Description of problem: I did the following setting related to localnet_learn_fdb option by using hieradata in T-H-T. parameter_defaults: ControllerExtraConfig: neutron::config::plugin_ml2_config: ovn/localnet_learn_fdb: value: true ovn_nb_global/fdb_age_threshold: value: 300 ovn_nb_global/fdb_removal_limit: value: 50000 This setting was reflected to /var/lib/config-data/puppet-generated/neutron/etc/neutron/plugins/ml2/ml2_conf.ini in controller nodes correctly like: ~~~ [ovn] fdb_age_threshold=300 localnet_learn_fdb=True : (snip) [ovn_nb_global] fdb_removal_limit=50000 ~~~ However, I checked these settings of OVN NB DB with `ovn-nbctl list NB_Global` after running `openstack overcloud deploy`, but the value of `fdb_removal_limit`(50000) wasn't reflected like the following: ~~~ # podman exec ovn_controller ovn-nbctl --columns=options list NB_Global options : {fdb_removal_limit="0", ignore_lsp_down="false", mac_binding_removal_limit="0", mac_prefix="aa:b9:38", max_tunid="16711680", northd_internal_version="23.09.4-20.29.0-71.6", svc_monitor_mac="ba:40:2c:c7:a4:a3"} ~~~ Additionally, I run the following command in the controller nodes, but it was also not reflected. ~~~ # systemctl restart tripleo_neutron_api # systemctl restart tripleo_ovn_cluster_north_db_server # systemctl restart tripleo_ovn_cluster_northd.service # systemctl restart tripleo_ovn_controller.service ~~~ Version-Release number of selected component (if applicable): openstack-neutron-18.6.1-17.1.20231025110810.el9ost ovn23.09-23.09.3-5.el9fdp.x86_64 How reproducible: Always Steps to Reproduce: 1. Run `overcloud deploy` with the above `ControllerExtraConfig` setting. 2. Check OVN NB DB with `ovn-nbctl list NB_Global` Actual results: The value of `fdb_removal_limit` in NB DB wasn't reflected as the value of the parameter in ml2_conf.ini Expected results: The value of `fdb_removal_limit` will be reflected correctly
I think there is no code to handle fdb_removal_limit in ovn mech driver. For fdb_age_threshold, we have the following implementation. ~~~ def _gen_network_parameters(self, network): params = {'external_ids': { ovn_const.OVN_NETWORK_NAME_EXT_ID_KEY: network['name'], ovn_const.OVN_NETWORK_MTU_EXT_ID_KEY: str(network['mtu']), ovn_const.OVN_REV_NUM_EXT_ID_KEY: str( utils.get_revision_number(network, ovn_const.TYPE_NETWORKS)), ovn_const.OVN_AZ_HINTS_EXT_ID_KEY: ','.join(common_utils.get_az_hints(network)), # NOTE(ralonsoh): it is not considered the case of multiple # segments. ovn_const.OVN_NETTYPE_EXT_ID_KEY: network.get(pnet.NETWORK_TYPE), }} # Enable IGMP snooping if igmp_snooping_enable is enabled in Neutron vlan_transparent = ( 'true' if network.get('vlan_transparent') else 'false') params['other_config'] = { ovn_const.MCAST_SNOOP: ovs_conf.get_igmp_snooping_enabled(), ovn_const.MCAST_FLOOD_UNREGISTERED: ovs_conf.get_igmp_flood_unregistered(), ovn_const.VLAN_PASSTHRU: vlan_transparent} if utils.is_provider_network(network): params['other_config'][ovn_const.LS_OPTIONS_FDB_AGE_THRESHOLD] = ( ovn_conf.get_fdb_age_threshold()) return params ~~~ The same thing needs to be implemented for fdb_removal_limit
As you said, I don't see anything actually calling get_fdb_removal_limit() and doing something with it either downstream or upstream. But since fdb_removal_limit is an NB global parameter, I think it should probably be fixed in the MaintenanceWorker check_fdb_aging_settings() code that just runs once at startup. Your parameter_defaults shows ovn_nb_global/fdb_age_threshold: value: 300 and it should be ovn/fdb_age_threshold (though your output shows it under [ovn] so maybe that is probably just a typo in the bz.
While working on the fix, I also noticed that the `mac_binding_removal_limit` was similarly not being set. Patch submitted for review upstream fixing both and improving testing of the feature.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (RHOSP 17.1.4 bug fix and enhancement advisory), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2024:9974