Live migration packet loss increasing as the number of security group rules increases
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Won't Fix
|
High
|
Unassigned |
Bug Description
Hi,
We lose too many packets during live migration. (After post_live_migration starts)
After investigation we have recognized that it is related with the number of security group rules which are applied to instance.
We are loosing 26 ping if there exist 90 security rules applied to instance. (Security group count does not matter, 1 group 90 rules or 3 group with 30 rules)
After detaching some rules from instance and let the instance have only 4 security group rules and then tried to migrate again. In that case we are only loosing 3 pings.
Do you have any idea? If this is caused by migrating the ovs flows, than is there any solution?
Environment Details:
OpenStack Wallaby Cluster installed via kolla-ansible to Ubuntu 20.04.2 LTS Hosts. (Kernel:
There exist 5 controller+network node.
"neutron-
OpenvSwitch used in DVR mode with router HA configured. (l3_ha = true)
We are using a single centralized neutron router for connecting all tenant networks to provider network.
We are using bgp_dragent to announce unique tenant networks.
Tenant network type: vxlan
External network type: vlan
Do you have "live_migration _wait_for_ vif_plug" nova config set to True (default)?