos). It would be great, if it is possible for you to give access to your setup. Hi QJ, I tested locally with 2 VMs (running centos) and I could see that it's working Below are the details Node 1 ------ $ uname -a Linux v_centos 3.10.0-514.2.2.el7.x86_64 #1 SMP Tue Dec 6 23:06:41 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux $ rpm -q openvswitch-* package openvswitch-2.6.1-10.git20161206.el7fdp.x86_64.rpm is not installed package openvswitch-ovn-central-2.6.1-10.git20161206.el7fdp.x86_64.rpm is not installed package openvswitch-ovn-common-2.6.1-10.git20161206.el7fdp.x86_64.rpm is not installed package openvswitch-ovn-host-2.6.1-10.git20161206.el7fdp.x86_64.rpm is not installed $ sudo ovs-vsctl set open . external_ids:ovn-encap-csum=true [vagrant@v_centos ovs_rpms]$ sudo ovs-vsctl show e62ca127-e486-428c-a201-50d8e3e015c8 Bridge br-int fail_mode: secure Port br-int Interface br-int type: internal Port "ovn-fd902d-0" Interface "ovn-fd902d-0" type: geneve options: {csum="true", key=flow, remote_ip="10.70.1.2"} ovs_version: "2.6.1" $ sudo ovn-sbctl show Chassis "742ff26a-8025-44d9-954c-603f09042222" hostname: v_centos Encap geneve ip: "10.70.1.97" options: {csum="true"} Chassis "fd902dd0-0951-48a4-a3e8-d4b6fdcdf3d6" hostname: s_centos Encap geneve ip: "10.70.1.2" options: {csum="true"} Now if I set encap-csum to false on node 1, I see the below output $ sudo ovs-vsctl set open . external_ids:ovn-encap-csum=false [vagrant@v_centos ovs_rpms]$ sudo ovs-vsctl show e62ca127-e486-428c-a201-50d8e3e015c8 Bridge br-int fail_mode: secure Port br-int Interface br-int type: internal Port "ovn-fd902d-0" Interface "ovn-fd902d-0" type: geneve options: {csum="true", key=flow, remote_ip="10.70.1.2"} ovs_version: "2.6.1" [vagrant@v_centos ovs_rpms]$ sudo ovn-sbctl show Chassis "742ff26a-8025-44d9-954c-603f09042222" hostname: v_centos Encap geneve ip: "10.70.1.97" options: {csum="false"} Chassis "fd902dd0-0951-48a4-a3e8-d4b6fdcdf3d6" hostname: s_centos Encap geneve ip: "10.70.1.2" options: {csum="true"} # Now If I set encap-csum to false on the other node, I see the below output Node 2 ------ $ sudo ovs-vsctl set open . external_ids:ovn-encap-csum=false $ sudo ovs-vsctl show 96d4a3d7-c2d9-4179-9c0b-6e5939544340 Bridge br-int fail_mode: secure Port "ovn-742ff2-0" Interface "ovn-742ff2-0" type: geneve options: {csum="false", key=flow, remote_ip="10.70.1.97"} Port br-int Interface br-int type: internal ovs_version: "2.6.1" Node 1 ------ $ sudo ovn-sbctl show Chassis "742ff26a-8025-44d9-954c-603f09042222" hostname: v_centos Encap geneve ip: "10.70.1.97" options: {csum="false"} Chassis "fd902dd0-0951-48a4-a3e8-d4b6fdcdf3d6" hostname: s_centos Encap geneve ip: "10.70.1.2" options: {csum="false"} $ sudo ovs-vsctl show e62ca127-e486-428c-a201-50d8e3e015c8 Bridge br-int fail_mode: secure Port "ovn-fd902d-0" Interface "ovn-fd902d-0" type: geneve options: {csum="false", key=flow, remote_ip="10.70.1.2"} Port br-int Interface br-int type: internal ovs_version: "2.6.1" I suspect you are not setting encap-csum=false on the other node. Can you share me the output of "sudo ovn-sbctl show" ? Thanks Numan Hi Numan, I set it on both machines, but it still fails. The log for both machines are as below. You can use the machines with user(root) and passwd(redhat). Thanks. dell-per730-04.rhts.eng.pek2.redhat.com dell-per730-05.rhts.eng.pek2.redhat.com [root@dell-per730-04 ~]# ovs-vsctl get open . external_ids:ovn-encap-csum "false" [root@dell-per730-04 ~]# ovn-sbctl show Chassis "0d4c15f3-73a4-48f4-98fa-dfccad59f2e7" hostname: "dell-per730-04.rhts.eng.pek2.redhat.com" Encap geneve ip: "192.168.1.86" options: {csum="true"} Port_Binding "5473c488-1990-40bb-ba3a-ab68ea49b7b3" Port_Binding "hv1_vm00_vnet2" Port_Binding "hv1_vm00_vnet1" Chassis "6df092f5-8b56-414b-8c5d-07580de1667a" hostname: "dell-per730-05.rhts.eng.pek2.redhat.com" Encap geneve ip: "192.168.1.182" options: {csum="true"} Port_Binding "hv0_vm00_vnet1" Port_Binding "hv0_vm01_vnet1" Port_Binding "hv0_vm01_vnet2" Port_Binding "hv0_vm00_vnet2" [root@dell-per730-04 ~]# ovs-vsctl show 6c66ee7d-fd38-4540-963a-3a4d5896d42c Bridge br-int fail_mode: secure Port "ovn-6df092-0" Interface "ovn-6df092-0" type: geneve options: {csum="true", key=flow, remote_ip="192.168.1.182"} Port br-int Interface br-int type: internal Port "hv1_vm00_vnet1" Interface "hv1_vm00_vnet1" Port "vnet1" Interface "vnet1" Port "hv1_vm00_vnet2" Interface "hv1_vm00_vnet2" ovs_version: "2.6.1" [root@dell-per730-04 ~]# [root@dell-per730-05 ~]# ovs-vsctl get open . external_ids:ovn-encap-csum "false" [root@dell-per730-05 ~]# ovs-vsctl show dc842a50-d04d-4c91-bc91-dd50e5ae8f79 Bridge br-int fail_mode: secure Port "ovn-0d4c15-0" Interface "ovn-0d4c15-0" type: geneve options: {csum="true", key=flow, remote_ip="192.168.1.86"} Port "hv0_vm01_vnet2" Interface "hv0_vm01_vnet2" Port "hv0_vm00_vnet2" Interface "hv0_vm00_vnet2" Port "hv0_vm01_vnet1" Interface "hv0_vm01_vnet1" Port br-int Interface br-int type: internal Port "hv0_vm00_vnet1" Interface "hv0_vm00_vnet1" ovs_version: "2.6.1" [root@dell-per730-05 ~]# I logged into the machines and I found an issue with the machine - dell-per730-04. It was not configured with the IP address - 192.168.1.86 on the interface p5p1. So I added the ip #ip addr add 192.168.1.86/24 dev p5p1 It's working as expected. (In reply to Numan Siddique from comment #15) Thanks so much. [root@dell-per730-04 ovn]# rpm -qa | grep openvswitch openvswitch-ovn-central-2.6.1-10.git20161206.el7fdp.x86_64 openvswitch-ovn-common-2.6.1-10.git20161206.el7fdp.x86_64 openvswitch-ovn-host-2.6.1-10.git20161206.el7fdp.x86_64 openvswitch-2.6.1-10.git20161206.el7fdp.x86_64 [root@dell-per730-04 ovn]# [root@dell-per730-04 ovn]# ovs-vsctl show a891e750-87ba-466d-b2db-89078c8dc0bf Bridge br-int fail_mode: secure Port "hv1_vm00_vnet2" Interface "hv1_vm00_vnet2" Port br-int Interface br-int type: internal Port "ovn-a3fd2e-0" Interface "ovn-a3fd2e-0" type: geneve options: {csum="true", key=flow, remote_ip="192.168.1.182"} Port "hv1_vm00_vnet1" Interface "hv1_vm00_vnet1" ovs_version: "2.6.1" [root@dell-per730-04 ovn]# ovs-vsctl set open . external_ids:ovn-encap-csum=false [root@dell-per730-04 ovn]# ovs-vsctl show a891e750-87ba-466d-b2db-89078c8dc0bf Bridge br-int fail_mode: secure Port "hv1_vm00_vnet2" Interface "hv1_vm00_vnet2" Port br-int Interface br-int type: internal Port "ovn-a3fd2e-0" Interface "ovn-a3fd2e-0" type: geneve options: {csum="true", key=flow, remote_ip="192.168.1.182"} Port "hv1_vm00_vnet1" Interface "hv1_vm00_vnet1" ovs_version: "2.6.1" [root@dell-per730-04 ovn]# ovs-vsctl show a891e750-87ba-466d-b2db-89078c8dc0bf Bridge br-int fail_mode: secure Port "hv1_vm00_vnet2" Interface "hv1_vm00_vnet2" Port br-int Interface br-int type: internal Port "ovn-a3fd2e-0" Interface "ovn-a3fd2e-0" type: geneve options: {csum="false", key=flow, remote_ip="192.168.1.182"} Port "hv1_vm00_vnet1" Interface "hv1_vm00_vnet1" ovs_version: "2.6.1" [root@dell-per730-04 ovn]# ovn-sbctl show Chassis "a3fd2ed0-5839-43c5-9a1f-39ccb33d0a7e" hostname: "dell-per730-05.rhts.eng.pek2.redhat.com" Encap geneve ip: "192.168.1.182" options: {csum="false"} Port_Binding "hv0_vm00_vnet2" Port_Binding "hv0_vm01_vnet2" Port_Binding "hv0_vm01_vnet1" Port_Binding "hv0_vm00_vnet1" Chassis "7e1361c0-8ccd-40a8-8b16-49463c55ea52" hostname: "dell-per730-04.rhts.eng.pek2.redhat.com" Encap geneve ip: "192.168.1.86" options: {csum="false"} Port_Binding "hv1_vm00_vnet2" Port_Binding "hv1_vm00_vnet1" [root@dell-per730-04 ovn]# [root@dell-per730-04 ovn]# ovs-vsctl set open . external_ids:ovn-encap-csum=true [root@dell-per730-04 ovn]# tshark -nV -c5 -i p5p1 host 192.168.1.86 and udp port 6081 -T fields -e udp.checksum Running as user "root" and group "root". This could be dangerous. Capturing on 'p5p1' 0x0000527d 0x0000a852 0x0000527d 0x0000a852 0x0000527d 5 packets captured [root@dell-per730-04 ovn]# ovs-vsctl set open . external_ids:ovn-encap-csum=false [root@dell-per730-04 ovn]# tshark -nV -c5 -i p5p1 host 192.168.1.86 and udp port 6081 -T fields -e udp.checksum Running as user "root" and group "root". This could be dangerous. Capturing on 'p5p1' 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 5 packets captured [root@dell-per730-04 ovn]# ovs-vsctl set open . external_ids:ovn-encap-csum=true [root@dell-per730-04 ovn]# tshark -nV -c5 -i p5p1 host 192.168.1.86 and udp port 6081 -T fields -e udp.checksum Running as user "root" and group "root". This could be dangerous. Capturing on 'p5p1' 0x0000527d 0x0000a852 0x0000527d 0x0000a852 0x0000527d 5 packets captured [root@dell-per730-04 ovn]# |