EVPN VXLAN: DM changing rt value in QFX 5100 config once policy is applied in VN
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
Juniper Openstack | Status tracked in Trunk | |||||
R4.0 |
Fix Committed
|
Critical
|
Suresh Balineni | |||
Trunk |
Fix Committed
|
Critical
|
Suresh Balineni |
Bug Description
DM is messing up with the config once we are adding policy to VN and vn has 2 import targets. Ideally policy should not have any impact on Leaf as it is L2 domain. Can you please take a look?
Steps to recreate:
Create a VN . It has RT value target:
Adding policy to VN which allow traffic between VN and New VN. Now VN has 2 RT value target:
Chenge in config after applying policy in contrail VN
-------
root@5b11-qfx2# show | compare rollback 1
[edit groups __contrail__ protocols evpn vni-options vni 4]
- vrf-target target:
+ vrf-target target:
[edit groups __contrail__ policy-options policy-statement _contrail_
- community _contrail_
+ community [ _contrail_
[edit groups __contrail__ policy-options]
+ community _contrail_
http://
Setup Details:
env.roledefs = {
'all': [host1, host2, host3],
'cfgm': [host1],
'openstack': [host1],
'control': [host1],
'compute': [host1, host2, host3],
'collector': [host1],
'webui': [host1],
'database': [host1],
'build': [host_build],
'tsn': [host1, host3],
}
#Hostnames
env.hostnames = {
host1: '5b11s14',
host2: '5b11s15',
host2: '5b11s17',
}
Changed in juniperopenstack: | |
importance: | Undecided → Critical |
assignee: | nobody → Hari Prasad Killi (haripk) |
milestone: | none → r4.0.1.0 |
information type: | Proprietary → Public |
summary: |
- EVPN VXLAN: TSN HA: After applying policy to the VN qfx is getti ng - removed from composite next hop + EVPN VXLAN: TSN HA: After applying policy to the VN qfx is getting + removed from TSN composite next hop |
tags: | added: vrouter |
Changed in juniperopenstack: | |
assignee: | Hari Prasad Killi (haripk) → Manish Singh (manishs) |
summary: |
- EVPN VXLAN: TSN HA: After applying policy to the VN qfx is getting + EVPN VXLAN: TSN HA: After applying policy to the VN, qfx is getting removed from TSN composite next hop |
Changed in juniperopenstack: | |
assignee: | Manish Singh (manishs) → chhandak (chhandak) |
description: | updated |
Changed in juniperopenstack: | |
assignee: | chhandak (chhandak) → Suresh Balineni (sbalineni) |
summary: |
- EVPN VXLAN: TSN HA: After applying policy to the VN, qfx is getting - removed from TSN composite next hop + EVPN VXLAN: DM changing rt value in QFX 5100 config once policy is + applied in VN |
tags: |
added: blocker device-manager removed: vrouter |
Here is further analysis. Does not seem to be agent issue.
On QFX please explain following:
Qfx2:
root@5b11-qfx2> show ethernet-switching instance |grep contrail vn-test- 1-l2-4 1067 NA
vlan Default default-switch contrail_
{master:0} 65000:8000003
root@5b11-qfx2> show configuration |display set |grep contrail |grep vni-optio
set groups __contrail__ protocols evpn vni-options vni 4 vrf-target target:
qfx3:
root@5b11-qfx3> show ethernet-switching instance |grep contrail vn-test- 2-l2-5 1311 NA
vlan Default default-switch contrail_
{master:0} 65000:8000003
root@5b11-qfx3> show configuration |display set |grep contrail |grep vni-optio
set groups __contrail__ protocols evpn vni-options vni 5 vrf-target target:
{master:0}
root@5b11-qfx3>
Above it is seen that vrf-target for both are 65000:8000003 but I don’t see any config for 65000:8000002.
In contrail 8000002 belongs to vn-test-2 while 8000003 belongs to vn-test-1.
Since both QFX do not have any config for 800002 we don’t see any replication list for same in contrail.
If you check for vn-test-2 you will find both QFX in replication list. Though there is one more config issue. Why on Qfx2 vni 4 matches to 800003 and not 8000002.
So am not sure how it was working before and its relation to policy. Any idea?