Bug 1570834 - OVN limitations when using VLAN tenant/provider networks
Summary: OVN limitations when using VLAN tenant/provider networks
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: documentation
Version: 13.0 (Queens)
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: ---
Assignee: RHOS Documentation Team
QA Contact: RHOS Documentation Team
Depends On: 1561880
TreeView+ depends on / blocked
Reported: 2018-04-23 13:43 UTC by Daniel Alvarez Sanchez
Modified: 2019-04-05 13:36 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2019-04-05 13:36:01 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1561880 0 high CLOSED OVN does not work with VLAN tenant network as expected [Regression- from ml2/ovs] 2021-02-22 00:41:40 UTC

Description Daniel Alvarez Sanchez 2018-04-23 13:43:44 UTC
Let's use this BZ to clearly document the limitations using OVN based deployments with VLAN tenant/provider networks.

Comment 2 anil venkata 2018-07-10 05:32:39 UTC
When a VM spawned on VLAN network trying to reach external network(i.e SNAT), OVN(core ovn i.e ovn-controller) is redirecting this traffic from compute node to SNAT gateway node through tunnelling. As tunnelling overhead is added to the packet during redirect, this has to be considered when assigning MTU to VLAN network (during network creation).

But we can't hard code MTU (MTU - tunnel overhead i.e 1500 - 50)for vlan networks as this can impact  provider VLAN networks created on gateway node by admin user for external connectivity (which can't have this restriction as  traffic through this network is not redirected). 

This is a limitation in core OVN. Till this limitation is addressed in core OVN, we need to block tenants creating VLAN networks with OVN driver. Because of these reasons, OSP Director/Tripleo in OSP13 doesn't allow tenants to create VLAN networks.

Note You need to log in before you can comment on or make changes to this bug.