[ovn] MTU issues due to centralized vlan provider networks
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Fix Released
|
High
|
Luis Tomas Bolivar |
Bug Description
After this change was added [1] the traffic gets centralized not only for vlan tenant networks, but also for vlan provider networks. This means that extra reduction on the MTU size needs to be done to account for the geneve encapsulation due to traffic going through the networker node instead of directly from the node
[1] https:/
Changed in neutron: | |
assignee: | nobody → Luis Tomas Bolivar (ltomasbo) |
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (master) | #1 |
Changed in neutron: | |
status: | New → In Progress |
Changed in neutron: | |
importance: | Undecided → Critical |
importance: | Critical → High |
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (master) | #2 |
Reviewed: https:/
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit acb809eea422f41
Author: Luis Tomas Bolivar <email address hidden>
Date: Fri Jan 20 12:16:06 2023 +0100
[OVN] Ensure traffic for provider vlan networks is not tunneled
This patch adds an extra checking to ensure the
"reside-
router port associated to vlan provider network despite having
the "ovn_distribute
as there is an OVN bug [1] making it not work as expected.
Note setting this to true has implications as the traffic will be
centrallized (but not tunneled) through the node with the gateway
port.
The expected behavior of this flag, once [1] is fixed is:
- reside-
tunneled to the controller with the gateway port. Means it requires
extra MTU reduction to work.
- reside-
tunneled to the controller with the gateway port, but the traffic is
centralized through the controller with the gateway port. Thus it
does not require extra MTU reduction.
- reside-
configured: means the traffic is fully distributed and it is not being
tunneled, nor sent, through the controller with the gateway port. This
is the preferred option as it does not require MTU reduction and it
avoids the extra hop. However it is not working as expected, therefore
the fallback to set reside-
[1] https:/
Closes-Bug: #2003455
Change-Id: I662cb30c842e54
Changed in neutron: | |
status: | In Progress → Fix Released |
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/zed) | #3 |
Fix proposed to branch: stable/zed
Review: https:/
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/yoga) | #4 |
Fix proposed to branch: stable/yoga
Review: https:/
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/xena) | #5 |
Fix proposed to branch: stable/xena
Review: https:/
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/wallaby) | #6 |
Fix proposed to branch: stable/wallaby
Review: https:/
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/zed) | #7 |
Reviewed: https:/
Committed: https:/
Submitter: "Zuul (22348)"
Branch: stable/zed
commit 390d617d3d3c4d1
Author: Luis Tomas Bolivar <email address hidden>
Date: Fri Jan 20 12:16:06 2023 +0100
[OVN] Ensure traffic for provider vlan networks is not tunneled
This patch adds an extra checking to ensure the
"reside-
router port associated to vlan provider network despite having
the "ovn_distribute
as there is an OVN bug [1] making it not work as expected.
Note setting this to true has implications as the traffic will be
centrallized (but not tunneled) through the node with the gateway
port.
The expected behavior of this flag, once [1] is fixed is:
- reside-
tunneled to the controller with the gateway port. Means it requires
extra MTU reduction to work.
- reside-
tunneled to the controller with the gateway port, but the traffic is
centralized through the controller with the gateway port. Thus it
does not require extra MTU reduction.
- reside-
configured: means the traffic is fully distributed and it is not being
tunneled, nor sent, through the controller with the gateway port. This
is the preferred option as it does not require MTU reduction and it
avoids the extra hop. However it is not working as expected, therefore
the fallback to set reside-
[1] https:/
Closes-Bug: #2003455
Change-Id: I662cb30c842e54
(cherry picked from commit acb809eea422f41
tags: | added: in-stable-zed |
tags: | added: in-stable-yoga |
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/yoga) | #8 |
Reviewed: https:/
Committed: https:/
Submitter: "Zuul (22348)"
Branch: stable/yoga
commit 334f7733f5b655b
Author: Luis Tomas Bolivar <email address hidden>
Date: Fri Jan 20 12:16:06 2023 +0100
[OVN] Ensure traffic for provider vlan networks is not tunneled
This patch adds an extra checking to ensure the
"reside-
router port associated to vlan provider network despite having
the "ovn_distribute
as there is an OVN bug [1] making it not work as expected.
Note setting this to true has implications as the traffic will be
centrallized (but not tunneled) through the node with the gateway
port.
The expected behavior of this flag, once [1] is fixed is:
- reside-
tunneled to the controller with the gateway port. Means it requires
extra MTU reduction to work.
- reside-
tunneled to the controller with the gateway port, but the traffic is
centralized through the controller with the gateway port. Thus it
does not require extra MTU reduction.
- reside-
configured: means the traffic is fully distributed and it is not being
tunneled, nor sent, through the controller with the gateway port. This
is the preferred option as it does not require MTU reduction and it
avoids the extra hop. However it is not working as expected, therefore
the fallback to set reside-
[1] https:/
Closes-Bug: #2003455
Change-Id: I662cb30c842e54
(cherry picked from commit acb809eea422f41
tags: | added: in-stable-xena |
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/xena) | #9 |
Reviewed: https:/
Committed: https:/
Submitter: "Zuul (22348)"
Branch: stable/xena
commit 80933556beb303d
Author: Luis Tomas Bolivar <email address hidden>
Date: Fri Jan 20 12:16:06 2023 +0100
[OVN] Ensure traffic for provider vlan networks is not tunneled
This patch adds an extra checking to ensure the
"reside-
router port associated to vlan provider network despite having
the "ovn_distribute
as there is an OVN bug [1] making it not work as expected.
Note setting this to true has implications as the traffic will be
centrallized (but not tunneled) through the node with the gateway
port.
The expected behavior of this flag, once [1] is fixed is:
- reside-
tunneled to the controller with the gateway port. Means it requires
extra MTU reduction to work.
- reside-
tunneled to the controller with the gateway port, but the traffic is
centralized through the controller with the gateway port. Thus it
does not require extra MTU reduction.
- reside-
configured: means the traffic is fully distributed and it is not being
tunneled, nor sent, through the controller with the gateway port. This
is the preferred option as it does not require MTU reduction and it
avoids the extra hop. However it is not working as expected, therefore
the fallback to set reside-
[1] https:/
Closes-Bug: #2003455
Change-Id: I662cb30c842e54
(cherry picked from commit acb809eea422f41
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (master) | #10 |
Fix proposed to branch: master
Review: https:/
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 22.0.0.0rc1 | #11 |
This issue was fixed in the openstack/neutron 22.0.0.0rc1 release candidate.
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/wallaby) | #12 |
Reviewed: https:/
Committed: https:/
Submitter: "Zuul (22348)"
Branch: stable/wallaby
commit b8bff331b43acb9
Author: Luis Tomas Bolivar <email address hidden>
Date: Fri Jan 20 12:16:06 2023 +0100
[OVN] Ensure traffic for provider vlan networks is not tunneled
This patch adds an extra checking to ensure the
"reside-
router port associated to vlan provider network despite having
the "ovn_distribute
as there is an OVN bug [1] making it not work as expected.
Note setting this to true has implications as the traffic will be
centrallized (but not tunneled) through the node with the gateway
port.
The expected behavior of this flag, once [1] is fixed is:
- reside-
tunneled to the controller with the gateway port. Means it requires
extra MTU reduction to work.
- reside-
tunneled to the controller with the gateway port, but the traffic is
centralized through the controller with the gateway port. Thus it
does not require extra MTU reduction.
- reside-
configured: means the traffic is fully distributed and it is not being
tunneled, nor sent, through the controller with the gateway port. This
is the preferred option as it does not require MTU reduction and it
avoids the extra hop. However it is not working as expected, therefore
the fallback to set reside-
[1] https:/
Closes-Bug: #2003455
Change-Id: I662cb30c842e54
(cherry picked from commit acb809eea422f41
tags: | added: in-stable-wallaby |
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (master) | #13 |
Reviewed: https:/
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit 8e3bddbf8bc5296
Author: Luis Tomas Bolivar <email address hidden>
Date: Thu Mar 2 11:04:11 2023 +0100
Ensure vlan network traffic is not centralized
This patch partly reverts the workaround introduced at [1].
In patch [1] the reside-
networks to force centralized but not tunneled traffic for those
network. In this patch we are making use of the "redirect-type" flag
instead so that the traffic can be distributed and still not tunneled.
This flag needs to be set on the router gateway port (port connecting
the router to the external network) unlike the previous one that was set
on the router interface port (port connecting the (vlan) internal
network to the router). In this patch we are setting it on all ovn
gateway ports if DVR is enabled, as:
- It is needed for vlan (provider) network to have their traffic
distributed instead of tunneled to the controller where the cr-lrp is
associated
- It is not having any effect on the geneve tenant networks as it only
applies to network that has a localnet port associated to them.
[1] https:/
Closes-Bug: #2003455
Change-Id: Ia05416df88904e
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/zed) | #14 |
Fix proposed to branch: stable/zed
Review: https:/
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/yoga) | #15 |
Fix proposed to branch: stable/yoga
Review: https:/
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/xena) | #16 |
Fix proposed to branch: stable/xena
Review: https:/
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/wallaby) | #17 |
Fix proposed to branch: stable/wallaby
Review: https:/
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/2023.1) | #18 |
Fix proposed to branch: stable/2023.1
Review: https:/
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/2023.1) | #19 |
Reviewed: https:/
Committed: https:/
Submitter: "Zuul (22348)"
Branch: stable/2023.1
commit 15053cae8461a83
Author: Luis Tomas Bolivar <email address hidden>
Date: Thu Mar 2 11:04:11 2023 +0100
Ensure vlan network traffic is not centralized
This patch partly reverts the workaround introduced at [1].
In patch [1] the reside-
networks to force centralized but not tunneled traffic for those
network. In this patch we are making use of the "redirect-type" flag
instead so that the traffic can be distributed and still not tunneled.
This flag needs to be set on the router gateway port (port connecting
the router to the external network) unlike the previous one that was set
on the router interface port (port connecting the (vlan) internal
network to the router). In this patch we are setting it on all ovn
gateway ports if DVR is enabled, as:
- It is needed for vlan (provider) network to have their traffic
distributed instead of tunneled to the controller where the cr-lrp is
associated
- It is not having any effect on the geneve tenant networks as it only
applies to network that has a localnet port associated to them.
[1] https:/
Closes-Bug: #2003455
Change-Id: Ia05416df88904e
(cherry picked from commit 8e3bddbf8bc5296
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/yoga) | #20 |
Reviewed: https:/
Committed: https:/
Submitter: "Zuul (22348)"
Branch: stable/yoga
commit f83a97dea21c4d6
Author: Luis Tomas Bolivar <email address hidden>
Date: Thu Mar 2 11:04:11 2023 +0100
Ensure vlan network traffic is not centralized
This patch partly reverts the workaround introduced at [1].
In patch [1] the reside-
networks to force centralized but not tunneled traffic for those
network. In this patch we are making use of the "redirect-type" flag
instead so that the traffic can be distributed and still not tunneled.
This flag needs to be set on the router gateway port (port connecting
the router to the external network) unlike the previous one that was set
on the router interface port (port connecting the (vlan) internal
network to the router). In this patch we are setting it on all ovn
gateway ports if DVR is enabled, as:
- It is needed for vlan (provider) network to have their traffic
distributed instead of tunneled to the controller where the cr-lrp is
associated
- It is not having any effect on the geneve tenant networks as it only
applies to network that has a localnet port associated to them.
[1] https:/
Closes-Bug: #2003455
Change-Id: Ia05416df88904e
(cherry picked from commit 8e3bddbf8bc5296
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/xena) | #21 |
Reviewed: https:/
Committed: https:/
Submitter: "Zuul (22348)"
Branch: stable/xena
commit fe0ffa1a2ea1478
Author: Luis Tomas Bolivar <email address hidden>
Date: Thu Mar 2 11:04:11 2023 +0100
Ensure vlan network traffic is not centralized
This patch partly reverts the workaround introduced at [1].
In patch [1] the reside-
networks to force centralized but not tunneled traffic for those
network. In this patch we are making use of the "redirect-type" flag
instead so that the traffic can be distributed and still not tunneled.
This flag needs to be set on the router gateway port (port connecting
the router to the external network) unlike the previous one that was set
on the router interface port (port connecting the (vlan) internal
network to the router). In this patch we are setting it on all ovn
gateway ports if DVR is enabled, as:
- It is needed for vlan (provider) network to have their traffic
distributed instead of tunneled to the controller where the cr-lrp is
associated
- It is not having any effect on the geneve tenant networks as it only
applies to network that has a localnet port associated to them.
[1] https:/
Closes-Bug: #2003455
Change-Id: Ia05416df88904e
(cherry picked from commit 8e3bddbf8bc5296
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/wallaby) | #22 |
Reviewed: https:/
Committed: https:/
Submitter: "Zuul (22348)"
Branch: stable/wallaby
commit 786d89fee0dca29
Author: Luis Tomas Bolivar <email address hidden>
Date: Thu Mar 2 11:04:11 2023 +0100
Ensure vlan network traffic is not centralized
This patch partly reverts the workaround introduced at [1].
In patch [1] the reside-
networks to force centralized but not tunneled traffic for those
network. In this patch we are making use of the "redirect-type" flag
instead so that the traffic can be distributed and still not tunneled.
This flag needs to be set on the router gateway port (port connecting
the router to the external network) unlike the previous one that was set
on the router interface port (port connecting the (vlan) internal
network to the router). In this patch we are setting it on all ovn
gateway ports if DVR is enabled, as:
- It is needed for vlan (provider) network to have their traffic
distributed instead of tunneled to the controller where the cr-lrp is
associated
- It is not having any effect on the geneve tenant networks as it only
applies to network that has a localnet port associated to them.
[1] https:/
Closes-Bug: #2003455
Change-Id: Ia05416df88904e
(cherry picked from commit 8e3bddbf8bc5296
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 19.6.0 | #23 |
This issue was fixed in the openstack/neutron 19.6.0 release.
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 20.3.0 | #24 |
This issue was fixed in the openstack/neutron 20.3.0 release.
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/zed) | #25 |
Reviewed: https:/
Committed: https:/
Submitter: "Zuul (22348)"
Branch: stable/zed
commit a415bb4c98fa0a7
Author: Luis Tomas Bolivar <email address hidden>
Date: Thu Mar 2 11:04:11 2023 +0100
Ensure vlan network traffic is not centralized
This patch partly reverts the workaround introduced at [1].
In patch [1] the reside-
networks to force centralized but not tunneled traffic for those
network. In this patch we are making use of the "redirect-type" flag
instead so that the traffic can be distributed and still not tunneled.
This flag needs to be set on the router gateway port (port connecting
the router to the external network) unlike the previous one that was set
on the router interface port (port connecting the (vlan) internal
network to the router). In this patch we are setting it on all ovn
gateway ports if DVR is enabled, as:
- It is needed for vlan (provider) network to have their traffic
distributed instead of tunneled to the controller where the cr-lrp is
associated
- It is not having any effect on the geneve tenant networks as it only
applies to network that has a localnet port associated to them.
[1] https:/
Closes-Bug: #2003455
Change-Id: Ia05416df88904e
(cherry picked from commit 8e3bddbf8bc5296
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 21.1.0 | #26 |
This issue was fixed in the openstack/neutron 21.1.0 release.
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 22.0.0.0rc2 | #27 |
This issue was fixed in the openstack/neutron 22.0.0.0rc2 release candidate.
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 19.7.0 | #28 |
This issue was fixed in the openstack/neutron 19.7.0 release.
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 23.0.0.0b2 | #29 |
This issue was fixed in the openstack/neutron 23.0.0.0b2 development milestone.
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 21.1.1 | #30 |
This issue was fixed in the openstack/neutron 21.1.1 release.
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 20.3.1 | #31 |
This issue was fixed in the openstack/neutron 20.3.1 release.
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron wallaby-eom | #32 |
This issue was fixed in the openstack/neutron wallaby-eom release.
Fix proposed to branch: master /review. opendev. org/c/openstack /neutron/ +/871252
Review: https:/