neutron

FIP PF don't works with vlan tenant network and ovn backend

Bug #2028846 reported by Slawek Kaplonski
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
In Progress
High
Slawek Kaplonski

Bug Description

After patch https://review.opendev.org/c/openstack/neutron/+/878450 was merged, for vlan tenant network neutron sets "reside-on-redirect-chassis=False" in the Logical Router Ports in OVN NB. This is done like that to make sure that such traffic is not centralized.
But the problem is with port forwardings associated with vms connected to ports in the vlan tenant networks as PFs are implemented in OVN backend as OVN Loadbalancers and are centralized. So in such case we should still centralize traffic from such network probably to make such PFs working fine.

Bence Romsics (bence-romsics)
Changed in neutron:
importance: Undecided → High
Revision history for this message
Slawek Kaplonski (slaweq) wrote :

Patch proposed https://review.opendev.org/c/openstack/neutron/+/889871

Changed in neutron:
status: Confirmed → In Progress
Revision history for this message
Slawek Kaplonski (slaweq) wrote :

After longer investigation it seems that the problem is a bit bigger and in case when both FIP PF and Floating IP are associated with ports in the same tenant network, everything needs to be centralized, including Floating IP traffic which normally would be distributed.
To avoid switching such existing FIPs between centralized/distributed mode, which would break existing connections using such FIP, I will propose patch which will simply force centralized traffic in case if "port_forwarding" service plugin is enabled and vlan or flat networks are configured as tenant network types.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/openstack/neutron/+/892542

Revision history for this message
Slawek Kaplonski (slaweq) wrote :

New patch proposed https://review.opendev.org/c/openstack/neutron/+/892542

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on neutron (master)

Change abandoned by "Slawek Kaplonski <email address hidden>" on branch: master
Review: https://review.opendev.org/c/openstack/neutron/+/889871
Reason: Superseeded by https://review.opendev.org/c/openstack/neutron/+/892542

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to neutron (master)

Related fix proposed to branch: master
Review: https://review.opendev.org/c/openstack/neutron/+/894766

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to neutron (master)

Reviewed: https://review.opendev.org/c/openstack/neutron/+/894766
Committed: https://opendev.org/openstack/neutron/commit/b2ceb8b854648b1072a017c022e3d7c83bb89122
Submitter: "Zuul (22348)"
Branch: master

commit b2ceb8b854648b1072a017c022e3d7c83bb89122
Author: Slawek Kaplonski <email address hidden>
Date: Tue Sep 12 16:02:02 2023 +0200

    Add release note with known issue with FIP PFs and vlan tenant networks

    This patch adds just release note with the known issue to describe known
    wrong configuration which cause FIP Port Forwarding to not work properly
    in ML2/OVN backend and distributed FIPs enabled.
    For more details, please check related bug.

    Related-bug: #2028846
    Change-Id: I48b5358f4c3ac492d68b00a4c0153370332e9249

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.