Bug 1719291

Summary: [OVN] Traffic to a FIP assigned to an OVN Load Balancer IP doesn't work
Product: Red Hat OpenStack Reporter: Daniel Alvarez Sanchez <dalvarez>
Component: python-networking-ovnAssignee: Maciej Józefczyk <mjozefcz>
Status: CLOSED CURRENTRELEASE QA Contact: Roman Safronov <rsafrono>
Severity: high Docs Contact:
Priority: high    
Version: 16.0 (Train)CC: amcleod, apevec, cgoncalves, chrisw, lhh, majopela, mjozefcz, njohnston, nusiddiq, rhos-maint, rsafrono, scohen, stephenm, twilson
Target Milestone: z2Keywords: Triaged, ZStream
Target Release: 16.0 (Train on RHEL 8.1)   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: python-networking-ovn-7.1.0-0.20200129045656.844540e.el8ost Doc Type: Bug Fix
Doc Text:
Previously, missing OpenFlow rules prevented load balancing floating IPs from functioning correctly. As a result, traffic passing through the OVN load balancer did not work. This update includes an additional vip entry for the load balancer row that adds the missing OpenFlow rules and floating IP traffic on OVN load balancers function correctly.
 Story Points: ---
Clone Of:
: 1788456 (view as bug list) Environment:
Last Closed: 2020-03-04 12:33:21 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1788456    
Bug Blocks: 1874874, 1676631, 1703958, 1792667    

Description Daniel Alvarez Sanchez 2019-06-11 12:38:59 UTC 
When trying to reach the FIP of an OVN Load Balancer, traffic never gets delivered to a member. However, it works with the fixed IP.
Comment 1 Daniel Alvarez Sanchez 2019-06-11 12:56:52 UTC 
Just to expand a bit after a conversation with Numan, the problem is that we can see the DNAT action happening from the FIP to the VIP of the LB but a second DNAT action is missing to translate from the VIP to the member IP address.
Comment 2 Numan Siddique 2019-06-24 11:23:53 UTC 
These patches addresses this issue - https://review.opendev.org/#/c/667027 and https://review.opendev.org/#/c/667028/
Comment 8 Maciej Józefczyk 2019-08-07 06:28:04 UTC 
The fix has been merged to upstream stable/stein: https://review.opendev.org/#/c/672647/ Waiting for sync.
Comment 23 Maciej Józefczyk 2020-01-31 10:54:07 UTC 
*** Bug 1787077 has been marked as a duplicate of this bug. ***
Comment 25 Roman Safronov 2020-02-17 14:20:54 UTC 
Verified on RHOS_TRUNK-16.0-RHEL-8-20200212.n.0 with python3-networking-ovn-7.1.0-0.20200204065607.57ac389.el8ost.noarch.rpm 

Test octavia_tempest_plugin.tests.scenario.v2.test_traffic_ops.TrafficOperationsScenarioTest.test_basic_traffic passed.

https://rhos-qe-jenkins.rhev-ci-vms.eng.rdu2.redhat.com/view/DFG/view/network/view/octavia/job/DFG-network-octavia-16_director-rhel-virthost-3cont_2comp-ipv4-geneve-provider-ovn/34/testReport/octavia_tempest_plugin.tests.scenario.v2.test_traffic_ops/TrafficOperationsScenarioTest/test_basic_traffic_id_6751135d_e15a_4e22_89f4_bfcc3408d424_/
Comment 26 Alex McLeod 2020-02-19 12:48:15 UTC 
If this bug requires doc text for errata release, please set the 'Doc Type' and provide draft text according to the template in the 'Doc Text' field. The documentation team will review, edit, and approve the text.

If this bug does not require doc text, please set the 'requires_doc_text' flag to '-'.