Juniper Openstack

DHCP Offer not reaching the TOR Compute Node

Bug #1748865 reported by Mirai Neeku on 2018-02-12

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Juniper Openstack	Status tracked in Trunk
	Trunk	Incomplete	High	manishkn	Juniper Openstack r5.0.0

Bug Description

I am working on opencontrail and have implemented the below mentioned scenario.

I have connected my VM that is running on ESXI host vswitch1 to qfx5100 switch and want to ping the VM created by openstack from the ESXI Host VM. I have also configured the opencontrail physical device interface configuration with the physical interface that is connected to the ESXI Host VM, the dhcp request is not able to provide ip address to my VM at the ESXI host. The port of ESXI Host is trunk and the QFX5100 port is in flexible vlan tagging with encapsulation vlan-bridge.

The below mentioned commands on the TOR Compute Node (which is connected to vswitch0 of the same ESXI host) shows that the request somehow is being dropped at vhost0.

root@compute-3:/home/contrail# vxlan --get 5
VXLAN Table

VNID NextHop
----------------
5 18

root@compute-3:/home/contrail# nh --get 18
Id:18 Type:Vrf_Translate Fmly: AF_INET Rid:0 Ref_cnt:2 Vrf:1
Flags:Valid, Vxlan,
Vrf:1

root@compute-3:/home/contrail# rt --dump 1 --family bridge
Kernel L2 Bridge table 0/1

Flags: L=Label Valid, Df=DHCP flood

Index DestMac Flags Label/VNID Nexthop
42268 0:c:29:d1:a:29 Df - 3
94920 0:c:29:83:f2:3f - 1 >> This is the MAC of my VM
97192 ff:ff:ff:ff:ff:ff LDf 5 22
176248 2:a6:86:14:52:2e LDf 18 20
252916 0:0:5e:0:1:0 Df - 3

root@compute-3:/home/contrail# nh --get 1
Id:1 Type:Drop Fmly: AF_INET Rid:0 Ref_cnt:256 Vrf:0
Flags:Valid,

root@compute-3:/home/contrail# dropstats
GARP 0
ARP no where to go 0
Invalid ARPs 0

Invalid IF 0
Trap No IF 0
IF TX Discard 0
IF Drop 0
IF RX Discard 0

Flow Unusable 0
Flow No Memory 0
Flow Table Full 0
Flow NAT no rflow 0
Flow Action Drop 0
Flow Action Invalid 0
Flow Invalid Protocol 0
Flow Queue Limit Exceeded 0

Discards 0
TTL Exceeded 0
Mcast Clone Fail 0
Cloned Original 8

Invalid NH 1
Invalid Label 0
Invalid Protocol 0
Rewrite Fail 0
Invalid Mcast Source 0

Push Fails 0
Pull Fails 0
Duplicated 0
Head Alloc Fails 0
Head Space Reserve Fails 0
PCOW fails 0
Invalid Packets 0

Misc 0
Nowhere to go 0
Checksum errors 0
No Fmd 0
Invalid VNID 0
Fragment errors 0
Invalid Source 0
Jumbo Mcast Pkt with DF Bit 0
ARP No Route 0
ARP Reply No Route 0
No L2 Route 0

-Mirai

Tags:

Mirai Neeku (mirai-neeku) on 2018-02-12

information type:

Proprietary → Public

Mirai Neeku (mirai-neeku) on 2018-02-12

tags:	added: agent tor
tags:	added: contrail removed: agent tor
tags:	added: agent tor removed: contrail

Mirai Neeku (mirai-neeku) on 2018-02-12

tags:

added: bms
removed: agent tor

Revision history for this message

Mirai Neeku (mirai-neeku) wrote on 2018-02-13:

As I can see that the request from bare metal server is dropping and a vxlan tunnel has not been established between the qfx switch and the tor service node.

Revision history for this message

Mirai Neeku (mirai-neeku) wrote on 2018-02-13:

Download full text (6.2 KiB)

The new stats are mentioned below.

I am not able to get the ip for Bare Metal Server through DHCP request nor I am able to ping the Bare metal server and the VM present within the openstack.

------------------------------------------------------------------------------------------------------------
{master:0}
mirai.neeku@sw2> show ovsdb controller
VTEP controller information:
Controller IP address: 10.21.222.126
Controller protocol: ssl
Controller port: 9999
Controller connection: up
Controller seconds-since-connect: 9321
Controller seconds-since-disconnect: 0
Controller connection status: active

Ethernet switching table : 3 entries, 1 learned
Routing instance : default-switch
    Vlan MAC MAC Age Logical
    name address flags interface
    Contrail-74672427-fdf0-4d28-ad5e-25808b7bf01c 00:0c:29:83:f2:3f D - ge-0/0/10.11
    Contrail-74672427-fdf0-4d28-ad5e-25808b7bf01c 02:43:97:3e:80:7b SO - vtep.32769
    Contrail-74672427-fdf0-4d28-ad5e-25808b7bf01c 02:a6:86:14:52:2e SO - vtep.32770

MAC flags (S - static MAC, D - dynamic MAC, L - locally learned, P - Persistent static
SE - statistics enabled, NM - non configured MAC, R - remote PE MAC, O - ovsdb MAC)

mirai.neeku@sw2> show ethernet-switching vxlan-tunnel-end-point remote mac-table

MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC)

Logical system : <default>
Routing instance : default-switch
Bridging domain : Contrail-74672427-fdf0-4d28-ad5e-25808b7bf01c, VLAN : NA, VNID : 5
   MAC MAC Logical Remote VTEP
   address flags interface IP address
   02:43:97:3e:80:7b SO vtep.32769 10.21.222.124
   02:a6:86:14:52:2e SO vtep.32770 10.21.222.125

{master:0}
mirai.neeku@sw2> show ethernet-switching vxlan-tunnel-end-point source
Logical System Name Id SVTEP-IP IFL L3-Idx
<default> 0 10.21.222.115 lo0.0 0
L2-RTT Bridge Domain VNID MC-Group-IP
default-switch Contrail-74672427-fdf0-4d28-ad5e-25808b7bf01c 5 0.0.0.0

{master:0}
mirai.neeku@sw2> show ovsdb logical-switch
Logical switch information:
Logical Switch Name: Contrail-74672427-fdf0-4d28-ad5e-25808...

The new stats are mentioned below.

I am not able to get the ip for Bare Metal Server through DHCP request nor I am able to ping the Bare metal server and the VM present within the openstack.

------------------------------------------------------------------------------------------------------------
{master:0}
mirai.neeku@sw2> show ovsdb controller            
VTEP controller information:
Controller IP address: 10.21.222.126
Controller protocol: ssl
Controller port: 9999
Controller connection: up
Controller seconds-since-connect: 9321
Controller seconds-since-disconnect: 0
Controller connection status: active

{master:0}
mirai.neeku@sw2> show ovsdb mac           
Logical Switch Name: Contrail-74672427-fdf0-4d28-ad5e-25808b7bf01c
  Mac                    IP                 Encapsulation      Vtep    
  Address                Address                               Address        
  ff:ff:ff:ff:ff:ff      0.0.0.0            Vxlan over Ipv4    10.21.222.115  
  00:0c:29:83:f2:3f      0.0.0.0            Vxlan over Ipv4    10.21.222.115  
  02:43:97:3e:80:7b      0.0.0.0            Vxlan over Ipv4    10.21.222.124  
  02:a6:86:14:52:2e      0.0.0.0            Vxlan over Ipv4    10.21.222.125  
  ff:ff:ff:ff:ff:ff      0.0.0.0            Vxlan over Ipv4    10.21.222.126

Ethernet switching table : 3 entries, 1 learned
Routing instance : default-switch
    Vlan                MAC                 MAC         Age    Logical
    name                address             flags              interface
    Contrail-74672427-fdf0-4d28-ad5e-25808b7bf01c 00:0c:29:83:f2:3f D        - ge-0/0/10.11         
    Contrail-74672427-fdf0-4d28-ad5e-25808b7bf01c 02:43:97:3e:80:7b SO        - vtep.32769           
    Contrail-74672427-fdf0-4d28-ad5e-25808b7bf01c 02:a6:86:14:52:2e SO        - vtep.32770

MAC flags (S - static MAC, D - dynamic MAC, L - locally learned, P - Persistent static
           SE - statistics enabled, NM - non configured MAC, R - remote PE MAC, O - ovsdb MAC)

mirai.neeku@sw2> show ethernet-switching vxlan-tunnel-end-point remote mac-table

MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
           SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC)

Logical system   : <default>
Routing instance : default-switch
 Bridging domain : Contrail-74672427-fdf0-4d28-ad5e-25808b7bf01c, VLAN : NA, VNID : 5
   MAC                 MAC      Logical          Remote VTEP
   address             flags    interface        IP address
   02:43:97:3e:80:7b   SO       vtep.32769       10.21.222.124
   02:a6:86:14:52:2e   SO       vtep.32770       10.21.222.125

{master:0}
mirai.neeku@sw2> show ethernet-switching vxlan-tunnel-end-point source    
Logical System Name       Id  SVTEP-IP         IFL   L3-Idx
<default>                 0   10.21.222.115    lo0.0    0  
    L2-RTT                   Bridge Domain              VNID     MC-Group-IP
    default-switch           Contrail-74672427-fdf0-4d28-ad5e-25808b7bf01c 5 0.0.0.0

{master:0}
mirai.neeku@sw2> show ovsdb logical-switch                                          
Logical switch information:
Logical Switch Name: Contrail-74672427-fdf0-4d28-ad5e-25808b7bf01c
Flags: Created by both
VNI: 5
Num of Remote MAC: 3
Num of Local MAC: 2

{master:0}
mirai.neeku@sw2> show ovsdb virtual-tunnel-end-point                                
Encapsulation               Ip Address                           Num of MAC's  
VXLAN over IPv4             10.21.222.115                        2              
VXLAN over IPv4             10.21.222.124                        1              
VXLAN over IPv4             10.21.222.125                        1              
VXLAN over IPv4             10.21.222.126                        1

------------------------------------------------------------------------------------------------------------
root@compute-3:/etc/contrail# rt --dump 1 --family bridge
Kernel L2 Bridge table 0/1

Flags: L=Label Valid, Df=DHCP flood

Index       DestMac                  Flags           Label/VNID      Nexthop
24280       ec:3e:f7:1:59:d                               -             1
42268       0:c:29:d1:a:29             Df                 -             3
94920       0:c:29:83:f2:3f           LDf                 5            21
97192       ff:ff:ff:ff:ff:ff         LDf                 5            27
176248      2:a6:86:14:52:2e          LDf                18            24
234012      2:43:97:3e:80:7b          LDf                18            13
252916      0:0:5e:0:1:0               Df                 -             3

root@compute-3:/etc/contrail# nh --get 27
Id:27         Type:Composite      Fmly:AF_BRIDGE  Rid:0  Ref_cnt:4          Vrf:1
              Flags:Valid, Multicast, L2, 
              Sub NH(label): 23(0) 26(0) 19(0)

root@compute-3:/etc/contrail# nh --get 23
Id:23         Type:Composite      Fmly: AF_INET  Rid:0  Ref_cnt:2          Vrf:1
              Flags:Valid, Tor, 
              Sub NH(label): 21(5)

root@compute-3:/etc/contrail# nh --get 21
Id:21         Type:Tunnel         Fmly: AF_INET  Rid:0  Ref_cnt:3          Vrf:0
              Flags:Vxlan, 
              Oif:0 Len:0 Flags Vxlan,  Data:
              Vrf:0  Sip:0.0.0.0  Dip:0.0.0.0

root@compute-3:/etc/contrail# nh --get 26
Id:26         Type:Composite      Fmly: AF_INET  Rid:0  Ref_cnt:2          Vrf:1
              Flags:Valid, Evpn, 
              Sub NH(label):

root@compute-3:/etc/contrail# nh --get 19
Id:19         Type:Composite      Fmly: AF_INET  Rid:0  Ref_cnt:2          Vrf:1
              Flags:Valid, Fabric, 
              Sub NH(label): 13(4610)

root@compute-3:/etc/contrail# nh --get 13
Id:13         Type:Tunnel         Fmly: AF_INET  Rid:0  Ref_cnt:4          Vrf:0
              Flags:Valid, MPLSoUDP, 
              Oif:0 Len:14 Flags Valid, MPLSoUDP,  Data:00 0c 29 fb c2 55 00 0c 29 d1 0a 29 08 00 
              Vrf:0  Sip:10.21.222.126  Dip:10.21.222.124

root@compute-3:/etc/contrail# nh --get 24
Id:24         Type:Tunnel         Fmly: AF_INET  Rid:0  Ref_cnt:3          Vrf:0
              Flags:Valid, MPLSoUDP, 
              Oif:0 Len:14 Flags Valid, MPLSoUDP,  Data:00 0c 29 f6 d6 30 00 0c 29 d1 0a 29 08 00 
              Vrf:0  Sip:10.21.222.126  Dip:10.21.222.125

root@compute-3:/etc/contrail#

Revision history for this message

manishkn (manishkn) wrote on 2018-03-14:

Hi,

Are you still facing this issue ?

Could you pls provide me with following details:

Assuming TOR used is <QFX>

1) Contrail-version
2) Do you have vxlan tunnel between TOR to TSN node <show ethernet-switching vxlan-tunnel-end-point remote>
3) If not (#2), did you add TSN node for the physical router
4) show ovsdb mac on TOR , ff:ff:ff:ff:ff:ff is it pointing towards TSN node ?

You can reply to my email id <email address hidden>

Thanks
Manish Krishnan

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.