The FDP team is no longer accepting new bugs in Bugzilla. Please report your issues under FDP project in Jira. Thanks.
Bug 2007120 - something wrong for distributed FIP when redirec-type is set as bridged
Summary: something wrong for distributed FIP when redirec-type is set as bridged
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux Fast Datapath
Classification: Red Hat
Component: ovn-2021
Version: FDP 21.H
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: ---
Assignee: lorenzo bianconi
QA Contact: Jianlin Shi
URL:
Whiteboard:
Depends On:
Blocks: 2162756 2177155
TreeView+ depends on / blocked
 
Reported: 2021-09-23 07:56 UTC by Jianlin Shi
Modified: 2023-07-06 20:05 UTC (History)
13 users (show)

Fixed In Version: ovn-2021-21.12.0-134.el8fdp
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2023-07-06 20:05:30 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker FD-1572 0 None None None 2021-09-23 07:56:48 UTC
Red Hat Product Errata RHBA-2023:3995 0 None None None 2023-07-06 20:05:54 UTC

Description Jianlin Shi 2021-09-23 07:56:17 UTC 
Description of problem:
something wrong for distributed FIP when redirec-type is set as bridged

Version-Release number of selected component (if applicable):
ovn-2021-21.06.0-29.el8

How reproducible:
Always

Steps to Reproduce:

1. setup env

Server:

systemctl start openvswitch  
systemctl start ovn-northd                                     
ovn-nbctl set-connection ptcp:6641                              
ovn-sbctl set-connection ptcp:6642                      
ovs-vsctl set open . external_ids:system-id=hv1 external_ids:ovn-remote=tcp:1.1.40.25:6642 external_ids:ovn-encap-type=geneve external_ids:ovn-encap-ip=1.1.40.25
systemctl restart ovn-controller
                                                                       
ovs-vsctl add-br br-provider                                                                                                                   
ovs-vsctl add-port br-provider ens5f0
ip link set ens5f0 up                 
                                                                                                                                        
ovs-vsctl add-br br-phys                                     
ovs-vsctl add-port br-phys ens4f1        
ip link set ens4f1 up                                                                                                                       

ovs-vsctl set open . external-ids:ovn-bridge-mappings=phys:br-phys,provider:br-provider                                                                                                                    
                                                                                                                                                                                                           
ovn-nbctl ls-add ls1                                                                  
ovn-nbctl lsp-add ls1 ls1p1                                                      
ovn-nbctl lsp-set-addresses ls1p1 "00:00:00:01:01:01 192.168.1.1"                
                                                                                                
ovn-nbctl lsp-add ls1 ls1p2
ovn-nbctl lsp-set-addresses ls1p2 "00:00:00:01:01:02 192.168.1.2"

ovn-nbctl ls-add ls2
ovn-nbctl lsp-add ls2 ls2p1
ovn-nbctl lsp-set-addresses ls2p1 "00:00:00:01:02:01 192.168.2.1"

ovn-nbctl lsp-add ls2 ls2p2
ovn-nbctl lsp-set-addresses ls2p2 "00:00:00:01:02:02 192.168.2.2"

ovn-nbctl lr-add lr1
ovn-nbctl lrp-add lr1 lr1-ls1 00:00:00:ff:01:01 192.168.1.254/24
ovn-nbctl lsp-add ls1 ls1-lr1 
ovn-nbctl lsp-set-type ls1-lr1 router -- lsp-set-options ls1-lr1 router-port=lr1-ls1 -- lsp-set-addresses ls1-lr1 router

ovn-nbctl lrp-add lr1 lr1-ls2 00:00:00:ff:02:01 192.168.2.254/24
ovn-nbctl lsp-add ls2 ls2-lr1 -- lsp-set-type ls2-lr1 router -- lsp-set-options ls2-lr1 router-port=lr1-ls2 -- lsp-set-addresses ls2-lr1 router

ovn-nbctl ls-add ls_ln
ovn-nbctl lsp-add ls_ln ln "" 10 -- lsp-set-options ln network_name=provider -- lsp-set-type ln localnet -- lsp-set-addresses ln unknown
ovn-nbctl lrp-add lr1 lr1-ln 00:00:00:ff:0f:01 172.1.1.254/24

ovn-nbctl lsp-add ls_ln ln-lr1 -- lsp-set-type ln-lr1 router -- lsp-set-options ln-lr1 router-port=lr1-ln -- lsp-set-addresses ln-lr1 router

ovn-nbctl lrp-set-gateway-chassis lr1-ln hv1 20

ovn-nbctl lr-nat-add lr1 dnat_and_snat 172.1.1.112 192.168.1.2 ls1p2 00:00:00:ff:0f:12
ovn-nbctl lr-nat-add lr1 dnat_and_snat 172.1.1.122 192.168.2.2 

ovs-vsctl add-port br-int ls1p1 -- set interface ls1p1 type=internal external_ids:iface-id=ls1p1
ip netns add ls1p1 
ip link set ls1p1 netns ls1p1
ip netns exec ls1p1 ip link set ls1p1 address 00:00:00:01:01:01
ip netns exec ls1p1 ip link set ls1p1 up
ip netns exec ls1p1 ip addr add 192.168.1.1/24 dev ls1p1
ip netns exec ls1p1 ip route add default via 192.168.1.254 dev ls1p1

ovs-vsctl add-port br-int ls2p1 -- set interface ls2p1 type=internal external_ids:iface-id=ls2p1
ip netns add ls2p1 
ip link set ls2p1 netns ls2p1
ip netns exec ls2p1 ip link set ls2p1 address 00:00:00:01:02:01
ip netns exec ls2p1 ip link set ls2p1 up
ip netns exec ls2p1 ip addr add 192.168.2.1/24 dev ls2p1
ip netns exec ls2p1 ip route add default via 192.168.2.254 dev ls2p1

ovs-vsctl add-port br-provider ext2 -- set interface ext2 type=internal
ip netns add ext2
ip link set ext2 netns ext2
ip netns exec ext2 ip link set ext2 up
ip netns exec ext2 ip link add link ext2 name ext2.10 type vlan id 10
ip netns exec ext2 ip addr add 172.1.1.2/24 dev ext2.10
ip netns exec ext2 ip link set ext2.10 up
ip netns exec ext2 ip route add default via 172.1.1.254 dev ext2.10

ovn-nbctl lsp-add ls1 ln1 "" 11 -- lsp-set-options ln1 network_name=phys -- lsp-set-type ln1 localnet -- lsp-set-addresses ln1 unknown
ovn-nbctl lsp-add ls2 ln2 "" 12 -- lsp-set-options ln2 network_name=phys -- lsp-set-type ln2 localnet -- lsp-set-addresses ln2 unknown

ovs-vsctl set open . external-ids:ovn-chassis-mac-mappings="phys:aa:bb:cc:dd:ee:11,provider:aa:bb:cc:dd:11:11"
ovn-nbctl set logical_router_port lr1-ln options:redirect-type=bridged

Client:

systemctl start openvswitch
ovs-vsctl set open . external_ids:system-id=hv0 external_ids:ovn-remote=tcp:1.1.40.25:6642 external_ids:ovn-encap-type=geneve external_ids:ovn-encap-ip=1.1.40.26
systemctl restart ovn-controller                                                                      

ovs-vsctl add-br br-provider
ovs-vsctl add-port br-provider eno3                                                                   
ip link set eno3 up                                                                                   

ovs-vsctl add-br br-phys
ovs-vsctl add-port br-phys ens2f1                                                                     
ip link set ens2f1 up                                                                                 

ovs-vsctl set open . external-ids:ovn-bridge-mappings=phys:br-phys,provider:br-provider               

ovs-vsctl add-port br-int ls1p2 -- set interface ls1p2 type=internal external_ids:iface-id=ls1p2      
ip netns add ls1p2
ip link set ls1p2 netns ls1p2
ip netns exec ls1p2 ip link set ls1p2 address 00:00:00:01:01:02                                       
ip netns exec ls1p2 ip link set ls1p2 up
ip netns exec ls1p2 ip addr add 192.168.1.2/24 dev ls1p2
ip netns exec ls1p2 ip route add default via 192.168.1.254 dev ls1p2                                  

ovs-vsctl add-port br-int ls2p2 -- set interface ls2p2 type=internal external_ids:iface-id=ls2p2      
ip netns add ls2p2
ip link set ls2p2 netns ls2p2
ip netns exec ls2p2 ip link set ls2p2 address 00:00:00:01:02:02                                       
ip netns exec ls2p2 ip link set ls2p2 up
ip netns exec ls2p2 ip addr add 192.168.2.2/24 dev ls2p2
ip netns exec ls2p2 ip route add default via 192.168.2.254 dev ls2p2                                  
                                                                                                      

ovs-vsctl add-port br-provider ext1 -- set interface ext1 type=internal                               
ip netns add ext1
ip link set ext1 netns ext1
ip netns exec ext1 ip link set ext1 up
ip netns exec ext1 ip link add link ext1 name ext1.10 type vlan id 10                                 
ip netns exec ext1 ip link set ext1.10 up
ip netns exec ext1 ip addr add 172.1.1.1/24 dev ext1.10
ip netns exec ext1 ip route add default via 172.1.1.254 dev ext1.10                                   

ovs-vsctl set open . external-ids:ovn-chassis-mac-mappings="phys:aa:bb:cc:dd:ee:22,provider:aa:bb:cc:dd:22:22"

sleep 2                                                                                               
                                                                                                      
ip netns exec ls1p2 ping 172.1.1.1 -c 1                                                               
ip netns exec ls1p2 ping 172.1.1.1 -c 1 -s 1500                                                       
ip netns exec ls1p2 ping 172.1.1.2 -c 1                                                               
ip netns exec ls1p2 ping 172.1.1.2 -c 1 -s 1500                                                       
ip netns exec ls2p2 ping 172.1.1.1 -c 1                                                               
ip netns exec ls2p2 ping 172.1.1.1 -c 1 -s 1500                                                       
ip netns exec ls2p2 ping 172.1.1.2 -c 1                                                               
ip netns exec ls2p2 ping 172.1.1.2 -c 1 -s 1500

2. capture packets on eno3 (connected to br-provider) and run ip netns exec ls1p2 ping 172.1.1.1 -c 1

Actual results:
[root@dell-per740-69 ~]# tcpdump  -i eno3 -nnle -v icmp                                               
dropped privs to tcpdump
tcpdump: listening on eno3, link-type EN10MB (Ethernet), capture size 262144 bytes                    
03:51:30.519613 00:00:00:ff:0f:12 > 00:00:00:ff:0f:01, ethertype 802.1Q (0x8100), length 102: vlan 10, p 0, ethertype IPv4, (tos 0x0, ttl 63, id 23037, offset 0, flags [DF], proto ICMP (1), length 84)
    172.1.1.112 > 172.1.1.1: ICMP echo request, id 36808, seq 1, length 64                            
03:51:30.520464 00:00:00:ff:0f:01 > 1e:1d:54:3f:16:a1, ethertype 802.1Q (0x8100), length 102: vlan 10, p 0, ethertype IPv4, (tos 0x0, ttl 62, id 23037, offset 0, flags [DF], proto ICMP (1), length 84)
    172.1.1.112 > 172.1.1.1: ICMP echo request, id 36808, seq 1, length 64

Expected results:
as the FIP for ls1p2 is distributed, the packet should not go through br-provider.

Additional info:


[root@dell-per740-69 ~]# rpm -qa | grep -E "openvswitch2.15|ovn-2021"                                 
ovn-2021-host-21.06.0-29.el8fdp.x86_64
ovn-2021-central-21.06.0-29.el8fdp.x86_64
ovn-2021-21.06.0-29.el8fdp.x86_64                                                                     
openvswitch2.15-2.15.0-38.el8fdp.x86_64
Comment 1 lorenzo bianconi 2022-09-19 19:23:38 UTC 
upstream fix: https://patchwork.ozlabs.org/project/ovn/patch/308a75da796460cc3905e02387c46d57c4c4f529.1663593740.git.lorenzo.bianconi@redhat.com/
Comment 2 lorenzo bianconi 2022-09-30 11:04:29 UTC 
since this patch will not be backported, I guess we can close the bug as 'next-release'
Comment 3 Luis Tomas Bolivar 2023-03-28 07:23:14 UTC 
Also, the reason for being centralized when using FIPs is due to this missing in core-ovn: https://bugzilla.redhat.com/show_bug.cgi?id=2007120
Comment 10 OVN Bot 2023-06-08 17:45:16 UTC 
ovn-2021 fast-datapath-rhel-9 clone created at https://bugzilla.redhat.com/show_bug.cgi?id=2213610
Comment 12 Jianlin Shi 2023-06-15 06:14:08 UTC 
confirmed that the issue is fixed on ovn-2021-21.12.0-134.el8fdp.x86_64:

[root@wsfd-advnetlab16 nat]# rpm -qa | grep -E "ovn-2021|openvswitch2.17"
ovn-2021-host-21.12.0-134.el8fdp.x86_64                                                               
openvswitch2.17-2.17.0-98.el8fdp.x86_64                                                               
ovn-2021-21.12.0-134.el8fdp.x86_64                                                                    
ovn-2021-central-21.12.0-134.el8fdp.x86_64
Comment 21 Jianlin Shi 2023-06-27 01:30:34 UTC 
set Verified per comment 12
Comment 23 errata-xmlrpc 2023-07-06 20:05:30 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (ovn-2021 bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2023:3995
Note You need to log in before you can comment on or make changes to this bug.