On Fri, Dec 30, 2016 at 5:36 PM, Dong Jun <[email protected]> wrote: > Start devstack in one node(master code). > > (10.0.0.7)vm --- (10.0.0.1)dr(169.254.128.2) --- > (169.254.128.1)ogr(172.24.4.10) --- (172.24.4.1)br-ex > (fip 172.24.4.7) > > $ ip addr show eth0 > 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1442 qdisc pfifo_fast qlen > 1000 > inet 10.0.0.7/26 brd 10.0.0.63 scope global eth0 > *ping from 10.0.0.7 to 172.24.4.1 FAILED,HELP is greatly appreciated** > * $ ping 172.24.4.1 > PING 172.24.4.1 (172.24.4.1): 56 data bytes > ^C > --- 172.24.4.1 ping statistics --- > 5 packets transmitted, 0 packets received, 100% packet loss > > Other OK > ping from vm to 172.24.4.11 and another vm'fip are OK > $ ping 172.24.4.10 > PING 172.24.4.10 (172.24.4.10): 56 data bytes > 64 bytes from 172.24.4.10: seq=0 ttl=253 time=0.822 ms > $ ping 172.24.4.8 > PING 172.24.4.8 (172.24.4.8): 56 data bytes > 64 bytes from 172.24.4.8: seq=0 ttl=61 time=1.163 ms > ping from 172.24.4.1 to 172.24.4.7 is OK > root@c3:/opt/stack# ping 172.24.4.7 > PING 172.24.4.7 (172.24.4.7) 56(84) bytes of data. > 64 bytes from 172.24.4.7: icmp_seq=1 ttl=62 time=0.903 ms > > > Here is the right conntrack from 172.24.1 to 172.24.4.7 > root@c3:/opt/stack# conntrack -LN | grep icmp > icmp 1 29 src=172.24.4.1 dst=10.0.0.7 type=8 code=0 id=11779 > src=10.0.0.7 dst=172.24.4.1 type=0 code=0 id=11779 mark=0 zone=9 use=1 > conntrack v1.4.3 (conntrack-tools): 205 flow entries have been shown. > icmp 1 29 src=172.24.4.1 dst=172.24.4.7 type=8 code=0 id=11779 > src=10.0.0.7 dst=172.24.4.1 type=0 code=0 id=11779 mark=0 zone=4 use=1 > icmp 1 29 src=172.24.4.1 dst=172.24.4.7 type=8 code=0 id=11779 > src=172.24.4.7 dst=172.24.4.1 type=0 code=0 id=11779 mark=0 use=1 > > *HERE IS some info for this issue ping from 10.0.0.7 to 172.24.4.1 > * > root@c3:/opt/stack# conntrack -LN | grep icmp > conntrack v1.4.3 (conntrack-tools): 220 flow entries have been shown. > icmp 1 29 src=10.0.0.7 dst=172.24.4.1 type=8 code=0 id=32513 > src=172.24.4.1 dst=172.24.4.7 type=0 code=0 id=32513 mark=0 zone=3 use=1 > icmp 1 29 src=10.0.0.7 dst=172.24.4.1 type=8 code=0 id=32513 > [UNREPLIED] src=172.24.4.1 dst=10.0.0.7 type=0 code=0 id=32513 mark=0 > zone=9 use=1 > icmp 1 29 src=172.24.4.7 dst=172.24.4.1 type=8 code=0 id=32513 > src=172.24.4.1 dst=172.24.4.7 type=0 code=0 id=32513 mark=0 use=1 > > root@c3:/opt/stack# ovs-appctl -t > /usr/local/var/run/openvswitch/ovn-controller.30677.ctl > ct-zone-list > ee2f5eb8-60cd-4efa-94b5-0329ebe5fb25 8 > f499ea31-da2c-4673-8313-efdf22f86308_dnat 6 > f499ea31-da2c-4673-8313-efdf22f86308_snat 7 > provnet-ca213de8-a0e1-4899-8fcf-4a894c876b80 5 > 417b4dfe-b64a-45fb-952b-9ddea624ae13 9 > 70ef5a38-7fde-477a-a437-0349d56adcf0_snat 3 > 94428e19-4bd0-4eb8-b77a-bcab69539a31_dnat 2 > 94428e19-4bd0-4eb8-b77a-bcab69539a31_snat 1 > 70ef5a38-7fde-477a-a437-0349d56adcf0_dnat 4 > > root@c3:/opt/stack# ovs-dpctl dump-flows | grep 172 > recirc_id(0x84),dp_hash(0),skb_priority(0),in_port(4),skb_ > mark(0),ct_state(+new-est-rel-rpl-inv+trk-snat-dnat),ct_zone > (0x4),ct_mark(0),ct_label(0),eth(src=fa:16:3e:1f:ab:18,dst= > fa:16:3e:cf:28:38),eth_type(0x0800),ipv4(src=10.0.0.7,dst= > 172.24.4.1,proto=1,tos=0,ttl=63,frag=no),icmp(type=8,code=0), > packets:141, bytes:13818, used:0.296s, actions:set(eth(src=fa:16:3e:5 > 6:55:b0,dst=9e:eb:2d:f1:8e:42)),set(ipv4(src=10.0.0.7,dst= > 172.24.4.1,ttl=62)),ct(commit,zone=3,nat(src=172.24.4.7)),recirc(0x85) > recirc_id(0),dp_hash(0),skb_priority(0),in_port(2),skb_mark( > 0),ct_state(-new+est-rel+rpl-inv+trk-snat-dnat),ct_zone(0), > ct_mark(0),ct_label(0),eth(src=9e:eb:2d:f1:8e:42,dst=fa: > 16:3e:56:55:b0),eth_type(0x0800),ipv4(src=172.24.4.1, > dst=172.24.4.7,proto=1,tos=0,ttl=64,frag=no),icmp(type=0,code=0), > packets:141, bytes:13818, used:0.296s, actions:ct(zone=3,nat),ct(comm > it,zone=4,nat(dst=10.0.0.7)),recirc(0x7e) > recirc_id(0x82),dp_hash(0),skb_priority(0),in_port(4),skb_ > mark(0),ct_state(+new-est-rel-rpl-inv+trk-snat-dnat),ct_zone > (0x9),ct_mark(0),ct_label(0),eth(src=fa:16:3e:ba:a1:3b,dst= > fa:16:3e:b0:15:8d),eth_type(0x0800),ipv4(src=10.0.0.7,dst= > 172.24.4.1,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0), > packets:141, bytes:13818, used:0.296s, actions:ct(commit,zone=9,label > =0/0x1),ct(commit,zone=9,label=0/0x1),set(eth(src=fa:16:3e: > 1f:ab:18,dst=fa:16:3e:cf:28:38)),set(ipv4(src=10.0.0.7,dst= > 172.24.4.0/255.255.255.252,ttl=63)),ct(zone=4,nat),recirc(0x84) > recirc_id(0x85),dp_hash(0),skb_priority(0),in_port(4),skb_ > mark(0),ct_state(-new+est-rel-rpl-inv+trk+snat-dnat),ct_zone > (0x3),ct_mark(0),ct_label(0),eth(src=fa:16:3e:56:55:b0,dst= > 9e:eb:2d:f1:8e:42),eth_type(0x0800),ipv4(src=172.24.4.7, > dst=172.24.4.1,proto=1,tos=0,ttl=62,frag=no),icmp(type=8,code=0), > packets:139, bytes:13622, used:0.296s, actions:2 > recirc_id(0x7e),dp_hash(0),skb_priority(0),in_port(2),skb_ > mark(0),ct_state(-new-est-rel-rpl+inv+trk-snat-dnat),ct_zone > (0x4),ct_mark(0),ct_label(0),eth(src=9e:eb:2d:f1:8e:42,dst= > fa:16:3e:56:55:b0),eth_type(0x0800),ipv4(src=172.24.4.1, > dst=10.0.0.7,proto=1,tos=0,ttl=64,frag=no),icmp(type=0,code=0), > packets:141, bytes:13818, used:0.296s, actions:drop > recirc_id(0),dp_hash(0),skb_priority(0),in_port(4),skb_mark( > 0),ct_state(-new-est-rel-rpl-inv-trk-snat-dnat),ct_zone(0), > ct_mark(0),ct_label(0),eth(src=fa:16:3e:ba:a1:3b,dst=fa: > 16:3e:b0:15:8d),eth_type(0x0800),ipv4(src=10.0.0.7,dst= > 172.24.4.1,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0), > packets:141, bytes:13818, used:0.296s, actions:ct(zone=9),recirc(0x82) > > root@c3:/opt/stack# ovs-vsctl show > d5c83627-1a91-44d1-a792-47e2eea8053f > Bridge br-int > fail_mode: secure > Port "tap417b4dfe-b6" > Interface "tap417b4dfe-b6" > Port br-int > Interface br-int > type: internal > Port "patch-br-int-to-provnet-ca213de8-a0e1-4899-8fcf-4a894c876b8 > 0" > Interface "patch-br-int-to-provnet-ca213 > de8-a0e1-4899-8fcf-4a894c876b80" > type: patch > options: {peer="patch-provnet-ca213de8- > a0e1-4899-8fcf-4a894c876b80-to-br-int"} > Port "tapee2f5eb8-60" > Interface "tapee2f5eb8-60" > Bridge br-ex > Port br-ex > Interface br-ex > type: internal > Port "patch-provnet-ca213de8-a0e1-4899-8fcf-4a894c876b80-to-br-in > t" > Interface "patch-provnet-ca213de8-a0e1-4 > 899-8fcf-4a894c876b80-to-br-int" > type: patch > options: {peer="patch-br-int-to-provnet > -ca213de8-a0e1-4899-8fcf-4a894c876b80"} > > root@c3:/opt/stack# ovsdb-client dump unix:/usr/local/var/run/openvs > witch/ovnnb_db.sock > ACL table > _uuid action direction > external_ids log match > > priority > ------------------------------------ ------------- ---------- > -------------------------------------------------------- ----- > ------------------------------------------------------------ > ------------------------------------------------------------------- > -------- > c3b16e8a-1f8a-4a00-8d2e-0931132a681d allow-related from-lport > {"neutron:lport"="417b4dfe-b64a-45fb-952b-9ddea624ae13"} false "inport == > \"417b4dfe-b64a-45fb-952b-9ddea624ae13\" && ip4" > 1002 > 6a23e6c2-ab5a-46f5-8d1b-ffa893d9ad18 allow-related from-lport > {"neutron:lport"="417b4dfe-b64a-45fb-952b-9ddea624ae13"} false "inport == > \"417b4dfe-b64a-45fb-952b-9ddea624ae13\" && ip6" > 1002 > 3cdaeaae-47d7-4990-814a-33c9a55eb0a1 allow-related from-lport > {"neutron:lport"="ee2f5eb8-60cd-4efa-94b5-0329ebe5fb25"} false "inport == > \"ee2f5eb8-60cd-4efa-94b5-0329ebe5fb25\" && ip4" > 1002 > c08d95fa-f5b8-4443-859b-e40f311aba25 allow-related from-lport > {"neutron:lport"="ee2f5eb8-60cd-4efa-94b5-0329ebe5fb25"} false "inport == > \"ee2f5eb8-60cd-4efa-94b5-0329ebe5fb25\" && ip6" > 1002 > f2bfe8c6-bdcd-4fc8-aa71-e36989fb3a42 allow-related to-lport > {"neutron:lport"="417b4dfe-b64a-45fb-952b-9ddea624ae13"} false "outport > == \"417b4dfe-b64a-45fb-952b-9ddea624ae13\" && ip4 && ip4.src == > $as_ip4_a480bf62_4b85_4d67_9459_39060c48cca2" 1002 > c3bd4323-5de1-44b3-8658-bd0539ac3723 allow-related to-lport > {"neutron:lport"="417b4dfe-b64a-45fb-952b-9ddea624ae13"} false "outport > == \"417b4dfe-b64a-45fb-952b-9ddea624ae13\" && ip4 && ip4.src == 0.0.0.0/0 > && icmp4" 1002 > 9c0950db-971f-4468-8b29-0b9315cc0c7e allow-related to-lport > {"neutron:lport"="417b4dfe-b64a-45fb-952b-9ddea624ae13"} false "outport > == \"417b4dfe-b64a-45fb-952b-9ddea624ae13\" && ip4 && ip4.src == 0.0.0.0/0 > && tcp && tcp.dst >= 1 && tcp.dst <= 65535" 1002 > 69be5cb5-c13f-4aa6-9cbc-2c91cc8fe656 allow-related to-lport > {"neutron:lport"="417b4dfe-b64a-45fb-952b-9ddea624ae13"} false "outport > == \"417b4dfe-b64a-45fb-952b-9ddea624ae13\" && ip6 && ip6.src == > $as_ip6_a480bf62_4b85_4d67_9459_39060c48cca2" 1002 > fa09771a-f84e-417f-aa58-04f15f00274d allow-related to-lport > {"neutron:lport"="ee2f5eb8-60cd-4efa-94b5-0329ebe5fb25"} false "outport > == \"ee2f5eb8-60cd-4efa-94b5-0329ebe5fb25\" && ip4 && ip4.src == > $as_ip4_a480bf62_4b85_4d67_9459_39060c48cca2" 1002 > 3a74a61d-5688-401f-9b9f-6b446fc0b2fa allow-related to-lport > {"neutron:lport"="ee2f5eb8-60cd-4efa-94b5-0329ebe5fb25"} false "outport > == \"ee2f5eb8-60cd-4efa-94b5-0329ebe5fb25\" && ip4 && ip4.src == 0.0.0.0/0 > && icmp4" 1002 > 008d3737-7cb8-449d-a789-cb63a861f2c2 allow-related to-lport > {"neutron:lport"="ee2f5eb8-60cd-4efa-94b5-0329ebe5fb25"} false "outport > == \"ee2f5eb8-60cd-4efa-94b5-0329ebe5fb25\" && ip4 && ip4.src == 0.0.0.0/0 > && tcp && tcp.dst >= 1 && tcp.dst <= 65535" 1002 > 83992f0a-b346-4208-a8f3-065b4698a4b7 allow-related to-lport > {"neutron:lport"="ee2f5eb8-60cd-4efa-94b5-0329ebe5fb25"} false "outport > == \"ee2f5eb8-60cd-4efa-94b5-0329ebe5fb25\" && ip6 && ip6.src == > $as_ip6_a480bf62_4b85_4d67_9459_39060c48cca2" 1002 > 7636befd-5cbd-48a9-a019-0a98d2718848 drop from-lport > {"neutron:lport"="417b4dfe-b64a-45fb-952b-9ddea624ae13"} false "inport == > \"417b4dfe-b64a-45fb-952b-9ddea624ae13\" && ip" > 1001 > 47b222eb-7509-4850-abb6-75f934235cc8 drop from-lport > {"neutron:lport"="ee2f5eb8-60cd-4efa-94b5-0329ebe5fb25"} false "inport == > \"ee2f5eb8-60cd-4efa-94b5-0329ebe5fb25\" && ip" > 1001 > 03103d0d-ccec-42ef-97d1-9803339ff606 drop to-lport > {"neutron:lport"="417b4dfe-b64a-45fb-952b-9ddea624ae13"} false "outport > == \"417b4dfe-b64a-45fb-952b-9ddea624ae13\" && ip" > 1001 > c8f84aff-89f7-4264-b792-20c42d7970c6 drop to-lport > {"neutron:lport"="ee2f5eb8-60cd-4efa-94b5-0329ebe5fb25"} false "outport > == \"ee2f5eb8-60cd-4efa-94b5-0329ebe5fb25\" && ip" > 1001 > > Address_Set table > _uuid addresses > external_ids name > ------------------------------------ > ------------------------------------------ > --------------------------------------- ------------------------------ > --------------- > 8fc2c3cf-9c10-43d5-af3f-9a47a93d5711 [] > {"neutron:security_group_name"=default} > "as_ip4_3bd3768d_cf16_4437_a919_a5966f1b417c" > 677b634c-51a5-4b46-9d22-d085ea919794 [] > {"neutron:security_group_name"=default} > "as_ip4_6cd5bd39_10b2_4e3e_887f_c080c9817730" > 3d39b290-416d-4094-8d16-cc6063afca0d [] > {"neutron:security_group_name"=default} > "as_ip4_ff3bdb81_ff2e_4c8c_aca1_26b97361d045" > dcb53ed1-dca8-4ed5-a79c-5127a965f55d [] > {"neutron:security_group_name"=default} > "as_ip6_3bd3768d_cf16_4437_a919_a5966f1b417c" > 719ed657-386f-4fe0-8c81-f34a1b061f74 [] > {"neutron:security_group_name"=default} > "as_ip6_6cd5bd39_10b2_4e3e_887f_c080c9817730" > ed1002a6-33e4-40e3-8d19-496196636864 [] > {"neutron:security_group_name"=default} > "as_ip6_ff3bdb81_ff2e_4c8c_aca1_26b97361d045" > 6144fe00-b1da-4f54-b2a9-ea998fbe4a30 ["10.0.0.10", "10.0.0.7"] > {"neutron:security_group_name"=default} > "as_ip4_a480bf62_4b85_4d67_9459_39060c48cca2" > 153c9c49-fe5e-4dfe-b7ff-4500ab223e4e ["fd4a:42d2:eff0::5", > "fd4a:42d2:eff0::7"] {"neutron:security_group_name"=default} > "as_ip6_a480bf62_4b85_4d67_9459_39060c48cca2" > > Connection table > _uuid external_ids inactivity_probe is_connected max_backoff other_config > status target > ----- ------------ ---------------- ------------ ----------- ------------ > ------ ------ > > DHCP_Options table > _uuid cidr external_ids > options > ------------------------------------ --------------------- > -------------------------------------------------- > ------------------------------------------------------------ > --------------------------------------------- > 0136a38d-79e4-4e70-a78d-9d5fb9aa7bee "10.0.0.0/26" > {subnet_id="bc68b8af-78fd-4151-b7d0-7b4c2d3c2a3f"} {lease_time="43200", > mtu="1442", router="10.0.0.1", server_id="10.0.0.1", > server_mac="fa:16:3e:2e:84:8e"} > c446d776-520c-4c9d-b8cc-990c219b3c6e "fd4a:42d2:eff0::/64" > {subnet_id="96bc6dda-300f-424f-85ec-c2e61db93da2"} > {server_id="fa:16:3e:48:56:67"} > > Load_Balancer table > _uuid external_ids name protocol vips > ----- ------------ ---- -------- ---- > > Logical_Router table > _uuid enabled external_ids > load_balancer name nat > > options > ports > static_routes > ------------------------------------ ------- > --------------------------------- ------------- > ---------------------------------------------- > ------------------------------------------------------------ > ------------------------------------------------------ > ------------------------------------------------ > ------------------------------------------------------------ > ------------------------------------------------------ > ------------------------------------------------------------ > ---------------- > bc0e338f-692f-4f9d-b5e1-070d60065213 true > {"neutron:router_name"="router1"} [] > "neutron-26d2fa19-0bb8-42c3-9029-fd639f7ba5d5" [] > > {} > [3c633844-eea0-4430-ba45-f32e1d3b2634, 76abbe7c-8c44-4923-bffe-8bd38d4b2aff, > f8fc2b7c-e13c-4449-9caf-058cbb8715f0] [92ad7d52-8efb-4486-bf95-0d6d25f1c11c] > > c26f8ca9-b7ed-46c7-b181-39f6505c7b05 true > {"neutron:router_name"="router1"} [] > "ogr-26d2fa19-0bb8-42c3-9029-fd639f7ba5d5" > [348b880c-ce4a-4b32-a235-37f867b0aec5, 468231a3-bc2c-4394-b191-4abffa7d18ca, > 6865c238-64d6-43a6-8e70-38b5c6ad8958] > {chassis="544b3857-2c60-4f63-b72f-3a46021cc71c"} > [882581e3-8540-4440-bed4-91c4d918c157, cb5c0c3c-c479-4f59-b2a1-302328ac708e] > [03bbf7c3-4915-44f1-adbf-389037b8f458, > db694750-58f1-4e43-8c64-9e457222e09d] > > Logical_Router_Port table > _uuid enabled external_ids mac > name networks > peer > ------------------------------------ ------- ------------ > ------------------- ----------------------------------------------- > ------------------------------------ ---- > f8fc2b7c-e13c-4449-9caf-058cbb8715f0 [] {} > "fa:16:3e:1f:ab:18" "lrp-dtsp-26d2fa19-0bb8-42c3-9029-fd639f7ba5d5" [" > 169.254.128.2/30"] [] > cb5c0c3c-c479-4f59-b2a1-302328ac708e [] {} > "fa:16:3e:56:55:b0" "lrp-7f0f78d1-3e5e-451d-915f-6e974b15ed70" [" > 172.24.4.10/24", "2001:db8::6/64"] [] > 76abbe7c-8c44-4923-bffe-8bd38d4b2aff [] {} > "fa:16:3e:97:14:0a" "lrp-c475a54d-4773-47f9-8a19-2c375e27b47a" > ["fd4a:42d2:eff0::1/64"] [] > 3c633844-eea0-4430-ba45-f32e1d3b2634 [] {} > "fa:16:3e:b0:15:8d" "lrp-00006956-65de-4703-a605-1a6a6df14ddf" [" > 10.0.0.1/26"] [] > 882581e3-8540-4440-bed4-91c4d918c157 [] {} > "fa:16:3e:cf:28:38" "lrp-gtsp-26d2fa19-0bb8-42c3-9029-fd639f7ba5d5" [" > 169.254.128.1/30"] [] > > Logical_Router_Static_Route table > _uuid ip_prefix nexthop > output_port policy > ------------------------------------ ------------- --------------- > ----------- ------ > 92ad7d52-8efb-4486-bf95-0d6d25f1c11c "0.0.0.0/0" "169.254.128.1" [] > [] > 03bbf7c3-4915-44f1-adbf-389037b8f458 "0.0.0.0/0" "172.24.4.1" [] > [] > db694750-58f1-4e43-8c64-9e457222e09d "10.0.0.0/26" "169.254.128.2" [] > [] > > Logical_Switch table > _uuid acls > > > > > > > > external_ids > load_balancer name > other_config ports > > qos_rules > ------------------------------------ ------------------------------ > ------------------------------------------------------------ > ------------------------------------------------------------ > ------------------------------------------------------------ > ------------------------------------------------------------ > ------------------------------------------------------------ > ------------------------------------------------------------ > ------------------------------------------------------------ > ------------------------------------------------------------ > ------------------------------------------------------------ > -------------------------------------- > ----------------------------------------------- > ------------- ---------------------------------------------- ------------ > ------------------------------------------------------------ > ------------------------------------------------------------ > -------------------------------- --------- > 66f274f0-00e2-4c53-8260-8e68000b2ddc [] > > > > > > > > {} > [] "otls-26d2fa19-0bb8-42c3-9029-fd639f7ba5d5" > {} [102f55b0-289b-47c3-99e4-ea418be7201f, > 77c4d637-ffa2-437f-85fe-f499567cb112] > [] > be1ded27-b01e-4ce9-a4ee-d1e28f826b77 [] > > > > > > > > > {"neutron:network_name"="OVN_L3_ADMIN_NETWORK"} > [] "neutron-a68e8633-61a9-422d-bcb6-16756ce64982" {} > [747a51a6-f685-40b2-8296-c465785bf900, ce2d6962-c05d-4cdc-bd8b-980b23b76d0c] > > [] > 947e40c3-b964-43ea-951c-195610823e2f [008d3737-7cb8-449d-a789-cb63a861f2c2, > 03103d0d-ccec-42ef-97d1-9803339ff606, 3a74a61d-5688-401f-9b9f-6b446fc0b2fa, > 3cdaeaae-47d7-4990-814a-33c9a55eb0a1, 47b222eb-7509-4850-abb6-75f934235cc8, > 69be5cb5-c13f-4aa6-9cbc-2c91cc8fe656, 6a23e6c2-ab5a-46f5-8d1b-ffa893d9ad18, > 7636befd-5cbd-48a9-a019-0a98d2718848, 83992f0a-b346-4208-a8f3-065b4698a4b7, > 9c0950db-971f-4468-8b29-0b9315cc0c7e, c08d95fa-f5b8-4443-859b-e40f311aba25, > c3b16e8a-1f8a-4a00-8d2e-0931132a681d, c3bd4323-5de1-44b3-8658-bd0539ac3723, > c8f84aff-89f7-4264-b792-20c42d7970c6, f2bfe8c6-bdcd-4fc8-aa71-e36989fb3a42, > fa09771a-f84e-417f-aa58-04f15f00274d] {"neutron:network_name"=private} > [] "neutron-ee7092cb-0347-4682-b939-bc8e96aecf10" > {} [744c8c84-d329-4dc5-96bc-b93d1e2632e3, > a6b2425c-72c0-4548-a1e3-167679515856, ab967e01-99e8-4b8d-9cb5-40df242d4b13, > e6207220-e021-4255-b24e-9ddc6ed4e122] [] > 4943c9c3-1719-4a09-ad5f-8ebe1dc7cbdd [] > > > > > > > > {"neutron:network_name"=public} > [] "neutron-ca213de8-a0e1-4899-8fcf-4a894c876b80" > {} [01800fb3-fb84-40d4-9f1e-ab39b4068ef7, > 17932ccd-a40d-45bd-b982-d6526a07ddee] > [] > > Logical_Switch_Port table > _uuid addresses > dhcpv4_options dhcpv6_options > dynamic_addresses enabled external_ids name > options > > parent_name port_security tag > tag_request type up > ------------------------------------ > ------------------------------------------------- > ------------------------------------ ------------------------------------ > ----------------- ------- -------------------------- > ---------------------------------------------- > ------------------------------------------------------------ > ----------------------------------------------------------------- > ----------- ------------------------------------------------- --- > ----------- -------- ----- > 102f55b0-289b-47c3-99e4-ea418be7201f ["fa:16:3e:1f:ab:18 169.254.128.2"] > [] [] > [] [] {} > "dtsp-26d2fa19-0bb8-42c3-9029-fd639f7ba5d5" > {router-port="lrp-dtsp-26d2fa19-0bb8-42c3-9029-fd639f7ba5d5"} > [] [] > [] [] router false > 747a51a6-f685-40b2-8296-c465785bf900 ["fa:16:3e:1f:ab:18 169.254.128.2"] > [] [] > [] false {"neutron:port_name"=DTSP} > "4d41c15f-6362-4605-aa57-e56b945e3ff0" {} > > [] [] > [] [] "" false > a6b2425c-72c0-4548-a1e3-167679515856 ["fa:16:3e:29:ad:a1 10.0.0.10 > fd4a:42d2:eff0::7"] 0136a38d-79e4-4e70-a78d-9d5fb9aa7bee > c446d776-520c-4c9d-b8cc-990c219b3c6e [] true > {"neutron:port_name"=""} "ee2f5eb8-60cd-4efa-94b5-0329ebe5fb25" > {} > [] > ["fa:16:3e:29:ad:a1 10.0.0.10 fd4a:42d2:eff0::7"] [] [] "" > true > 17932ccd-a40d-45bd-b982-d6526a07ddee ["fa:16:3e:56:55:b0 172.24.4.10 > 2001:db8::6"] [] [] > [] true {"neutron:port_name"=""} > "7f0f78d1-3e5e-451d-915f-6e974b15ed70" > {nat-addresses="fa:16:3e:56:55:b0 172.24.4.10 172.24.4.8 172.24.4.7", > router-port="lrp-7f0f78d1-3e5e-451d-915f-6e974b15ed70"} [] [] > [] [] router true > 744c8c84-d329-4dc5-96bc-b93d1e2632e3 ["fa:16:3e:97:14:0a > fd4a:42d2:eff0::1"] [] [] > [] true > {"neutron:port_name"=""} "c475a54d-4773-47f9-8a19-2c375e27b47a" > {router-port="lrp-c475a54d-4773-47f9-8a19-2c375e27b47a"} > [] [] > [] [] router false > ab967e01-99e8-4b8d-9cb5-40df242d4b13 ["fa:16:3e:b0:15:8d 10.0.0.1"] > [] [] > [] true {"neutron:port_name"=""} > "00006956-65de-4703-a605-1a6a6df14ddf" > {router-port="lrp-00006956-65de-4703-a605-1a6a6df14ddf"} > [] [] > [] [] router false > e6207220-e021-4255-b24e-9ddc6ed4e122 ["fa:16:3e:ba:a1:3b 10.0.0.7 > fd4a:42d2:eff0::5"] 0136a38d-79e4-4e70-a78d-9d5fb9aa7bee > c446d776-520c-4c9d-b8cc-990c219b3c6e [] true > {"neutron:port_name"=""} "417b4dfe-b64a-45fb-952b-9ddea624ae13" > {} > [] > ["fa:16:3e:ba:a1:3b 10.0.0.7 fd4a:42d2:eff0::5"] [] [] "" > true > 77c4d637-ffa2-437f-85fe-f499567cb112 ["fa:16:3e:cf:28:38 169.254.128.1"] > [] [] > [] [] {} > "gtsp-26d2fa19-0bb8-42c3-9029-fd639f7ba5d5" > {router-port="lrp-gtsp-26d2fa19-0bb8-42c3-9029-fd639f7ba5d5"} > [] [] > [] [] router true > ce2d6962-c05d-4cdc-bd8b-980b23b76d0c ["fa:16:3e:cf:28:38 169.254.128.1"] > [] [] > [] false {"neutron:port_name"=GTSP} > "bde0c481-926e-4b47-8778-9ca6d9216b4a" {} > > [] [] > [] [] "" false > 01800fb3-fb84-40d4-9f1e-ab39b4068ef7 [unknown] > [] [] > [] [] {} > "provnet-ca213de8-a0e1-4899-8fcf-4a894c876b80" {network_name=public} > > [] [] > [] [] localnet false > > NAT table > _uuid external_ip logical_ip type > ------------------------------------ ------------- ------------- > ------------- > 348b880c-ce4a-4b32-a235-37f867b0aec5 "172.24.4.10" "10.0.0.0/26" snat > 468231a3-bc2c-4394-b191-4abffa7d18ca "172.24.4.7" "10.0.0.7" > dnat_and_snat > 6865c238-64d6-43a6-8e70-38b5c6ad8958 "172.24.4.8" "10.0.0.10" > dnat_and_snat > > NB_Global table > _uuid connections external_ids hv_cfg > nb_cfg sb_cfg ssl > ------------------------------------ ----------- ------------ ------ > ------ ------ --- > df90d1e5-5ed5-4c2a-9cf3-9e0492bdcefd [] {} 0 0 > 0 [] > > QoS table > _uuid action direction external_ids match priority > ----- ------ --------- ------------ ----- -------- > > SSL table > _uuid bootstrap_ca_cert ca_cert certificate external_ids private_key > ----- ----------------- ------- ----------- ------------ ----------- > >
Hi Dong Jun, I am also facing the same issue on my setup. These are the findings of my investigation so far Looks like this issue is seen after the commit https://github.com/openvswitch/ovs/commit/f1a8bd06d58f2c5312622fbaeacbc6ce7576e347 which removes the usage of patch ports and uses the clone action instead. I reverted to the commit just before it and SNAT/DNAT is working as expected. In my case, the gateway router is hosted on node 1 and the I am trying to reach a VM (192.168.0.5) hosted on node 2 using the external ip (10.2.7.105) associated with it. I could see that the node 1 is sending the packet to node 2 through the geneve tunnel, but it is dropped by node 2 flows. Below is the tcpdump of the packet ************************** 19:39:44.709907 IP 182.16.0.16.60069 > 182.16.0.15.geneve: Geneve, Flags [none], vni 0x1: IP nusiddiq.blr.redhat.com > 192.168.0.5: ICMP echo request, id 13240, seq 1, length 64 *************************** Below is the tcpdump of the packet with the ovn-controller (without the above commit) in the working case ************************** 19:41:56.783570 IP 182.16.0.12.29778 > 182.16.0.15.geneve: Geneve, Flags [C], vni 0x1, options [8 bytes]: IP nusiddiq.blr.redhat.com > 192.168.0.5: ICMP echo request, id 13308, seq 1, length 64 19:41:56.784270 IP 182.16.0.15.14539 > 182.16.0.12.geneve: Geneve, Flags [C], vni 0xf, options [8 bytes]: IP 192.168.0.5 > nusiddiq.blr.redhat.com: ICMP echo reply, id 13308, seq 1, length 64 ************************** The options data has - 00030005 From the packet, I could see that the packet from node 1 is missing the geneve option fields which has inport and outport keys. Thanks Numan > _______________________________________________ > dev mailing list > [email protected] > https://mail.openvswitch.org/mailman/listinfo/ovs-dev > _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
