Bug 1668746 - [OVN][DVR] Traffic from VM with FIP to external host goes out via controller node rather than compute node [regression]
Summary: [OVN][DVR] Traffic from VM with FIP to external host goes out via controller ...
Keywords:
Status: CLOSED DUPLICATE of bug 1669306
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: python-ovsdbapp
Version: 14.0 (Rocky)
Hardware: Unspecified
OS: Unspecified
urgent
urgent
Target Milestone: ---
: ---
Assignee: Terry Wilson
QA Contact: Roman Safronov
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-01-23 13:47 UTC by Roman Safronov
Modified: 2019-09-09 13:35 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-04-30 08:49:26 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Roman Safronov 2019-01-23 13:47:08 UTC 
Description of problem:
While DVR is enabled traffic from VM with FIP to external host goes out via controller node rather than compute node 

Version-Release number of selected component (if applicable):
puddle 14.0-RHEL-7/2019-01-07.1 

/var/lib/config-data/neutron/etc/neutron/neutron.conf:enable_dvr=True
/var/lib/config-data/neutron/etc/neutron/plugins/ml2/ml2_conf.ini:enable_distributed_floating_ip=True


How reproducible:
Always

Steps to Reproduce:
1.Create internal network, subnet, router, connect internal and external networks to the router. Create security group with icmp and ssh allowed. Create and start VM with the security group rules applied and connected to the internal network.
2.Create floating IP and attach to the VM
3.Try to ping external host (e.g. 8.8.8.8) from the VM

Actual results:
Traffic goes out via controller/networker host.

Expected results:
Traffic goes out via compute host.

Additional info:
external_mac not set for the nat object.

[heat-admin@controller-1 containers]$ ovn-nbctl find nat type=dnat_and_snat
_uuid               : 61e0295c-e327-41f7-8324-74929b74c84c
external_ids        : {"neutron:fip_external_mac"="fa:16:3e:57:fe:70", "neutron:fip_id"="772059ef-d0c0-4798-95de-be3e75301fb6", "neutron:fip_port_id"="95381926-1945-4e85-ac84-78f2aa35676a", "neutron:revision_number"="2", "neutron:router_name"="neutron-aeca181a-dd4d-426a-a772-9388ab25a77e"}
external_ip         : "10.0.0.216"
external_mac        : []
logical_ip          : "10.0.1.10"
logical_port        : "95381926-1945-4e85-ac84-78f2aa35676a"
type                : dnat_and_snat
Comment 1 Roman Safronov 2019-01-23 14:52:53 UTC 
Can be related to this patch https://review.openstack.org/#/c/592538/
Comment 2 Roman Safronov 2019-01-24 11:56:58 UTC 
After shutting down master chassis (controller-0 in my case) I noticed that traffic started to go out from a compute node. external_mac field for nat object was set properly.
Also after bringing controller-0 node up traffic of a vm with floating ip still was going out via compute node (as expected) and traffic from vm without floating ip was going via controller node (correct).

However I was able to reproduce the issue by recreating network, subnet, router and vm.
Comment 3 Roman Safronov 2019-01-28 12:51:52 UTC 
Possible reason for the problem is specified here https://bugzilla.redhat.com/show_bug.cgi?id=1669306#c0
Comment 4 Terry Wilson 2019-04-29 18:22:39 UTC 
Can this be closed now that https://bugzilla.redhat.com/show_bug.cgi?id=1669306 has been VERIFIED?
Comment 5 Roman Safronov 2019-04-30 08:49:26 UTC 
The issue was already fixed. Verified that DVR functionality works properly on 14.0-RHEL-7/2019-04-12.1 with python2-ovsdbapp-0.12.3-1.el7ost. See https://bugzilla.redhat.com/show_bug.cgi?id=1669306

*** This bug has been marked as a duplicate of bug 1669306 ***
Note You need to log in before you can comment on or make changes to this bug.