Hi all,
I’ve tried to setup OVN interconnection with only two ovn-controller nodes
(each in separate AZ) and failed. Both nodes configured as is-interconn=“true”.
See chassis output below:
# ovn-sbctl list chassis
_uuid : a760ba28-e432-4c0a-93d1-51ae00a0cbb5
encaps : [2bc5e889-e7b7-466a-ae74-0c153e018965,
2ea0c375-ae7e-4ee6-a758-c006e54c3706]
external_ids : {datapath-type="",
iface-types="erspan,geneve,gre,internal,ip6erspan,ip6gre,lisp,patch,stt,system,tap,vxlan",
is-interconn="true", ovn-bridge-mappings="", ovn-chassis-mac-mappings="",
ovn-cms-options="", ovn-monitor-all="false"}
hostname : dev2.local
name : dev2
nb_cfg : 0
other_config : {datapath-type="",
iface-types="erspan,geneve,gre,internal,ip6erspan,ip6gre,lisp,patch,stt,system,tap,vxlan",
is-interconn="true", ovn-bridge-mappings="", ovn-chassis-mac-mappings="",
ovn-cms-options="", ovn-monitor-all="false"}
transport_zones : []
vtep_logical_switches: []
_uuid : 8995190d-e8a0-44af-a256-5a0762c4e1ab
encaps : [35c4459f-9888-49b2-96b8-cc496d293e83,
895e3c6e-81b9-4aca-92a0-d0c6df07c4a5]
external_ids : {is-remote="true"}
hostname : dev.local
name : dev1
nb_cfg : 0
other_config : {is-remote="true"}
transport_zones : []
vtep_logical_switches: []
Then I’ve created logical topology same as mentioned in ovn-ic tutorial
(https://docs.ovn.org/en/latest/tutorials/ovn-interconnection.html
<https://docs.ovn.org/en/latest/tutorials/ovn-interconnection.html>), I’ve
enabled routes advertisement and learning.
Now, when I run ping from VM in AZ1 to VM in AZ2, I see drop in ovs-dpctl:
# ovs-dpctl dump-flows | grep drop
recirc_id(0),tunnel(tun_id=0x10002ff0002,src=192.168.0.13,dst=192.168.0.7,flags(-df+csum+key)),in_port(5),ct_state(-new-est-rel-rpl-inv-trk),ct_label(0/0x1),eth(src=0a:00:3b:ef:7e:e1,dst=00:00:00:00:00:00/01:00:00:00:00:00),eth_type(0x0800),ipv4(frag=no),
packets:8712, bytes:853776, used:0.705s, actions:drop
ovn-detrace for this flow:
ovs-appctl ofproto/trace
"recirc_id(0),tunnel(ttl=64,tun_id=0x10002ff0002,src=192.168.0.13,dst=192.168.0.7,flags(-df+csum+key)),in_port(5),ct_state(-new-est-rel-rpl-inv-trk),ct_label(0/0x1),eth(src=0a:00:3b:ef:7e:e1,dst=00:00:00:00:00:00/01:00:00:00:00:00),eth_type(0x0800),ipv4(frag=no)"
| ovn-detrace
Flow:
ip,tun_id=0x10002ff0002,tun_src=192.168.0.13,tun_dst=192.168.0.7,tun_ipv6_src=::,tun_ipv6_dst=::,tun_gbp_id=0,tun_gbp_flags=0,tun_tos=0,tun_ttl=64,tun_erspan_ver=0,tun_flags=csum|key,in_port=1,vlan_tci=0x0000,dl_src=0a:00:3b:ef:7e:e1,dl_dst=00:00:00:00:00:00,nw_src=0.0.0.0,nw_dst=0.0.0.0,nw_proto=0,nw_tos=0,nw_ecn=0,nw_ttl=0
bridge("br-int")
----------------
0. in_port=1, priority 100
move:NXM_NX_TUN_ID[40..54]->NXM_NX_REG14[0..14]
-> NXM_NX_REG14[0..14] is now 0x1
move:NXM_NX_TUN_ID[24..39]->NXM_NX_REG15[0..15]
-> NXM_NX_REG15[0..15] is now 0x2
move:NXM_NX_TUN_ID[0..23]->OXM_OF_METADATA[0..23]
-> OXM_OF_METADATA[0..23] is now 0xff0002
resubmit(,33)
33. reg15=0x2,metadata=0xff0002, priority 100
set_field:0xe->reg11
set_field:0xd->reg12
resubmit(,34)
34. priority 0
set_field:0->reg0
set_field:0->reg1
set_field:0->reg2
set_field:0->reg3
set_field:0->reg4
set_field:0->reg5
set_field:0->reg6
set_field:0->reg7
set_field:0->reg8
set_field:0->reg9
resubmit(,40)
40. metadata=0xff0002, priority 0, cookie 0xe26da94c
resubmit(,41)
* Logical datapath: "vpc-DDB30485-global"
(b73400bb-28e2-4335-a7cf-dc35a4879841) [egress]
* Logical flow: table=0 (ls_out_pre_lb), priority=0, match=(1),
actions=(next;)
41. metadata=0xff0002, priority 0, cookie 0xe995fbea
resubmit(,42)
* Logical datapath: "vpc-DDB30485-global"
(b73400bb-28e2-4335-a7cf-dc35a4879841) [egress]
* Logical flow: table=1 (ls_out_pre_acl), priority=0, match=(1),
actions=(next;)
42. metadata=0xff0002, priority 0, cookie 0x4b593f2c
resubmit(,43)
* Logical datapath: "vpc-DDB30485-global"
(b73400bb-28e2-4335-a7cf-dc35a4879841) [egress]
* Logical flow: table=2 (ls_out_pre_stateful), priority=0, match=(1),
actions=(next;)
43. metadata=0xff0002, priority 0, cookie 0xae9416df
resubmit(,44)
* Logical datapath: "vpc-DDB30485-global"
(b73400bb-28e2-4335-a7cf-dc35a4879841) [egress]
* Logical flow: table=3 (ls_out_lb), priority=0, match=(1), actions=(next;)
44. metadata=0xff0002, priority 0, cookie 0x7d3b6a9
resubmit(,45)
* Logical datapath: "vpc-DDB30485-global"
(b73400bb-28e2-4335-a7cf-dc35a4879841) [egress]
* Logical flow: table=4 (ls_out_acl), priority=0, match=(1), actions=(next;)
45. metadata=0xff0002, priority 0, cookie 0xf9cf4d3a
resubmit(,46)
* Logical datapath: "vpc-DDB30485-global"
(b73400bb-28e2-4335-a7cf-dc35a4879841) [egress]
* Logical flow: table=5 (ls_out_qos_mark), priority=0, match=(1),
actions=(next;)
46. metadata=0xff0002, priority 0, cookie 0x659b144
resubmit(,47)
* Logical datapath: "vpc-DDB30485-global"
(b73400bb-28e2-4335-a7cf-dc35a4879841) [egress]
* Logical flow: table=6 (ls_out_qos_meter), priority=0, match=(1),
actions=(next;)
47. metadata=0xff0002, priority 0, cookie 0x8379d99a
resubmit(,48)
* Logical datapath: "vpc-DDB30485-global"
(b73400bb-28e2-4335-a7cf-dc35a4879841) [egress]
* Logical flow: table=7 (ls_out_stateful), priority=0, match=(1),
actions=(next;)
48. metadata=0xff0002, priority 0, cookie 0x39bc111f
resubmit(,49)
* Logical datapath: "vpc-DDB30485-global"
(b73400bb-28e2-4335-a7cf-dc35a4879841) [egress]
* Logical flow: table=8 (ls_out_port_sec_ip), priority=0, match=(1),
actions=(next;)
49. No match.
drop
Final flow:
ip,reg11=0xe,reg12=0xd,reg14=0x1,reg15=0x2,tun_id=0x10002ff0002,tun_src=192.168.0.13,tun_dst=192.168.0.7,tun_ipv6_src=::,tun_ipv6_dst=::,tun_gbp_id=0,tun_gbp_flags=0,tun_tos=0,tun_ttl=64,tun_erspan_ver=0,tun_flags=csum|key,metadata=0xff0002,in_port=1,vlan_tci=0x0000,dl_src=0a:00:3b:ef:7e:e1,dl_dst=00:00:00:00:00:00,nw_src=0.0.0.0,nw_dst=0.0.0.0,nw_proto=0,nw_tos=0,nw_ecn=0,nw_ttl=0
Megaflow:
recirc_id=0,ct_state=-new-est-rel-rpl-inv-trk,ct_label=0/0x1,eth,ip,tun_id=0x10002ff0002,tun_src=192.168.0.13,tun_dst=192.168.0.7,tun_tos=0,tun_flags=-df+csum+key,in_port=1,dl_src=0a:00:3b:ef:7e:e1,dl_dst=00:00:00:00:00:00/01:00:00:00:00:00,nw_frag=no
Datapath actions: drop
Is it possible somehow to run ovn-ic gw role on the same node with HV?
If yes, what could I do wrong in this setup?
ovn-ic-sbctl show output:
# ovn-ic-sbctl --no-leader show
availability-zone az1
gateway dev1
hostname: dev.local
type: vxlan
ip: 192.168.0.13
type: stt
ip: 192.168.0.13
port vpc-DDB30485-rtb-3BEF7EE1-az1
transit switch: vpc-DDB30485-global
address: ["0a:00:3b:ef:7e:e1 169.254.8.2/22"]
availability-zone az2
gateway dev2
hostname: dev2.local
type: vxlan
ip: 192.168.0.7
type: stt
ip: 192.168.0.7
port vpc-DDB30485-rtb-3BEF7EE1-az2
transit switch: vpc-DDB30485-global
address: ["0a:01:3b:ef:7e:e1 169.254.8.100/22”]
Thanks for help in advance.
Regards,
Vladislav Odintsov
_______________________________________________
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
