Description of problem: Ovn-k8s multicast allow acls should allow IGMP/MLD pkts regardless of source address. IPv6 MLD packets are being dropped. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce There is a detailed slack conversation regarding this issue here: https://coreos.slack.com/archives/C01G7T6SYSD/p1614799149160300 I have an ipv4 single stack cluster with ovn-kubernetes cni. I see that after few minutes ~5, the join (igmp) request is expired. I'm following the steps in the openshift "enable multicast" guide. If I run oc exec mlistener -i -t -- \ socat UDP4-RECVFROM:30102,ip-add-membership=224.1.0.1:$POD_IP,fork EXEC:hostname then I run oc exec msender -i -t -- \ /bin/bash -c "echo | socat STDIO UDP4-DATAGRAM:224.1.0.1:30102,range=$CIDR,ip-multicast-ttl=64" It works as expected. But if I run the send request again after ~5 min, it doesn't work. I need the "listener" to re-join the multicast group to make it work again. Actual results: Expected results: Additional info:
https://github.com/ovn-org/ovn-kubernetes/pull/2088 is merged in ovn-org:master, but not in openshift:release-4.7 Testing still failed in 4.7.0-0.nightly-2021-03-17-090327
@weliang This BZ should be verified in 4.8 nightly, right? There is another BZ, https://bugzilla.redhat.com/show_bug.cgi?id=1935180, for the backport to 4.7.z.
@vpickard Thanks for infor Testing passed in 4.8.0-0.nightly-2021-03-17-123640.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:2438