neutron

Can not use vrrp in a dvr openstack environment

Bug #1873375 reported by XiaoYu Zhu on 2020-04-17

This bug report is a duplicate of: Bug #1774459: Update permanent ARP entries for allowed_address_pair IPs in DVR Routers. Edit Remove

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	neutron	New	Undecided	Unassigned

Bug Description

We are trying to use vrrp between two VMs in a dvr environment, but it failed.

According to https://review.opendev.org/#/c/716302/ ,for creating additional ports in Neutron to allocate some IP address which will be then used as VIP in keepalive ,it has stopped setting arp entries of those unbound ports in qrouter namespace.This commit tried to insure instance can use a VIP with DVR.

Now suppose we have two compute nodes cmp1 and cmp2，
vm1 on cmp1,qrouter1 on cmp1
vm2 on cmp2,qrouter2 on cmp2
different subnet
using dvr.

vm2 has a VIP 10.0.0.123 ,while creating an unbound port in Neutron with 10.0.0.123
vm1 ping 10.0.0.123
request from vm1 will be sended to qrouter1, qrouter1 does not have arp entry of 10.0.0.123, it will send arp request
however, when vm2 receive the arp request, the source-mac has being changed to qrouter2's mac by br-tun.
vm2 will send arp response to qrouter2, which means qrouter1 will never receive the arp response, finally, ping failed.

See original description

Tags:

XiaoYu Zhu (honglan0914) on 2020-04-17

description:

updated

Revision history for this message

Ryan Tidwell (ryan-tidwell) wrote on 2020-04-21:

I'm not sure I understand the concern. Is your concern that https://review.opendev.org/#/c/716302/ is breaking your environment, or are you experiencing an issue similar to what https://review.opendev.org/#/c/716302/ is meant to address?

Revision history for this message

LIU Yulong (dragon889) wrote on 2020-04-22:

Looks like this is duplicated to these bugs:
https://bugs.launchpad.net/neutron/+bug/1774459
https://bugs.launchpad.net/neutron/+bug/1821357
https://bugs.launchpad.net/neutron/+bug/1859638

Revision history for this message

XiaoYu Zhu (honglan0914) wrote on 2020-04-23:

Sorry, I thought https://review.opendev.org/#/c/716302/ could let router send arp request, then it should have solved the problem.But it seems like a long term bug which has been proposeed in bug/1774459 and much more complicated than I thought

Report a bug

This report contains Public information

Everyone can see this information.

Duplicate of bug #1774459 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.