1007158 – OVS flow rules should strip vlan for tunnel data

Bug 1007158 - OVS flow rules should strip vlan for tunnel data

Summary: OVS flow rules should strip vlan for tunnel data

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	openstack-neutron
Sub Component:
Version:	3.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	urgent
Severity:	urgent
Target Milestone:	beta
Target Release:	4.0
Assignee:	Bob Kukura
QA Contact:	Ofer Blaut
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1017414
TreeView+	depends on / blocked

Reported:	2013-09-12 03:22 UTC by Bob Kukura
Modified:	2018-12-03 19:55 UTC (History)
CC List:	10 users (show)
Fixed In Version:	openstack-neutron-openvswitch-2013.2-0.3.2.b3
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Clones:	1017414 (view as bug list)
Environment:
Last Closed:	2013-12-20 00:24:15 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
GRE traffic between hosts (19.29 KB, application/octet-stream) 2013-11-24 06:30 UTC, Ofer Blaut	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Launchpad	1224244	0	None	None	None	Never
Red Hat Product Errata	RHEA-2013:1859	0	normal	SHIPPED_LIVE	Red Hat Enterprise Linux OpenStack Platform Enhancement Advisory	2013-12-21 00:01:48 UTC

Description Bob Kukura 2013-09-12 03:22:44 UTC

Description of problem:

GRE tunnel payloads in grizzly contain the local VLAN tag used on the sending side's integration bridge. This serves no purpose, wastes bandwidth, exacerbates MTU issues, and slows processing in the kernel. It can easily be addressed by adding a strip_vlan action to the set_tunnel flow rule.

Note that the flow rules have changed substantially in havana, and include the strip_vlan action. Grizzly needs its own fix rather than a back-port from havana.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. configure multi-node setup with GRE tenant networks
2. ping one VM from another on a different node
3. use tcpdump to inspect the GRE packets

Actual results:

The GRE payloads contain unneeded 802.1Q headers.


Expected results:

No 802.1Q header in GRE payloads.


Additional info:

Comment 2 Perry Myers 2013-09-12 14:50:25 UTC

We need to consider this for rhos 3.0.z as well, since current users are hitting these performance issues.  Flagging for 3.0.z

Comment 6 Bob Kukura 2013-11-19 14:56:24 UTC

The upstream havana openswitch-agent code has significantly reworked the OVS flow rules, and one result is that the VLAN tags are now stripped from tunnel payloads. This can be verified by looking at the rules with ovs-ofctl or looking at the tunnel traffic with tcpdump.

Comment 7 Ofer Blaut 2013-11-24 06:30:46 UTC

Created attachment 828224 [details]
GRE traffic between hosts

Comment 8 Ofer Blaut 2013-11-24 06:32:52 UTC

Few weeks ago I have checked  GRE traffic between hosts & router no VLAN have been seen , attached capture

Comment 11 errata-xmlrpc 2013-12-20 00:24:15 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHEA-2013-1859.html

Note You need to log in before you can comment on or make changes to this bug.