Bug 1903224

Summary: [OVN-SCALE] ovn-controller: Optimize openflow generation for Load Balancer hairpin flows.
Product: Red Hat Enterprise Linux Fast Datapath Reporter: Dumitru Ceara <dceara>
Component: ovn2.13Assignee: Dumitru Ceara <dceara>
Status: CLOSED ERRATA QA Contact: Jianlin Shi <jishi>
Severity: high Docs Contact:
Priority: high    
Version: FDP 20.HCC: ctrautma, dblack, dcbw, dceara, jishi, jlema, mark.d.gray, mmichels, nusiddiq, ralongi, trozet
Target Milestone: ---Keywords: TestBlocker
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-02-03 21:55:09 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1903265    

Description Dumitru Ceara 2020-12-01 16:44:00 UTC 
Description of problem:

The fix for bug 1833373 optimized the OVN Southbound representation of Load Balancers thus reducing significantly the number of SB Logical_Flows required to handle hairpin load balanced traffic.

However, the number of Openflows that get generated didn't change.

This bug is a placeholder to track investigation of possible optimizations OVN can implement to also reduce the number of Openflows (e.g., do not install hairpin flows for non-local backends).
Comment 1 Dan Williams 2020-12-11 19:04:53 UTC 
Related upstream patch: http://patchwork.ozlabs.org/project/ovn/patch/1607681529-2217-1-git-send-email-dceara@redhat.com/
Comment 6 Jianlin Shi 2020-12-24 06:04:38 UTC 
tested with following script:

systemctl start openvswitch
systemctl start ovn-northd
ovn-nbctl set-connection ptcp:6641
ovn-sbctl set-connection ptcp:6642
ovs-vsctl set open . external_ids:system-id=hv1 external_ids:ovn-remote=tcp:20.0.161.25:6642 external_ids:ovn-encap-type=geneve external_ids:ovn-encap-ip=20.0.161.25
systemctl restart ovn-controller

ovn-nbctl ls-add ls1
ovn-nbctl lsp-add ls1 ls1p1
#ovn-nbctl lsp-set-addresses ls1p1 "00:00:00:01:01:02 2001::1 192.168.1.1"
ovn-nbctl lsp-set-addresses ls1p1 "00:00:00:01:01:02 192.168.1.1 2001::1"
ovn-nbctl lsp-add ls1 ls1p2
ovn-nbctl lsp-set-addresses ls1p2 "00:00:00:01:02:02 192.168.1.2 2001::2"
ovn-nbctl lr-add lr1
ovn-nbctl lrp-add lr1 lr1-ls1 00:00:00:00:00:01 192.168.1.254/24 2001::a/64
ovn-nbctl lsp-add ls1 ls1-lr1
ovn-nbctl lsp-set-addresses ls1-lr1 "00:00:00:00:00:01 192.168.1.254 2001::a"
ovn-nbctl lsp-set-type ls1-lr1 router
ovn-nbctl lsp-set-options ls1-lr1 router-port=lr1-ls1

ovn-nbctl lrp-add lr1 lr1-ls2 00:00:00:00:00:02 192.168.2.254/24 2002::a/64

ovn-nbctl ls-add ls2
ovn-nbctl lsp-add ls2 ls2-lr1
ovn-nbctl lsp-set-addresses ls2-lr1 "00:00:00:00:00:02 192.168.2.254 2002::a"
ovn-nbctl lsp-set-type ls2-lr1 router
ovn-nbctl lsp-set-options ls2-lr1 router-port=lr1-ls2
ovn-nbctl lsp-add ls2 ls2p1
ovn-nbctl lsp-set-addresses ls2p1 "00:00:00:02:01:02 192.168.2.1 2002::1"

ovn-nbctl lsp-add ls1 ls1p3
ovs-vsctl add-portabr-intels1p1p--"set0interface3ls1p19type=internal1external_ids:iface-id=ls1p1
ovs-vsctl add-port br-int ls1p2 -- set interface ls1p2 type=internal external_ids:iface-id=ls1p2
ovs-vsctl add-port br-int ls1p3 -- set interface ls1p3 type=internal external_ids:iface-id=ls1p3
ovn-nbctl lb-addrlb0r192.168.1.100 192.168.1.1,192.168.1.2,192.168.1.3xternal_ids:iface-id=ls2p1
ovn-nbctl ls-lb-add ls1 lb0
ovn-nbctl ls-lb-add ls2 lb0


result on 20.09.0-23:
[root@wsfd-advnetlab17 bz1867185]# rpm -qa | grep -E "openvswitch2.13|ovn2.13"
ovn2.13-central-20.09.0-23.el8fdp.x86_64
python3-openvswitch2.13-2.13.0-77.el8fdp.x86_64
ovn2.13-host-20.09.0-23.el8fdp.x86_64
ovn2.13-20.09.0-23.el8fdp.x86_64
openvswitch2.13-2.13.0-77.el8fdp.x86_64
[root@wsfd-advnetlab17 bz1867185]# ovs-ofctl dump-flows br-int table=68
 cookie=0xaa67a8, duration=6.643s, table=68, n_packets=0, n_bytes=0, priority=100,ip,metadata=0x3,nw_src=192.168.1.1,nw_dst=192.168.1.1 actions=load:0x1->NXM_NX_REG10[7]
 cookie=0xaa67a8, duration=6.643s, table=68, n_packets=0, n_bytes=0, priority=100,ip,metadata=0x1,nw_src=192.168.1.1,nw_dst=192.168.1.1 actions=load:0x1->NXM_NX_REG10[7]
 cookie=0xaa67a8, duration=6.643s, table=68, n_packets=0, n_bytes=0, priority=100,ip,metadata=0x3,nw_src=192.168.1.2,nw_dst=192.168.1.2 actions=load:0x1->NXM_NX_REG10[7]
 cookie=0xaa67a8, duration=6.643s, table=68, n_packets=0, n_bytes=0, priority=100,ip,metadata=0x1,nw_src=192.168.1.2,nw_dst=192.168.1.2 actions=load:0x1->NXM_NX_REG10[7]
 cookie=0xaa67a8, duration=6.643s, table=68, n_packets=0, n_bytes=0, priority=100,ip,metadata=0x3,nw_src=192.168.1.3,nw_dst=192.168.1.3 actions=load:0x1->NXM_NX_REG10[7]
 cookie=0xaa67a8, duration=6.643s, table=68, n_packets=0, n_bytes=0, priority=100,ip,metadata=0x1,nw_src=192.168.1.3,nw_dst=192.168.1.3 actions=load:0x1->NXM_NX_REG10[7]

<==== 6 flows

result on 20.12.0-1:
[root@wsfd-advnetlab17 bz1867185]# rpm -qa | grep -E "openvswitch2.13|ovn2.13"
python3-openvswitch2.13-2.13.0-77.el8fdp.x86_64
ovn2.13-central-20.12.0-1.el8fdp.x86_64
ovn2.13-host-20.12.0-1.el8fdp.x86_64
openvswitch2.13-2.13.0-77.el8fdp.x86_64
ovn2.13-20.12.0-1.el8fdp.x86_64
[root@wsfd-advnetlab17 bz1867185]# ovs-ofctl dump-flows br-int table=68
 cookie=0xbc01eadb, duration=101.933s, table=68, n_packets=0, n_bytes=0, priority=100,ct_label=0x2/0x2,ip,nw_src=192.168.1.1,nw_dst=192.168.1.1 actions=load:0x1->NXM_NX_REG10[7]
 cookie=0xbc01eadb, duration=101.933s, table=68, n_packets=0, n_bytes=0, priority=100,ct_label=0x2/0x2,ip,nw_src=192.168.1.2,nw_dst=192.168.1.2 actions=load:0x1->NXM_NX_REG10[7]
 cookie=0xbc01eadb, duration=101.933s, table=68, n_packets=0, n_bytes=0, priority=100,ct_label=0x2/0x2,ip,nw_src=192.168.1.3,nw_dst=192.168.1.3 actions=load:0x1->NXM_NX_REG10[7]

<=== 3 flows

Dumitru, the flows are optimized, right?
Comment 7 Dumitru Ceara 2021-01-04 08:46:16 UTC 
(In reply to Jianlin Shi from comment #6)

[...]

> 
> Dumitru, the flows are optimized, right?

Looks good to me, thanks!
Comment 8 Jianlin Shi 2021-01-05 02:10:15 UTC 
also verified on rhel7:

[root@wsfd-advnetlab18 bz1903224]# ovs-ofctl dump-flows br-int table=68
 cookie=0xe23ea1bb, duration=7.692s, table=68, n_packets=0, n_bytes=0, priority=100,ct_label=0x2/0x2,ip,nw_src=192.168.1.1,nw_dst=192.168.1.1 actions=load:0x1->NXM_NX_REG10[7]
 cookie=0xe23ea1bb, duration=7.692s, table=68, n_packets=0, n_bytes=0, priority=100,ct_label=0x2/0x2,ip,nw_src=192.168.1.2,nw_dst=192.168.1.2 actions=load:0x1->NXM_NX_REG10[7]
 cookie=0xe23ea1bb, duration=7.692s, table=68, n_packets=0, n_bytes=0, priority=100,ct_label=0x2/0x2,ip,nw_src=192.168.1.3,nw_dst=192.168.1.3 actions=load:0x1->NXM_NX_REG10[7]
[root@wsfd-advnetlab18 bz1903224]# rpm -qa | grep -E "ovn2.13|openvswitch2.13"
openvswitch2.13-2.13.0-71.el7fdp.x86_64                                                               
ovn2.13-host-20.12.0-1.el7fdp.x86_64                                                                  
python3-openvswitch2.13-2.13.0-71.el7fdp.x86_64                                                       
ovn2.13-central-20.12.0-1.el7fdp.x86_64                                                               
ovn2.13-20.12.0-1.el7fdp.x86_64
Comment 10 errata-xmlrpc 2021-02-03 21:55:09 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (ovn2.13 bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:0407