[ovn] All traffic duplicates to tap-interfaces on the same provider network without port security enabled on the same compute node.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
New
|
Undecided
|
Unassigned |
Bug Description
It happens only with virtual machines in the same provider network without any security groups on their ports on the same compute node. Packets are not sending to virtual machines in this network on another compute nodes, but for such network in ovn-trace you can see that this packets must go to another compute into ports of the same network to, but it wasn't happening. (I didn't save output of trace, take my word for it.)
It independent by compute node or provider network. It might different provider network without port security enabled and different compute node. The main it happens as I wrote above when VMs in the same compute node and in the same network.
You can see all information in attachment file.
I use TripleO RDO Train version with tag for rpm packages and containers - current-
OVN 2.12.90 (DB Schema 5.16.0)
neutron-
openvswitch2.
Host OS is Rocky Linux 8.5
But I've seen it happen the same way on RHOSP 16.1 with OVN-2.13-20.06.1 and Neutron v15.1.1-
I recon it happens because of all version till OVN v21.03.0 unable to have special flows for learning mac and don't work with fdb table. I assume this commit fix this issue - https:/ /github. com/ovn- org/ovn/ commit/ dd94f1266ca4f3c 750bc59c474ea34 2ef3ff9983