Description of problem: This BZ tracks the downstream backport of: https://github.com/ovn-org/ovn/commit/fdf295d5eb3af74ffb0c5ef950d6b1ad3902599a Steps to reproduce: Configure two logical routers and connect them to a logical switch. Set options:always_learn_from_arp_request=false on both routers. Configure a Floating IP on each logical router (dnat-and-snat) and set 'options:nat-addresses="router" addresses="router"' on the switch ports connected to the router. The router port should generate GARPs for the Floating IPs it owns. These GARPs should not trigger creation of MAC_Bindings in the SB DB.
reproduced on version: # rpm -qa|grep ovn ovn2.13-central-20.09.0-12.el8fdp.x86_64 ovn2.13-host-20.09.0-12.el8fdp.x86_64 ovn2.13-20.09.0-12.el8fdp.x86_64 scripts: #sw public ovn-nbctl set NB_GLOBAL . options:northd_probe_interval=180000 ovn-nbctl set connection . inactivity_probe=180000 ovs-vsctl set open . external_ids:ovn-openflow-probe-interval=180 ovs-vsctl set open . external_ids:ovn-remote-probe-interval=180000 ovn-sbctl set connection . inactivity_probe=180000 ovn-nbctl ls-add public # r1 i=1 m=0 for n in `seq 1 2`;do ovn-nbctl lr-add r${i} ovn-nbctl lrp-add r${i} r${i}_public 00:de:ad:ff:$m:$n 172.16.$m.$n/16 ovn-nbctl lrp-add r${i} r${i}_s${i} 00:de:ad:fe:$m:$n 173.$m.$n.1/24 ovn-nbctl lr-nat-add r${i} dnat_and_snat 172.16.${m}.$((n+100)) 173.$m.$n.2 ovn-nbctl lrp-set-gateway-chassis r${i}_public hv1 # s1 ovn-nbctl ls-add s${i} # s1 - r1 ovn-nbctl lsp-add s${i} s${i}_r${i} ovn-nbctl lsp-set-type s${i}_r${i} router ovn-nbctl lsp-set-addresses s${i}_r${i} "00:de:ad:fe:$m:$n 173.$m.$n.1" ovn-nbctl lsp-set-options s${i}_r${i} router-port=r${i}_s${i} # s1 - vm1 ovn-nbctl lsp-add s$i vm$i ovn-nbctl lsp-set-addresses vm$i "00:de:ad:01:$m:$n 173.$m.$n.2" ovn-nbctl lrp-add r$i r${i}_public 40:44:00:00:$m:$n 172.16.$m.$n/16 ovn-nbctl lsp-add public public_r${i} ovn-nbctl lsp-set-type public_r${i} router ovn-nbctl lsp-set-addresses public_r${i} router ovn-nbctl lsp-set-options public_r${i} router-port=r${i}_public nat-addresses=router addresses=router # ovn-nbctl set logical_router r${i} options:always_learn_from_arp_request=false let i++ done ovn-nbctl lsp-add public ln_p1 ovn-nbctl lsp-set-addresses ln_p1 unknown ovn-nbctl lsp-set-type ln_p1 localnet ovn-nbctl lsp-set-options ln_p1 network_name=nattest ovn-nbctl show ovn-sbctl show sync_set client $FUNCNAME sync_wait client $FUNCNAME ovs-vsctl show #add host vm1 ip netns add vm1 ovs-vsctl add-port br-int vm1 -- set interface vm1 type=internal ip link set vm1 netns vm1 ip netns exec vm1 ip link set vm1 address 00:de:ad:01:00:01 ip netns exec vm1 ip addr add 173.0.1.2/24 dev vm1 ip netns exec vm1 ip link set vm1 up ovs-vsctl set Interface vm1 external_ids:iface-id=vm1 ip netns add vm2 ovs-vsctl add-port br-int vm2 -- set interface vm2 type=internal ip link set vm2 netns vm2 ip netns exec vm2 ip link set vm2 address 00:de:ad:01:00:02 ip netns exec vm2 ip addr add 173.0.2.2/24 dev vm2 ip netns exec vm2 ip link set vm2 up ovs-vsctl set Interface vm2 external_ids:iface-id=vm2 ip netns add vm3 ovs-vsctl add-port br-int vm3 -- set interface vm3 type=internal ip link set vm3 netns vm3 ip netns exec vm3 ip link set vm3 address 00:de:ad:01:00:03 ip netns exec vm3 ip addr add 173.0.3.2/24 dev vm3 ip netns exec vm3 ip link set vm3 up ovs-vsctl set Interface vm3 external_ids:iface-id=vm3 #set provide network ovs-vsctl add-br nat_test ip link set nat_test up ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-mappings=nattest:nat_test #ovs-vsctl add-port nat_test $nic_test2 #ip link set $nic_test2 up ip netns add vm0 ip link set vm0 netns vm0 ip netns exec vm0 ip link set vm0 address 00:00:00:00:00:01 ip netns exec vm0 ip addr add 172.16.0.100/16 dev vm0 ip netns exec vm0 ip link set vm0 up ovs-vsctl add-port nat_test vm0 -- set interface vm0 type=internal ip link set vm0 netns vm0 ip netns exec vm0 ip link set vm0 address 00:00:00:00:00:01 ip netns exec vm0 ip addr add 172.16.0.100/16 dev vm0 ip netns exec vm0 ip link set vm0 up ovs-vsctl set Interface vm0 external_ids:iface-id=vm0 ip netns exec vm1 ip route add default via 173.0.1.1 ip netns exec vm2 ip route add default via 173.0.2.1 ip netns exec vm3 ip route add default via 173.0.3.1 rlRun "ovn-nbctl set logical_router r1 options:always_learn_from_arp_request=false" rlRun "ovn-nbctl set logical_router r2 options:always_learn_from_arp_request=false" rlRun "ovn-nbctl --wait=hv sync" rlRun "ovn-nbctl lr-nat-del r1 dnat_and_snat 172.16.0.101" rlRun "ovn-nbctl lr-nat-del r2 dnat_and_snat 172.16.0.102" rlRun "ovn-sbctl --all destroy mac_binding" rlRun "ovn-nbctl lr-nat-add r1 dnat_and_snat 172.16.0.101 173.0.1.2 vm1 00:00:00:01:02:03" rlRun "ovn-nbctl lr-nat-add r2 dnat_and_snat 172.16.0.102 173.0.2.2 vm2 00:00:00:01:02:04" rlRun "ovn-nbctl --wait=hv sync" #ovn-sbctl --vflows lflow-list |grep "logical_port=r2_public, ip=172.16.0.101"' datapath="r2", logical_port=r2_public, ip=172.16.0.101, mac=00:00:00:01:02:03 ---------when set to false,the item generated #ovn-sbctl --vflows lflow-list |grep "logical_port=r1_public, ip=172.16.0.102"' datapath="r1", logical_port=r1_public, ip=172.16.0.102, mac=00:00:00:01:02:04 ---------when set to false,the item generated,but should not verified on version: #ovn-sbctl --vflows lflow-list |grep "logical_port=r2_public, ip=172.16.0.101" -----------no mac-binding # #ovn-sbctl --vflows lflow-list |grep "logical_port=r1_public, ip=172.16.0.102" -----------no mac-binding #
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (ovn2.13 bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2021:0407