Bug 1820739

Summary: [RFE] Openvswitch fast path should cache arp entries when ovs-vswitch quits so that new connections to existing vports don't get a "No Route To Host"
Product: Red Hat Enterprise Linux Fast Datapath Reporter: Aniket Bhat <anbhat>
Component: openvswitchAssignee: Timothy Redaelli <tredaelli>
openvswitch sub component: daemons and tools QA Contact: qding
Status: NEW --- Docs Contact:
Severity: medium    
Priority: unspecified CC: ctrautma, dcbw, jhsiao
Version: RHEL 8.0   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Aniket Bhat 2020-04-03 18:41:46 UTC 
User-Agent:       Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:74.0) Gecko/20100101 Firefox/74.0
Build Identifier: 

When ovs-vswitchd process dies as a part of the pod upgrade (in openshift), any new connections to existing vports get a "No Route To Host" error. This causes a disruption of service during upgrades.

The RFE is to request that as a part of ovs-vswitchd process dying, we implement logic to prevent flows to existing vports from being denied at L2. 

For instance, we could PUT all the ARP reply flows corresponding to existing vports into the fast path to give the semblance of connectivity. We can then rely on higher level protocols such as a "SYN retransmission" to give clients a way to retry.

It is understood that this affects even existing flows in the fast path, i.e. for instance a TCP packet has a different flag set (say PSH/ACK) than what is in the fast path, without vswitchd to do conn-track, the connection may get dropped.

Reproducible: Always