Bug 2069783

*** Bug 2069668 has been marked as a duplicate of this bug. ***

*** Bug 2069714 has been marked as a duplicate of this bug. ***

Patch posted https://patchwork.ozlabs.org/project/ovn/patch/20220425082642.1367462-1-amusil@redhat.com/

### Reproduced on 

[root@bz-2069783 ~]# rpm -qa |grep -E 'ovn|openvswitch'
openvswitch-selinux-extra-policy-1.0-28.el8fdp.noarch
ovn-2021-21.12.0-11.el8fdp.x86_64
ovn-2021-central-21.12.0-11.el8fdp.x86_64
ovn-2021-host-21.12.0-11.el8fdp.x86_64
openvswitch2.15-2.15.0-93.el8fdp.x86_64

The setup/reproducer needs two controllers, hv1 and hv0 in following reproducer:

######### HV1 ###########

systemctl start ovn-northd
ovn-nbctl set-connection ptcp:6641
ovn-sbctl set-connection ptcp:6642
systemctl start openvswitch
ovs-vsctl set open . external_ids:system-id=hv1

ovs-vsctl set open . external_ids:ovn-remote=tcp:192.168.20.1:6642
ovs-vsctl set open . external_ids:ovn-encap-type=geneve
ovs-vsctl set open . external_ids:ovn-encap-ip=192.168.20.1
ovs-vsctl set open . external_ids:ovn-monitor-all=true
systemctl start ovn-controller

ovs-vsctl add-br br-ex
ovs-vsctl set open . external_ids:ovn-bridge-mappings=physnet1:br-ex

ovn-nbctl ls-add public
ovn-nbctl ls-add internal

ovn-nbctl lsp-add public ln_port
ovn-nbctl lsp-set-addresses ln_port unknown
ovn-nbctl lsp-set-type ln_port localnet
ovn-nbctl lsp-set-options ln_port network_name=physnet1

ovn-nbctl lsp-add public public-gw
ovn-nbctl lsp-set-type public-gw router
ovn-nbctl lsp-set-addresses public-gw 00:00:00:00:10:00 router
ovn-nbctl lsp-set-options public-gw router-port=gw-public

ovn-nbctl lsp-add internal internal-gw
ovn-nbctl lsp-set-type internal-gw router
ovn-nbctl lsp-set-addresses internal-gw router
ovn-nbctl lsp-set-options internal-gw router-port=gw-internal

ovn-nbctl lsp-add internal vm0
ovn-nbctl lsp-set-addresses vm0 "00:00:00:00:20:10 192.168.20.10"

ovn-nbctl lsp-add internal vm1
ovn-nbctl lsp-set-addresses vm1 "00:00:00:00:20:11 192.168.20.11"

ovn-nbctl lr-add gw
ovn-nbctl lrp-add gw gw-public 00:00:00:00:10:00 192.168.10.1/24
ovn-nbctl lrp-add gw gw-internal 00:00:00:00:20:00 192.168.20.1/24

ovn-nbctl lr-nat-add gw dnat_and_snat 192.168.10.100 192.168.20.10
ovn-nbctl lr-nat-add gw dnat_and_snat 192.168.10.101 192.168.20.11

ovn-nbctl lrp-set-gateway-chassis gw-public hv1 2

ip netns add ext0
ovs-vsctl add-port br-ex ext0 -- set interface ext0 type=internal
ip netns exec ext0 ip link set lo up
ip link set ext0 netns ext0
ip netns exec ext0 ip link set ext0 address 00:00:00:00:10:10
ip netns exec ext0 ip link set ext0 up
ip netns exec ext0 ip addr add 192.168.10.10/24 dev ext0
ip netns exec ext0 ip route add default via 192.168.10.1 dev ext0

ip netns add vm0
ovs-vsctl add-port br-int vm0 -- set interface vm0 type=internal
ip netns exec vm0 ip link set lo up
ip link set vm0 netns vm0
ip netns exec vm0 ip link set vm0 address 00:00:00:00:20:10
ip netns exec vm0 ip link set vm0 up
ip netns exec vm0 ip addr add 192.168.20.10/24 dev vm0
ip netns exec vm0 ip route add default via 192.168.20.1 dev vm0
ovs-vsctl set interface vm0 external_ids:iface-id=vm0

######### HV0 ###########
systemctl start ovn-northd
systemctl start openvswitch
ovs-vsctl set open . external_ids:system-id=hv0

ovs-vsctl set open . external_ids:ovn-remote=tcp:192.168.20.1:6642
ovs-vsctl set open . external_ids:ovn-encap-type=geneve
ovs-vsctl set open . external_ids:ovn-encap-ip=192.168.20.2
ovs-vsctl set open . external_ids:ovn-monitor-all=true
systemctl start ovn-controller

ovs-vsctl add-br br-ex
ovs-vsctl set open . external_ids:ovn-bridge-mappings=physnet1:br-ex

ip netns add ext1
ovs-vsctl add-port br-ex ext1 -- set interface ext1 type=internal
ip netns exec ext1 ip link set lo up
ip link set ext1 netns ext1
ip netns exec ext1 ip link set ext1 address 00:00:00:00:10:20
ip netns exec ext1 ip link set ext1 up
ip netns exec ext1 ip addr add 192.168.10.20/24 dev ext1
ip netns exec ext1 ip route add default via 192.168.10.1 dev ext1

ip netns add vm1
ovs-vsctl add-port br-int vm1 -- set interface vm1 type=internal
ip netns exec vm1 ip link set lo up
ip link set vm1 netns vm1
ip netns exec vm1 ip link set vm1 address 00:00:00:00:20:11
ip netns exec vm1 ip link set vm1 up
ip netns exec vm1 ip addr add 192.168.20.11/24 dev vm1
ip netns exec vm1 ip route add default via 192.168.20.1 dev vm1
ovs-vsctl set interface vm1 external_ids:iface-id=vm1

##### On HV1 ###
[root@bz-2069783 ~]# ip netns exec ext0 ping -c5 192.168.10.100   # Ping successful
[root@bz-2069783 ~]# ip netns exec ext0 ping -c5 192.168.10.101   # Ping failed on non-fixed version

##### On HV0 ###
[root@bz-2069783 ~]# ovs-ofctl dump-flows br-int | grep table=66  ### no flows found
[root@bz-2069783 ~]# 

### Verified on 
[root@bz-2076604 ~]# rpm -qa |grep -E 'ovn|openvswitch'
openvswitch-selinux-extra-policy-1.0-28.el8fdp.noarch
ovn-2021-21.12.0-73.el8fdp.x86_64
ovn-2021-central-21.12.0-73.el8fdp.x86_64
ovn-2021-host-21.12.0-73.el8fdp.x86_64
openvswitch2.15-2.15.0-93.el8fdp.x86_64

##### On HV1 ###
[root@bz-2069783 ~]# ip netns exec ext0 ping -c5 192.168.10.100   # Ping successful
[root@bz-2069783 ~]# ip netns exec ext0 ping -c5 192.168.10.101   # Ping successful

##### On HV0 ###
[root@bz-2069783 ~]# ovs-ofctl dump-flows br-int | grep table=66 
cookie=0x3d53edd0, duration=43.119s, table=66, n_packets=5, n_bytes=490, idle_age=16, priority=100,reg0=0xc0a80a0a,reg15=0x1,metadata=0x3 actions=mod_dl_dst:00:00:00:00:10:10,load:0x1->NXM_NX_REG10[6]
 cookie=0xcab9be30, duration=43.119s, table=66, n_packets=0, n_bytes=0, idle_age=43, priority=100,reg0=0,reg1=0,reg2=0,reg3=0,reg15=0x1,metadata=0x3 actions=mod_dl_dst:00:00:00:00:00:00,load:0x1->NXM_NX_REG10[6]
[root@bz-2069783 ~]# 

### Also verified on 

[root@bz-2074537 ~]# rpm -qa |grep -E 'ovn|openvswitch'
 openvswitch-selinux-extra-policy-1.0-28.el8fdp.noarch
 ovn22.03-22.03.0-52.el8fdp.x86_64
 ovn22.03-host-22.03.0-52.el8fdp.x86_64
 openvswitch2.15-2.15.0-93.el8fdp.x86_64
 ovn22.03-central-22.03.0-52.el8fdp.x86_64

##### On HV1 ###
[root@bz-2069783 ~]# ip netns exec ext0 ping -c5 192.168.10.100   # Ping successful
[root@bz-2069783 ~]# ip netns exec ext0 ping -c5 192.168.10.101   # Ping successful

##### On HV0 ###
[root@bz-2069783 ~]# ovs-ofctl dump-flows br-int | grep table=66 
cookie=0x587f7642, duration=25.294s, table=66, n_packets=5, n_bytes=490, idle_age=6, priority=100,reg0=0xc0a80a0a,reg15=0x1,metadata=0x3 actions=mod_dl_dst:00:00:00:00:10:10,load:0x1->NXM_NX_REG10[6]
 cookie=0xc3be2b8f, duration=25.294s, table=66, n_packets=0, n_bytes=0, idle_age=25, priority=100,reg0=0,reg1=0,reg2=0,reg3=0,reg15=0x1,metadata=0x3 actions=mod_dl_dst:00:00:00:00:00:00,load:0x1->NXM_NX_REG10[6]
 cookie=0xfe13de51, duration=25.294s, table=66, n_packets=0, n_bytes=0, idle_age=25, priority=100,reg0=0,reg1=0,reg2=0,reg3=0,reg15=0x2,metadata=0x3 actions=mod_dl_dst:00:00:00:00:00:00,load:0x1->NXM_NX_REG10[6]
 [root@bz-2069783 ~]#

###And verified on

[root@wsfd-bz-2069783 ~]# rpm -qa |grep -E 'ovn|openvswitch'
openvswitch-selinux-extra-policy-1.0-31.el9fdp.noarch
openvswitch2.16-2.16.0-52.el9fdp.x86_64
ovn22.03-22.03.0-52.el9fdp.x86_64
ovn22.03-central-22.03.0-52.el9fdp.x86_64
ovn22.03-host-22.03.0-52.el9fdp.x86_64

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (ovn bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:5446