Bug 1947913 - [OVN][RFE] Add protection mechanism against gARPs / flapping ports
Summary: [OVN][RFE] Add protection mechanism against gARPs / flapping ports
Alias: None
Product: Red Hat Enterprise Linux Fast Datapath
Classification: Red Hat
Component: ovn2.13
Version: FDP 21.B
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: ---
Assignee: lorenzo bianconi
QA Contact: ying xu
Depends On:
TreeView+ depends on / blocked
Reported: 2021-04-09 14:02 UTC by Daniel Alvarez Sanchez
Modified: 2021-07-30 22:23 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed:
Target Upstream Version:

Attachments (Terms of Use)

Description Daniel Alvarez Sanchez 2021-04-09 14:02:29 UTC
In an scenario with VIPs that are balanced at application level (by for example, keepalived) there could be issues at such level which leads to the VIP flapping very frequently.

This will make the app to send the gARPs announcing the location of the new IP address which will trigger updates of MAC_Binding entries very frequently if the ports flap at high rate. The result is that ovn-northd will stay at 100% CPU and ovsdb-server for SB database will be very loaded.

Just like normal switches have, it would be great if OVN could implement some protection mechanism that when such condition is detected, the MAC address is banned from the switch in one or more ports to prevent this situation from happening.

Comment 2 Dan Williams 2021-05-04 14:19:15 UTC
COPP upstream series posted: http://patchwork.ozlabs.org/project/ovn/list/?series=241400&state=%2A&archive=both

Note You need to log in before you can comment on or make changes to this bug.