1912431 – [OVS] multicast between VM instances on different compute nodes is broken with IGMP snooping enabled

Bug 1912431 - [OVS] multicast between VM instances on different compute nodes is broken with IGMP snooping enabled

Summary: [OVS] multicast between VM instances on different compute nodes is broken wit...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	openstack-neutron
Sub Component:
Version:	16.1 (Train)
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	z7
Target Release:	16.1 (Train on RHEL 8.2)
Assignee:	Slawek Kaplonski
QA Contact:	Roman Safronov
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2021-01-04 13:13 UTC by Roman Safronov
Modified:	2021-12-09 20:18 UTC (History)
CC List:	5 users (show)
Fixed In Version:	openstack-neutron-15.2.1-1.20210629093310.el8ost
Doc Type:	No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed:	2021-12-09 20:17:29 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Launchpad	1884723	None	None	None	2021-01-04 13:30:43 UTC
OpenStack gerrit	766360	None	NEW	Fix multicast traffic with IGMP snooping enabled	2021-01-04 14:47:22 UTC
Red Hat Issue Tracker	OSP-4292	None	None	None	2021-11-18 11:29:24 UTC
Red Hat Product Errata	RHBA-2021:3762	None	None	None	2021-12-09 20:18:01 UTC

Description Roman Safronov 2021-01-04 13:13:30 UTC

Description of problem:
When igmp snooping is enabled and VMs are running on 2 different compute nodes multicast traffic sent by one VM is not reaching second VM (subscribed to the relevant multicast group).     

Version-Release number of selected component (if applicable):
RHOS-16.1-RHEL-8-20201214.n.3

How reproducible:
100%

Steps to Reproduce:
Note, use environment with ML2/OVS mechanism driver.
1. Make sure igmp snooping is enabled in neutron and br-int on compute nodes.
In order to check you can run "sudo podman exec -it neutron_api crudini --get /etc/neutron/neutron.conf   ovs igmp_snooping_enable" on controller nodes. It should return True. And also "sudo ovs-vsctl get  Bridge br-int mcast_snooping_enable" and "sudo ovs-vsctl get  Bridge br-int other_config:mcast-snooping-disable-flood-unregistered" return 'true'

2. Create router, tenant network/subnet, security group allowing icmp, ssh, igmp and udp port 5001 (we will use it). Launch 2 VMs on the network. Make sure both VMs are running on different compute nodes. 
3. Subscribe one VM (receiver) to a multicast group (note: the group should not be from range 224.0.0.X, e.g. 225.0.0.100 is OK)
4. From the second VM (sender) send udp packets to the multicast group (use same port as security group allows, e.g. 5001).

Actual results:
Packets do not reach the receiver VM.

Expected results:
Packets reach the receiver VM

Additional info:
Note, in case both VMs are running on the same compute node multicast traffic from the sender reaches the receiver VM successfully.

Comment 10 Roman Safronov 2021-07-29 15:34:25 UTC

Verified on RHOS-16.1-RHEL-8-20210727.n.1 with neutron python3-neutron-15.2.1-1.20210712133305.40d217c.el8ost.noarch
Verified that when igmp snooping is enabled multicast is working between VM instances on different compute nodes.

Comment 26 errata-xmlrpc 2021-12-09 20:17:29 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Red Hat OpenStack Platform 16.1.7 (Train) bug fix and enhancement advisory), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:3762

Note You need to log in before you can comment on or make changes to this bug.