Bug 1833373

Summary: [OVN SCALE] Improve Load Balancer Hairpin detection/scalability
Product: Red Hat Enterprise Linux Fast Datapath Reporter: Dumitru Ceara <dceara>
Component: OVNAssignee: Numan Siddique <nusiddiq>
Status: CLOSED ERRATA QA Contact: ying xu <yinxu>
Severity: low Docs Contact:
Priority: low    
Version: FDP 20.CCC: ctrautma, dcbw, mark.d.gray, nusiddiq, trozet
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ovn2.13-20.09.0-14 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-03-25 19:06:08 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1859924    

Description Dumitru Ceara 2020-05-08 14:26:44 UTC 
Description of problem:
In order to detect that the backend selected for load balanced traffic is actually the source of the traffic (i.e., hairpin) OVN currently creates 2 logical flows per VIP in table LS_IN_PRE_HAIRPIN. The flow match field looks like:

Initiator traffic:
(ip.src == backend-ip1 && ip.dst == backend-ip2) || .. || (ip.src == backend-ipn && ip.dst == backend-ipn)

Reply traffic:
((ip.src == backend-ip1) || .. || (ip.src == backend-ipn)) && ip.dst = VIP

This gets processed by ovn-controller and translated into 2 * N openflow entries.

A better approach would be to create a new SB DB table, e.g., Hairpin_Endpoints with columns
- datapath
- dest_ip (VIP)
- dest_port (VIP-port)
- proto
- sources (list of backend IPs & ports)

ovn-northd would populate this table for all Load_Balancer VIPs (currently hairpin is supported only for logical switches but could be extended to logical routers too) and ovn-controller would generate the required openflow entries that perform hairpin detection.
Comment 2 Dan Williams 2021-03-25 19:06:08 UTC 
Shipped in FDP 20.I