Ping from Linux VM to Windows container fails
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| OpenContrail |
New
|
Low
|
Unassigned | ||
Bug Description
Assuming a Contrail cluster with at least 1 Windows compute node and at least Linux/OpenStack compute node, when we try to ping from OpenStack VM to Windows container, ping fails.
Steps to reproduce:
1. Deploy Contrail cluster with at least 1 Windows compute node and at least 1 Linux/OpenStack compute node.
2. Create a network, let's assume it is named `network`1, in Contrail.
3. Spawn a VM in `network1` network, on OpenStack compute node.
4. Create a Docker network, associated with `network1` network, on Windows compute node.
5. Spawn a container in `network`` network, on Windows compute node.
6. Take a note of:
- IP address of the VM; let's assume it is 10.0.1.3;
- IP address of the container; let's assume it is 10.0.1.4;
6. Log in to VM on OpenStack.
7. Run the following command:
ping 10.0.1.4
What should happen:
1. Ping should succeed.
What actually happens:
1. Ping fails.
Initial investigation showed that packets transmitted from OpenStack compute node do not have inner IP checksum calculated. After they are decapsulated by vRouter on the Windows compute node, and this IP packet is passed down to a container. Container's TCP/IP stack drops a packet, because checksum is incorrect.
| Dariusz Sosnowski (dariusz.sosnowski) wrote | #1 |
| Changed in opencontrail: | |
| importance: | Undecided → Low |
Contrail Cluster used in this setup was virtualized in VMware environment. It might be a behaviour specific to vmxnet3 paravirtualized NICs.
Workaround for this issue is to disable Tx/Rx offloads on the vmxnet3. It has described in the following document: https:/