ARP requests from ovnmeta namespaces are sent to physical interfaces of compute nodes
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| neutron |
Invalid
|
High
|
Unassigned | ||
Bug Description
ARP requests from the ovnmeta namespace are sent to the physical interfaces of the compute nodes, and then get into the arp tables of the network switches. Such requests come to the switches from each compute node and cause problems on the switches.
I have attached a file with packet captures from each interface, a list of flows from the required datapath, the output of ovs-vsctl and the output of the 'ip address' command from the ovnmeta namespace.
The cluster has 3 controllers on KVM virtual machines and 8 compute nodes on bare metal.
Version:
OpenStack Train
Rocky Linux 8.5, 4.18.0-
TripleO using the current-tripleo-rdo tag for containers and RPMs
Open vSwitch 2.15.0-94 on host (from RPM repository NFV)
OVN 2.12.0-10 in container
| Alexey Kashavkin (akashavkin) wrote | #1 |
| Changed in neutron: | |
| importance: | Undecided → High |
| summary: |
ARP requests from ovnmeta namespaces are sent to physical interfaces of - computing nodes + compute nodes |
| Alexey Kashavkin (akashavkin) wrote | #2 |
| Alexey Kashavkin (akashavkin) wrote | #3 |
| Changed in neutron: | |
| status: | New → Invalid |
I reinstalled the Open vSwitch RPM package on the compute node to version 2.12, to match the versions of OVN in the container and Open vSwtich in the OS of the compute node. But it didn't help. The Open vSwitch v2.12 package on the compute node was installed from the Delorean repository with the current-tripleo-rdo tag.
From the packet capture, I noticed that the ARP request comes out of the veth pair and goes to bond1.