Juniper Openstack

Vrouter:Traffic between 2 vms in 2 different vn getting dropped by vrouter even correct policy attached

  1. Series r2.20
  2. Bug #1457337
Bug #1457337 reported by Sandip Dey
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Juniper Openstack
Status tracked in Trunk
R2.20
Fix Committed
High
Naveen N
Juniper Openstack r2.20-fcs
Trunk
Fix Committed
High
Naveen N

Bug Description

1.I had the topology as attached.

2.Created 2 vns and 1 vm in each vn.One vm was in nodek8 and another on nodek9

3.Attached policy to allow traffic between the vns and then tried to ping .Ping did not happen.

Figured out that nodek8 and nodek9 was not reachable to each other as some miss configuration in the swiyches.

Corrected that and the both computes were reachable to each other.

But traffic was still dropped nodek9 with the reason invalid nh

Naveen debugged it.

Log
===
Entries: Created 217 Added 7 Processed 217
(Created Flows/CPU: 21 10 6 29 13 23 79 30 0 1 0 0 0 0 1 0 0 0 0 3 0 0 0 0 1 0 0 0 0 0 0 0)(oflows 0)

Action:F=Forward, D=Drop N=NAT(S=SNAT, D=DNAT, Ps=SPAT, Pd=DPAT, L=Link Local Port)
 Other:K(nh)=Key_Nexthop, S(nh)=RPF_Nexthop

 Index Source:Port Destination:Port Proto(V)
-------------------------------------------------------------------------
 56620 2.2.2.3:53248 19.0.1.4:0 1 (1)
        (K(nh):13, Action:F, S(nh):13, Statistics:738/72324 UdpSrcPort 51814)

223472 19.0.1.4:53504 2.2.2.3:0 1 (1)
        (K(nh):13, Action:F, S(nh):20, Statistics:0/0 UdpSrcPort 59971)

224972 2.2.2.3:53504 19.0.1.4:0 1 (1)
        (K(nh):13, Action:F, S(nh):13, Statistics:1154/113092 UdpSrcPort 61784)

479524 19.0.1.4:53248 2.2.2.3:0 1 (1)
        (K(nh):13, Action:F, S(nh):20, Statistics:738/61992 UdpSrcPort 50308)

root@nodek9:~# nh --get 13
Id:13 Type:Encap Fmly: AF_INET Flags:Valid, Policy, Rid:0 Ref_cnt:4 Vrf:1
              EncapFmly:0806 Oif:3 Len:14 Data:02 1c 62 58 d0 94 00 00 5e 00 01 00 08 00

root@nodek9:~# nh --get 20
Id:20 Type:Tunnel Fmly: AF_INET Flags:MPLSoUDP, Rid:0 Ref_cnt:3 Vrf:0
              Oif:0 Len:14 Flags MPLSoUDP, Data:00 25 90 c9 0b 3c 00 25 90 c7 7f f4 08 00
              Vrf:0 Sip:40.40.40.6 Dip:40.40.40.5

root@nodek9:~# ping 40.40.40.5
PING 40.40.40.5 (40.40.40.5) 56(84) bytes of data.
64 bytes from 40.40.40.5: icmp_seq=1 ttl=62 time=0.221 ms
64 bytes from 40.40.40.5: icmp_seq=2 ttl=62 time=0.188 ms

Tags: vrouter
Revision history for this message
Sandip Dey (sandipd) wrote :
Vedamurthy Joshi (vedujoshi)
Changed in juniperopenstack:
importance: Undecided → High
OpenContrail Admin (ci-admin-f)
information type: Proprietary → Public
Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : R2.20

Review in progress for https://review.opencontrail.org/11177
Submitter: Naveen N (<email address hidden>)

Naveen N (naveenn)
Changed in juniperopenstack:
status: New → In Progress
Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] R2.20

Review in progress for https://review.opencontrail.org/11177
Submitter: Naveen N (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : A change has been merged

Reviewed: https://review.opencontrail.org/11177
Committed: http://github.org/Juniper/contrail-controller/commit/27cd7947c71e6fd5b0dccac3c77feab931062172
Submitter: Zuul
Branch: R2.20

commit 27cd7947c71e6fd5b0dccac3c77feab931062172
Author: Naveen N <email address hidden>
Date: Tue Jun 2 14:43:01 2015 +0530

* Copy ARP mac, interface and resolved flag in Sync() API of route

Routes and nexthops dependent on ARP route are updated, when
any variable in ARP nexthop are changed. When ARP timer is
expired, nexthop gets marked as invalid and route Sync is triggered,
in this sync() API arp_mac and valid flags were not updated, hence
eventually when ARP resolution succeds, there would be no change in
agent path and the dependent nexthop would not be resolved.
Test case for same
Closes-bug:#1457337

Change-Id: I5c5c168367ce706a347a93f9f4852f8c5b68e95b

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] master

Review in progress for https://review.opencontrail.org/12365
Submitter: Naveen N (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : A change has been merged

Reviewed: https://review.opencontrail.org/12365
Committed: http://github.org/Juniper/contrail-controller/commit/5f6df1675f598ac14200423c00486f2a93ea25ee
Submitter: Zuul
Branch: master

commit 5f6df1675f598ac14200423c00486f2a93ea25ee
Author: Naveen N <email address hidden>
Date: Tue Jun 2 14:43:01 2015 +0530

* Copy ARP mac, interface and resolved flag in Sync() API of route

Routes and nexthops dependent on ARP route are updated, when
any variable in ARP nexthop are changed. When ARP timer is
expired, nexthop gets marked as invalid and route Sync is triggered,
in this sync() API arp_mac and valid flags were not updated, hence
eventually when ARP resolution succeds, there would be no change in
agent path and the dependent nexthop would not be resolved.
Test case for same
Closes-bug:#1457337

Change-Id: I5c5c168367ce706a347a93f9f4852f8c5b68e95b
(cherry picked from commit 27cd7947c71e6fd5b0dccac3c77feab931062172)

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.