Bug 1916842
Summary: | --may-exist does not work correctly on lr-route-add | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux Fast Datapath | Reporter: | Tim Rozet <trozet> |
Component: | OVN | Assignee: | lorenzo bianconi <lorenzo.bianconi> |
Status: | CLOSED ERRATA | QA Contact: | Jianlin Shi <jishi> |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | RHEL 8.0 | CC: | cpaquin, ctrautma, kholtz, lorenzo.bianconi, pibanezr |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | ovn2.13-20.12.0-18.el8fdn | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2021-03-15 14:34:36 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Tim Rozet
2021-01-15 16:33:05 UTC
tested with following script: systemctl start openvswitch systemctl start ovn-northd ovn-nbctl set-connection ptcp:6641 ovn-sbctl set-connection ptcp:6642 ovs-vsctl set open . external_ids:system-id=hv1 external_ids:ovn-remote=tcp:1.1.175.25:6642 external_ids:ovn-encap-type=geneve external_ids:ovn-encap-ip=1.1.175.25 systemctl restart ovn-controller ovn-nbctl ls-add ls1 ovn-nbctl lsp-add ls1 ls1p1 ovn-nbctl lsp-set-addresses ls1p1 "00:00:00:01:01:02 192.168.1.1 2001::1" ovn-nbctl lr-add lr1 ovn-nbctl lrp-add lr1 lr1-ls1 00:00:00:00:00:01 192.168.1.254/24 2001::a/64 ovn-nbctl lsp-add ls1 ls1-lr1 ovn-nbctl lsp-set-addresses ls1-lr1 "00:00:00:00:00:01 192.168.1.254 2001::a" ovn-nbctl lsp-set-type ls1-lr1 router ovn-nbctl lsp-set-options ls1-lr1 router-port=lr1-ls1 ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip --ecmp-symmetric-reply lr-route-add lr1 10.244.0.7/32 172.18.0.4 ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip --ecmp-symmetric-reply lr-route-add lr1 10.244.0.7/32 172.18.0.4 ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip lr-route-add lr1 10.1.0.7/32 172.18.0.4 ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip lr-route-add lr1 10.1.0.7/32 172.18.0.4 ovn-nbctl lr-route-list lr1 result on 20.12.0-17: [root@wsfd-advnetlab21 bz1916842]# rpm -qa | grep -E "openvswitch2.13|ovn2.13" openvswitch2.13-2.13.0-82.el7fdp.x86_64 ovn2.13-20.12.0-17.el7fdp.x86_64 ovn2.13-host-20.12.0-17.el7fdp.x86_64 ovn2.13-central-20.12.0-17.el7fdp.x86_64 + ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip --ecmp-symmetric-reply lr-route-add lr1 10.244.0.7/32 172.18.0.4 + ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip --ecmp-symmetric-reply lr-route-add lr1 10.244.0.7/32 172.18.0.4 + ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip lr-route-add lr1 10.1.0.7/32 172.18.0.4 + ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip lr-route-add lr1 10.1.0.7/32 172.18.0.4 + ovn-nbctl lr-route-list lr1 IPv4 Routes 10.1.0.7 172.18.0.4 src-ip 10.244.0.7 172.18.0.4 src-ip ecmp ecmp-symmetric-reply 10.244.0.7 172.18.0.4 src-ip ecmp ecmp-symmetric-reply <=== duplicated route for ecmp result on 20.12.0-20: + ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip --ecmp-symmetric-reply lr-route-add lr1 10.244.0.7/32 172.18.0.4 + ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip --ecmp-symmetric-reply lr-route-add lr1 10.244.0.7/32 172.18.0.4 ovn-nbctl: duplicate nexthop for the same ECMP route <=== error is reported + ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip lr-route-add lr1 10.1.0.7/32 172.18.0.4 + ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip lr-route-add lr1 10.1.0.7/32 172.18.0.4 + ovn-nbctl lr-route-list lr1 IPv4 Routes 10.1.0.7 172.18.0.4 src-ip 10.244.0.7 172.18.0.4 src-ip ecmp-symmetric-reply <=== no duplicated lorenzo, error should not be reported if add duplicated route with --may-exist, right? how do you think? (In reply to Jianlin Shi from comment #1) > tested with following script: > > systemctl start openvswitch > systemctl start ovn-northd > ovn-nbctl set-connection ptcp:6641 > ovn-sbctl set-connection ptcp:6642 > ovs-vsctl set open . external_ids:system-id=hv1 > external_ids:ovn-remote=tcp:1.1.175.25:6642 > external_ids:ovn-encap-type=geneve external_ids:ovn-encap-ip=1.1.175.25 > systemctl restart ovn-controller > > ovn-nbctl ls-add ls1 > ovn-nbctl lsp-add ls1 ls1p1 > ovn-nbctl lsp-set-addresses ls1p1 "00:00:00:01:01:02 192.168.1.1 2001::1" > ovn-nbctl lr-add lr1 > ovn-nbctl lrp-add lr1 lr1-ls1 00:00:00:00:00:01 192.168.1.254/24 2001::a/64 > ovn-nbctl lsp-add ls1 ls1-lr1 > ovn-nbctl lsp-set-addresses ls1-lr1 "00:00:00:00:00:01 192.168.1.254 2001::a" > ovn-nbctl lsp-set-type ls1-lr1 router > ovn-nbctl lsp-set-options ls1-lr1 router-port=lr1-ls1 > > > ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip --ecmp-symmetric-reply > lr-route-add lr1 10.244.0.7/32 172.18.0.4 > ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip --ecmp-symmetric-reply > lr-route-add lr1 10.244.0.7/32 172.18.0.4 > > ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip lr-route-add lr1 > 10.1.0.7/32 172.18.0.4 > ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip lr-route-add lr1 > 10.1.0.7/32 172.18.0.4 > > ovn-nbctl lr-route-list lr1 > > result on 20.12.0-17: > > [root@wsfd-advnetlab21 bz1916842]# rpm -qa | grep -E > "openvswitch2.13|ovn2.13" > openvswitch2.13-2.13.0-82.el7fdp.x86_64 > ovn2.13-20.12.0-17.el7fdp.x86_64 > ovn2.13-host-20.12.0-17.el7fdp.x86_64 > ovn2.13-central-20.12.0-17.el7fdp.x86_64 > > + ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip > --ecmp-symmetric-reply lr-route-add lr1 10.244.0.7/32 172.18.0.4 > + ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip > --ecmp-symmetric-reply lr-route-add lr1 10.244.0.7/32 172.18.0.4 > + ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip lr-route-add lr1 > 10.1.0.7/32 172.18.0.4 > + ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip lr-route-add lr1 > 10.1.0.7/32 172.18.0.4 > + ovn-nbctl lr-route-list lr1 > IPv4 Routes > 10.1.0.7 172.18.0.4 src-ip > 10.244.0.7 172.18.0.4 src-ip ecmp > ecmp-symmetric-reply > 10.244.0.7 172.18.0.4 src-ip ecmp > ecmp-symmetric-reply > > <=== duplicated route for ecmp > > result on 20.12.0-20: > > + ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip > --ecmp-symmetric-reply lr-route-add lr1 10.244.0.7/32 172.18.0.4 > + ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip > --ecmp-symmetric-reply lr-route-add lr1 10.244.0.7/32 172.18.0.4 > ovn-nbctl: duplicate nexthop for the same ECMP route > > <=== error is reported > > + ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip lr-route-add lr1 > 10.1.0.7/32 172.18.0.4 > + ovn-nbctl --timeout=15 -- --may-exist --policy=src-ip lr-route-add lr1 > 10.1.0.7/32 172.18.0.4 > + ovn-nbctl lr-route-list lr1 > IPv4 Routes > 10.1.0.7 172.18.0.4 src-ip > 10.244.0.7 172.18.0.4 src-ip > ecmp-symmetric-reply > <=== no duplicated > > lorenzo, error should not be reported if add duplicated route with > --may-exist, right? how do you think? For ecmp routes (routes defined using --ecmp or --ecmp-symmetric-reply) an error is always reported for identical routes (routes defined using the same prefix, policy and next-hop) even if --may-exist is provided. For non-ecmp routes the check is performed just on prefix and policy so --may-exist allows to update the next-hop. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (ovn2.13 bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2021:0839 |