Bug 2109059
Summary: | Reply to arp requests on interfaces with no ip | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Federico Paolinelli <fpaoline> |
Component: | Networking | Assignee: | Federico Paolinelli <fpaoline> |
Networking sub component: | Metal LB | QA Contact: | Greg Kopels <gkopels> |
Status: | CLOSED ERRATA | Docs Contact: | |
Severity: | medium | ||
Priority: | medium | ||
Version: | 4.11 | ||
Target Milestone: | --- | ||
Target Release: | 4.12.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | No Doc Update | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2023-01-17 19:53:06 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 2109489 |
Description
Federico Paolinelli
2022-07-20 11:03:10 UTC
*** Bug 2107516 has been marked as a duplicate of this bug. *** Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.12.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:7399 OCP-4.12.0-rc.6 1. I created a VLAN interface using an interface not connected to br-ex (the node management interface - 10.46.56.14). 767: vlan10@ens5f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 50:7c:6f:16:bc:a8 brd ff:ff:ff:ff:ff:ff inet6 fe80::ea96:cccc:bda0:ba6c/64 scope link noprefixroute valid_lft forever preferred_lft forever 2. Deployed a pod on master0. The pod is connected to the management interface of the master using a MACVLAN interface (IP address 10.46.56.132) 3. Create a L2 service with gateway 10.46.56.131. [gkopels@ ~]$ oc get service -n metallb-test NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service-bn5t9 LoadBalancer 172.30.141.98 10.46.56.131 80:31299/TCP 5m21s 4. From the pod on the master I sent a arping to the gateway 10.56.46.131 [root@testpod-vcrss /]# arping -I net1 10.46.56.131 ARPING 10.46.56.131 from 10.46.56.132 net1 Unicast reply from 10.46.56.131 [52:54:00:9D:52:91] 0.957ms Master0 br-ex mac Unicast reply from 10.46.56.131 [34:48:ED:F3:E2:2C] 2.421ms Unicast reply from 10.46.56.131 [34:48:ED:F3:E2:2C] 1.313ms Unicast reply from 10.46.56.131 [34:48:ED:F3:E2:2C] 0.909ms Unicast reply from 10.46.56.131 [34:48:ED:F3:E2:2C] 0.876ms Unicast reply from 10.46.56.131 [34:48:ED:F3:E2:2C] 0.946ms The only two interfaces that answered were the gateway on the announcing node and the master0 interface where the pod is deployed. I am unable to cause the L2 vlan10 interface to answer the arp request. 1. The new VLAN interface recieves the arp request sh-4.4# tcpdump -i vlan10 arp dropped privs to tcpdump tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on vlan10, link-type EN10MB (Ethernet), capture size 262144 bytes 14:15:11.456822 ARP, Request who-has 10.46.56.131 (Broadcast) tell 10.46.56.131, length 46 14:15:11.456851 ARP, Reply 10.46.56.131 is-at 50:7c:6f:16:bd:98 (oui Unknown), length 46 14:15:12.557653 ARP, Request who-has 10.46.56.131 (Broadcast) tell 10.46.56.131, length 46 2. However because it is configured with VLAN id 10 it is not propagated across the switch. The bug fix is validated |