Bug 1475440 - [DOCS] Packet Flow Docs can't be right, as TCP dumps on br0 don't show packets.
[DOCS] Packet Flow Docs can't be right, as TCP dumps on br0 don't show packets.
Status: CLOSED CURRENTRELEASE
Product: OpenShift Container Platform
Classification: Red Hat
Component: Documentation (Show other bugs)
3.5.0
Unspecified Unspecified
medium Severity high
: ---
: ---
Assigned To: brice
Meng Bo
Vikram Goyal
3.7-release-plan
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-07-26 13:09 EDT by Eric Rich
Modified: 2017-09-10 20:26 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-09-10 20:26:26 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 3128381 None None None 2017-07-26 15:39 EDT

  None (edit)
Description Eric Rich 2017-07-26 13:09:32 EDT
Document URL: https://docs.openshift.com/container-platform/3.5/architecture/additional_concepts/sdn.html#sdn-packet-flow

Section Number and Name: Packet Flow

Describe the issue: If a TCP dump is taken on br0 and a pod tries to talk to another pod (no packets are captured). 

Suggestions for improvement: We need to update the packet flows to accurately show how traffic moves from one interface to another so that troubleshooting on the correct interfaces can be done when there are performance and networking related issues.  

Additional information:
Comment 1 Ryan Howe 2017-07-26 13:13:45 EDT
This diagram is more up to date. Expect for the references vxlan0  

https://docs.openshift.com/container-platform/3.5/admin_guide/sdn_troubleshooting.html#the-interfaces-on-a-node
Comment 2 Ryan Howe 2017-07-26 15:39:55 EDT
Create the following KCS: 

How to capture all OpenShift Pod traffic on a node's openvswitch br0 interface. 
https://access.redhat.com/solutions/3128381


There are other ways to capture tcp data but this is one way using the mirror feature of ovs.
Comment 3 Dan Winship 2017-08-14 09:35:04 EDT
(In reply to Eric Rich from comment #0)
> Describe the issue: If a TCP dump is taken on br0 and a pod tries to talk to
> another pod (no packets are captured). 

I think that's just an artifact of how Open vSwitch works; it must not be possible to use tcpdump on an Open vSwitch bridge. The documentation is correct about the logical flow of traffic.

(In reply to Ryan Howe from comment #1)
> This diagram is more up to date. Expect for the references vxlan0  
> 
> https://docs.openshift.com/container-platform/3.5/admin_guide/
> sdn_troubleshooting.html#the-interfaces-on-a-node

There aren't really any differences between the two docs.

I guess the use of "vxlan0" (in both docs) is not quite accurate; it's referred to by that name in the OVS rules, but the actual network interface ends up being called "vxlan_sys_4789".
Comment 4 brice 2017-08-15 00:01:56 EDT
Thanks for that, Dan. I've made a PR:

https://github.com/openshift/openshift-docs/pull/5018

Eric, as the reporter, would you say this fulfills this BZ? Is there something missing or is this not what you intended? Thanks.
Comment 5 openshift-github-bot 2017-08-24 20:41:50 EDT
Commit pushed to master at https://github.com/openshift/openshift-docs

https://github.com/openshift/openshift-docs/commit/a40c4975f4cf43fb2b8672a9a7495c65e97c0d5b
Merge pull request #5018 from bfallonf/packetflow_1475440

Bug 1475440 Corrected vxlan naming info

Note You need to log in before you can comment on or make changes to this bug.