[ovs-discuss] [ovn] help with creating logical topology with l3 gateway
Hi all, I trying to create logical topology with l3 gateway. I have create the following logical topology: I able to ping from ns to 100.64.0.1 but it failed to ping 100.64.0.2 (port on the gw-worker1). Below I pasted the command I am using. Can you help me understand what is missing or what I doing wrong? | | router | gw-worker1 - port 'gw-worker1-join':100.64.0.2/16 | | switch | join 100.64.0.0/16 - | | router | join-router port 'join-router-ls-join': 100.64.0.1/16 - port 'join-router-worker1-net': 10.0.1.1/24 | | | switch | join-router 10.0.1.0/24 - / ___/_ | ns| - ## worker 1 - worker1-net ovn-nbctl ls-add worker1-net ovn-nbctl lsp-add worker1-net vm1 ovn-nbctl lsp-set-addresses vm1 "40:44:00:00:00:01 10.0.1.2" ## create join router ovn-nbctl lr-add join-router ## create router port to connect ovn-nbctl lrp-add join-router join-router-worker1-net 40:44:00:00:00:03 10.0.1.1/24 ovn-nbctl lrp-add join-router join-router-worker2-net 40:44:00:00:00:04 10.0.2.1/24 ## create the 'worker1-net' switch port for connection to 'join-router' ovn-nbctl lsp-add worker1-net worker1-net-join-router ovn-nbctl lsp-set-type worker1-net-join-router router ovn-nbctl lsp-set-addresses worker1-net-join-router router ovn-nbctl lsp-set-options worker1-net-join-router router-port=join-router-worker1-net #worker 1 ovs-vsctl add-port br-int vm1 -- set Interface vm1 type=internal -- set Interface vm1 external_ids:iface-id=vm1 ip netns add vm1 ip link set vm1 netns vm1 ip netns exec vm1 ip link set vm1 address 40:44:00:00:00:01 ip netns exec vm1 ip addr add 10.0.1.2/24 dev vm1 ip netns exec vm1 ip link set vm1 up ip netns exec vm1 ip route add default via 10.0.1.1 # create gw-worker1 ovn-nbctl create Logical_Router name=gw-worker1 options:chassis=9a790be7-a876-48a9-b7c5-1c45c6946dd4 # create a new logical switch for connecting the 'gw-worker1' and 'join-router' routers ovn-nbctl ls-add join # connect 'gw-worker1' to the 'join' switch ovn-nbctl lrp-add gw-worker1 gw-worker1-join 40:44:00:00:00:07 100.64.0.2/16 ovn-nbctl lsp-add join join-gw-worker1 ovn-nbctl lsp-set-type join-gw-worker1 router ovn-nbctl lsp-set-addresses join-gw-worker1 router ovn-nbctl lsp-set-options join-gw-worker1 router-port=gw-worker1-join # connect 'join-router' to the 'join' switch ovn-nbctl lrp-add join-router join-router-ls-join 40:44:00:00:00:06 100.64.0.1/16 ovn-nbctl lsp-add join ls-join-router-join ovn-nbctl lsp-set-type ls-join-router-join router ovn-nbctl lsp-set-addresses ls-join-router-join router ovn-nbctl lsp-set-options ls-join-router-join router-port=join-router-ls-join ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] [ovn] help with creating logical topology with l3 gateway
On 3/24/21 11:31 PM, Moshe Levi wrote: > Hi all, Hi Moshe, > I trying to create logical topology with l3 gateway. > I have create the following logical topology: > I able to ping from ns to 100.64.0.1 but it failed to ping 100.64.0.2 (port > on the gw-worker1). > Below I pasted the command I am using. Can you help me understand what is > missing or what I doing wrong? The problem is gw-worker1 has no route to reach 10.0.0.0/16. > > | > | router | gw-worker1 > - port 'gw-worker1-join':100.64.0.2/16 > | > | switch | join 100.64.0.0/16 > - > | > | router | join-router port 'join-router-ls-join': 100.64.0.1/16 > - port 'join-router-worker1-net': 10.0.1.1/24 > | > | > | switch | join-router 10.0.1.0/24 > - > / > ___/_ > | ns| > - > > > ## worker 1 - worker1-net > ovn-nbctl ls-add worker1-net > ovn-nbctl lsp-add worker1-net vm1 > ovn-nbctl lsp-set-addresses vm1 "40:44:00:00:00:01 10.0.1.2" > > > > ## create join router > ovn-nbctl lr-add join-router > > ## create router port to connect > ovn-nbctl lrp-add join-router join-router-worker1-net 40:44:00:00:00:03 > 10.0.1.1/24 > ovn-nbctl lrp-add join-router join-router-worker2-net 40:44:00:00:00:04 > 10.0.2.1/24 > > > ## create the 'worker1-net' switch port for connection to 'join-router' > ovn-nbctl lsp-add worker1-net worker1-net-join-router > ovn-nbctl lsp-set-type worker1-net-join-router router > ovn-nbctl lsp-set-addresses worker1-net-join-router router > ovn-nbctl lsp-set-options worker1-net-join-router > router-port=join-router-worker1-net > > > > > #worker 1 > ovs-vsctl add-port br-int vm1 -- set Interface vm1 type=internal -- set > Interface vm1 external_ids:iface-id=vm1 > ip netns add vm1 > ip link set vm1 netns vm1 > ip netns exec vm1 ip link set vm1 address 40:44:00:00:00:01 > ip netns exec vm1 ip addr add 10.0.1.2/24 dev vm1 > ip netns exec vm1 ip link set vm1 up > ip netns exec vm1 ip route add default via 10.0.1.1 > > > > > # create gw-worker1 > ovn-nbctl create Logical_Router name=gw-worker1 > options:chassis=9a790be7-a876-48a9-b7c5-1c45c6946dd4 This should fix it: ovn-nbctl lr-route-add gw-worker1 10.0.0.0/16 100.64.0.1 Regards, Dumitru > > > # create a new logical switch for connecting the 'gw-worker1' and > 'join-router' routers > ovn-nbctl ls-add join > > # connect 'gw-worker1' to the 'join' switch > ovn-nbctl lrp-add gw-worker1 gw-worker1-join 40:44:00:00:00:07 100.64.0.2/16 > ovn-nbctl lsp-add join join-gw-worker1 > ovn-nbctl lsp-set-type join-gw-worker1 router > ovn-nbctl lsp-set-addresses join-gw-worker1 router > ovn-nbctl lsp-set-options join-gw-worker1 router-port=gw-worker1-join > > > # connect 'join-router' to the 'join' switch > ovn-nbctl lrp-add join-router join-router-ls-join 40:44:00:00:00:06 > 100.64.0.1/16 > ovn-nbctl lsp-add join ls-join-router-join > ovn-nbctl lsp-set-type ls-join-router-join router > ovn-nbctl lsp-set-addresses ls-join-router-join router > ovn-nbctl lsp-set-options ls-join-router-join router-port=join-router-ls-join > > > > ___ > discuss mailing list > disc...@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-discuss > ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] [ovn] help with creating logical topology with l3 gateway
> -Original Message- > From: Dumitru Ceara > Sent: Thursday, March 25, 2021 12:49 PM > To: Moshe Levi ; ovs-discuss@openvswitch.org > Subject: Re: [ovs-discuss] [ovn] help with creating logical topology with l3 > gateway > > External email: Use caution opening links or attachments > > > On 3/24/21 11:31 PM, Moshe Levi wrote: > > Hi all, > > Hi Moshe, > > > I trying to create logical topology with l3 gateway. > > I have create the following logical topology: > > I able to ping from ns to 100.64.0.1 but it failed to ping 100.64.0.2 (port > > on > the gw-worker1). > > Below I pasted the command I am using. Can you help me understand what > is missing or what I doing wrong? > > The problem is gw-worker1 has no route to reach 10.0.0.0/16. > > > > > | > > | router | gw-worker1 > > - port 'gw-worker1-join':100.64.0.2/16 > > | > > | switch | join 100.64.0.0/16 > > - > > | > > | router | join-router port 'join-router-ls-join': 100.64.0.1/16 > > - port 'join-router-worker1-net': 10.0.1.1/24 > > | > > | > > | switch | join-router 10.0.1.0/24 > > - > > / > > ___/_ > > | ns| > > - > > > > > > ## worker 1 - worker1-net > > ovn-nbctl ls-add worker1-net > > ovn-nbctl lsp-add worker1-net vm1 > > ovn-nbctl lsp-set-addresses vm1 "40:44:00:00:00:01 10.0.1.2" > > > > > > > > ## create join router > > ovn-nbctl lr-add join-router > > > > ## create router port to connect > > ovn-nbctl lrp-add join-router join-router-worker1-net > > 40:44:00:00:00:03 10.0.1.1/24 ovn-nbctl lrp-add join-router > > join-router-worker2-net 40:44:00:00:00:04 10.0.2.1/24 > > > > > > ## create the 'worker1-net' switch port for connection to 'join-router' > > ovn-nbctl lsp-add worker1-net worker1-net-join-router ovn-nbctl > > lsp-set-type worker1-net-join-router router ovn-nbctl > > lsp-set-addresses worker1-net-join-router router ovn-nbctl > > lsp-set-options worker1-net-join-router > > router-port=join-router-worker1-net > > > > > > > > > > #worker 1 > > ovs-vsctl add-port br-int vm1 -- set Interface vm1 type=internal -- > > set Interface vm1 external_ids:iface-id=vm1 ip netns add vm1 ip link > > set vm1 netns vm1 ip netns exec vm1 ip link set vm1 address > > 40:44:00:00:00:01 ip netns exec vm1 ip addr add 10.0.1.2/24 dev vm1 ip > > netns exec vm1 ip link set vm1 up ip netns exec vm1 ip route add > > default via 10.0.1.1 > > > > > > > > > > # create gw-worker1 > > ovn-nbctl create Logical_Router name=gw-worker1 > > options:chassis=9a790be7-a876-48a9-b7c5-1c45c6946dd4 > > This should fix it: > > ovn-nbctl lr-route-add gw-worker1 10.0.0.0/16 100.64.0.1 Dumitru, thanks for the response. I added the above route but It is still don't work. Anything else that I am missing? > > Regards, > Dumitru > > > > > > > # create a new logical switch for connecting the 'gw-worker1' and > > 'join-router' routers ovn-nbctl ls-add join > > > > # connect 'gw-worker1' to the 'join' switch ovn-nbctl lrp-add > > gw-worker1 gw-worker1-join 40:44:00:00:00:07 100.64.0.2/16 ovn-nbctl > > lsp-add join join-gw-worker1 ovn-nbctl lsp-set-type join-gw-worker1 > > router ovn-nbctl lsp-set-addresses join-gw-worker1 router ovn-nbctl > > lsp-set-options join-gw-worker1 router-port=gw-worker1-join > > > > > > # connect 'join-router' to the 'join' switch ovn-nbctl lrp-add > > join-router join-router-ls-join 40:44:00:00:00:06 100.64.0.1/16 > > ovn-nbctl lsp-add join ls-join-router-join ovn-nbctl lsp-set-type > > ls-join-router-join router ovn-nbctl lsp-set-addresses > > ls-join-router-join router ovn-nbctl lsp-set-options > > ls-join-router-join router-port=join-router-ls-join > > > > > > > > ___ > > discuss mailing list > > disc...@openvswitch.org > > > https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmail > > .openvswitch.org%2Fmailman%2Flistinfo%2Fovs- > discuss&data=04%7C01%7 > > > Cmoshele%40nvidia.com%7C41f0a5395ca845571e0508d8ef7ba7bb%7C43083 > d15727 > > > 340c1b7db39efd9ccc17a%7C0%7C0%7C637522661666184044%7CUnknown%7 > CTWFpbGZ > > > sb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6M > n0%3 > > > D%7C1000&sdata=mHbGww2ylVcT%2FyCUDAfCKPxwaj%2F8NhoUHgN > cHIkQ9J8%3D& > > amp;reserved=0 > > ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] [ovn] help with creating logical topology with l3 gateway
On 3/25/21 12:16 PM, Moshe Levi wrote: > > >> -Original Message- >> From: Dumitru Ceara >> Sent: Thursday, March 25, 2021 12:49 PM >> To: Moshe Levi ; ovs-discuss@openvswitch.org >> Subject: Re: [ovs-discuss] [ovn] help with creating logical topology with l3 >> gateway >> >> External email: Use caution opening links or attachments >> >> >> On 3/24/21 11:31 PM, Moshe Levi wrote: >>> Hi all, >> >> Hi Moshe, >> >>> I trying to create logical topology with l3 gateway. >>> I have create the following logical topology: >>> I able to ping from ns to 100.64.0.1 but it failed to ping 100.64.0.2 (port >>> on >> the gw-worker1). >>> Below I pasted the command I am using. Can you help me understand what >> is missing or what I doing wrong? >> >> The problem is gw-worker1 has no route to reach 10.0.0.0/16. >> >>> >>> | >>> | router | gw-worker1 >>> - port 'gw-worker1-join':100.64.0.2/16 >>> | >>> | switch | join 100.64.0.0/16 >>> - >>> | >>> | router | join-router port 'join-router-ls-join': 100.64.0.1/16 >>> - port 'join-router-worker1-net': 10.0.1.1/24 >>> | >>> | >>> | switch | join-router 10.0.1.0/24 >>> - >>> / >>> ___/_ >>> | ns| >>> - >>> >>> >>> ## worker 1 - worker1-net >>> ovn-nbctl ls-add worker1-net >>> ovn-nbctl lsp-add worker1-net vm1 >>> ovn-nbctl lsp-set-addresses vm1 "40:44:00:00:00:01 10.0.1.2" >>> >>> >>> >>> ## create join router >>> ovn-nbctl lr-add join-router >>> >>> ## create router port to connect >>> ovn-nbctl lrp-add join-router join-router-worker1-net >>> 40:44:00:00:00:03 10.0.1.1/24 ovn-nbctl lrp-add join-router >>> join-router-worker2-net 40:44:00:00:00:04 10.0.2.1/24 >>> >>> >>> ## create the 'worker1-net' switch port for connection to 'join-router' >>> ovn-nbctl lsp-add worker1-net worker1-net-join-router ovn-nbctl >>> lsp-set-type worker1-net-join-router router ovn-nbctl >>> lsp-set-addresses worker1-net-join-router router ovn-nbctl >>> lsp-set-options worker1-net-join-router >>> router-port=join-router-worker1-net >>> >>> >>> >>> >>> #worker 1 >>> ovs-vsctl add-port br-int vm1 -- set Interface vm1 type=internal -- >>> set Interface vm1 external_ids:iface-id=vm1 ip netns add vm1 ip link >>> set vm1 netns vm1 ip netns exec vm1 ip link set vm1 address >>> 40:44:00:00:00:01 ip netns exec vm1 ip addr add 10.0.1.2/24 dev vm1 ip >>> netns exec vm1 ip link set vm1 up ip netns exec vm1 ip route add >>> default via 10.0.1.1 >>> >>> >>> >>> >>> # create gw-worker1 >>> ovn-nbctl create Logical_Router name=gw-worker1 >>> options:chassis=9a790be7-a876-48a9-b7c5-1c45c6946dd4 >> >> This should fix it: >> >> ovn-nbctl lr-route-add gw-worker1 10.0.0.0/16 100.64.0.1 > Dumitru, thanks for the response. I added the above route but It is still > don't work. Anything else that I am missing? That's weird because it did fix it when I configured the topology using the commands you shared; can you please also get the output of: ovn-nbctl lr-route-list gw-worker1 Also, to see exactly where the packet is dropped, please share the output of: inport=$(ovs-vsctl --bare --columns ofport list interface vm1) flow=40440003404400010800455417cd40004001b3980a00010264420800e1d35d0a0001c1635c60d7890500101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031323334353637 ovs-appctl ofproto/trace br-int in_port=$in_port $flow | ovn-detrace >> >> Regards, >> Dumitru >> >>> >>> >>> # create a new logical switch for connecting the 'gw-worker1' and >>> 'join-router' routers ovn-nbctl ls-add join >>> >>> # connect 'gw-worker1' to the 'join' switch ovn-nbctl lrp-add >>> gw-worker1 gw-worker1-join 40:44:00:00:00:07 100.64.0.2/16 ovn-nbctl >>> lsp-add join join-gw-worker1 ovn-nbctl lsp-set-type join-gw-worker1 >>> router ovn-nbctl lsp-set-addresses join-gw-worker1 router ovn-nbctl >&
Re: [ovs-discuss] [ovn] help with creating logical topology with l3 gateway
On 3/25/21 12:36 PM, Dumitru Ceara wrote: > On 3/25/21 12:16 PM, Moshe Levi wrote: >> >> >>> -Original Message- >>> From: Dumitru Ceara >>> Sent: Thursday, March 25, 2021 12:49 PM >>> To: Moshe Levi ; ovs-discuss@openvswitch.org >>> Subject: Re: [ovs-discuss] [ovn] help with creating logical topology with l3 >>> gateway >>> >>> External email: Use caution opening links or attachments >>> >>> >>> On 3/24/21 11:31 PM, Moshe Levi wrote: >>>> Hi all, >>> >>> Hi Moshe, >>> >>>> I trying to create logical topology with l3 gateway. >>>> I have create the following logical topology: >>>> I able to ping from ns to 100.64.0.1 but it failed to ping 100.64.0.2 >>>> (port on >>> the gw-worker1). >>>> Below I pasted the command I am using. Can you help me understand what >>> is missing or what I doing wrong? >>> >>> The problem is gw-worker1 has no route to reach 10.0.0.0/16. >>> >>>> >>>> | >>>> | router | gw-worker1 >>>> - port 'gw-worker1-join':100.64.0.2/16 >>>> | >>>> | switch | join 100.64.0.0/16 >>>> - >>>> | >>>> | router | join-router port 'join-router-ls-join': 100.64.0.1/16 >>>> - port 'join-router-worker1-net': 10.0.1.1/24 >>>> | >>>> | >>>> | switch | join-router 10.0.1.0/24 >>>> - >>>> / >>>> ___/_ >>>> | ns| >>>> - >>>> >>>> >>>> ## worker 1 - worker1-net >>>> ovn-nbctl ls-add worker1-net >>>> ovn-nbctl lsp-add worker1-net vm1 >>>> ovn-nbctl lsp-set-addresses vm1 "40:44:00:00:00:01 10.0.1.2" >>>> >>>> >>>> >>>> ## create join router >>>> ovn-nbctl lr-add join-router >>>> >>>> ## create router port to connect >>>> ovn-nbctl lrp-add join-router join-router-worker1-net >>>> 40:44:00:00:00:03 10.0.1.1/24 ovn-nbctl lrp-add join-router >>>> join-router-worker2-net 40:44:00:00:00:04 10.0.2.1/24 >>>> >>>> >>>> ## create the 'worker1-net' switch port for connection to 'join-router' >>>> ovn-nbctl lsp-add worker1-net worker1-net-join-router ovn-nbctl >>>> lsp-set-type worker1-net-join-router router ovn-nbctl >>>> lsp-set-addresses worker1-net-join-router router ovn-nbctl >>>> lsp-set-options worker1-net-join-router >>>> router-port=join-router-worker1-net >>>> >>>> >>>> >>>> >>>> #worker 1 >>>> ovs-vsctl add-port br-int vm1 -- set Interface vm1 type=internal -- >>>> set Interface vm1 external_ids:iface-id=vm1 ip netns add vm1 ip link >>>> set vm1 netns vm1 ip netns exec vm1 ip link set vm1 address >>>> 40:44:00:00:00:01 ip netns exec vm1 ip addr add 10.0.1.2/24 dev vm1 ip >>>> netns exec vm1 ip link set vm1 up ip netns exec vm1 ip route add >>>> default via 10.0.1.1 >>>> >>>> >>>> >>>> >>>> # create gw-worker1 >>>> ovn-nbctl create Logical_Router name=gw-worker1 >>>> options:chassis=9a790be7-a876-48a9-b7c5-1c45c6946dd4 >>> >>> This should fix it: >>> >>> ovn-nbctl lr-route-add gw-worker1 10.0.0.0/16 100.64.0.1 >> Dumitru, thanks for the response. I added the above route but It is still >> don't work. Anything else that I am missing? > > That's weird because it did fix it when I configured the topology using > the commands you shared; can you please also get the output of: > > ovn-nbctl lr-route-list gw-worker1 > > Also, to see exactly where the packet is dropped, please share the > output of: > > inport=$(ovs-vsctl --bare --columns ofport list interface vm1) > flow=40440003404400010800455417cd40004001b3980a00010264420800e1d35d0a0001c1635c60d7890500101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031323334353637 To "demystify" this a bit, I got the packet contents by running the following command while ping was running from vm1: ip netns exec vm1 tcpdump -vvvnne -i vm1 -c1 -XX | ovs-tcpundump > ovs-appctl ofproto/trace br-int in_port=$in_port $flow | ovn-detrace > > ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] [ovn] help with creating logical topology with l3 gateway
On 3/25/21 12:40 PM, Dumitru Ceara wrote: >> Also, to see exactly where the packet is dropped, please share the >> output of: >> >> inport=$(ovs-vsctl --bare --columns ofport list interface vm1) >> flow=40440003404400010800455417cd40004001b3980a00010264420800e1d35d0a0001c1635c60d7890500101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031323334353637 > To "demystify" this a bit, I got the packet contents by running the > following command while ping was running from vm1: > > ip netns exec vm1 tcpdump -vvvnne -i vm1 -c1 -XX | ovs-tcpundump > >> ovs-appctl ofproto/trace br-int in_port=$in_port $flow | ovn-detrace And here's a typo, sorry, should be: ovs-appctl ofproto/trace br-int in_port=$inport $flow | ovn-detrace ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] [ovn] help with creating logical topology with l3 gateway
> -Original Message- > From: Dumitru Ceara > Sent: Thursday, March 25, 2021 1:44 PM > To: Moshe Levi ; ovs-discuss@openvswitch.org > Subject: Re: [ovs-discuss] [ovn] help with creating logical topology with l3 > gateway > > External email: Use caution opening links or attachments > > > On 3/25/21 12:40 PM, Dumitru Ceara wrote: > >> Also, to see exactly where the packet is dropped, please share the > >> output of: > >> > >> inport=$(ovs-vsctl --bare --columns ofport list interface vm1) > >> > flow=40440003404400010800455417cd40004001b3980a00010264 > 40 > >> > 00020800e1d35d0a0001c1635c60d789050010111213141516 > 171 > >> 8191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031323334353637 > > To "demystify" this a bit, I got the packet contents by running the > > following command while ping was running from vm1: > > > > ip netns exec vm1 tcpdump -vvvnne -i vm1 -c1 -XX | ovs-tcpundump > > > >> ovs-appctl ofproto/trace br-int in_port=$in_port $flow | ovn-detrace > > And here's a typo, sorry, should be: > > ovs-appctl ofproto/trace br-int in_port=$inport $flow | ovn-detrace Here is the output [1] https://pastebin.ubuntu.com/p/jDYz9Dfy2t/ OVN 21.03 -> commit da028c72bdc7742b3065d1df95a3789fbc16b27a OVS 2.15 -> commit d5dc16670ec95702058fccad253ed6d24ebd5329 ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] [ovn] help with creating logical topology with l3 gateway
On 3/25/21 10:50 PM, Moshe Levi wrote: > > >> -Original Message- >> From: Dumitru Ceara >> Sent: Thursday, March 25, 2021 1:44 PM >> To: Moshe Levi ; ovs-discuss@openvswitch.org >> Subject: Re: [ovs-discuss] [ovn] help with creating logical topology with l3 >> gateway >> >> External email: Use caution opening links or attachments >> >> >> On 3/25/21 12:40 PM, Dumitru Ceara wrote: >>>> Also, to see exactly where the packet is dropped, please share the >>>> output of: >>>> >>>> inport=$(ovs-vsctl --bare --columns ofport list interface vm1) >>>> >> flow=40440003404400010800455417cd40004001b3980a00010264 >> 40 >>>> >> 00020800e1d35d0a0001c1635c60d789050010111213141516 >> 171 >>>> 8191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031323334353637 >>> To "demystify" this a bit, I got the packet contents by running the >>> following command while ping was running from vm1: >>> >>> ip netns exec vm1 tcpdump -vvvnne -i vm1 -c1 -XX | ovs-tcpundump >>> >>>> ovs-appctl ofproto/trace br-int in_port=$in_port $flow | ovn-detrace >> >> And here's a typo, sorry, should be: >> >> ovs-appctl ofproto/trace br-int in_port=$inport $flow | ovn-detrace > Here is the output [1] https://pastebin.ubuntu.com/p/jDYz9Dfy2t/ > > OVN 21.03 -> commit da028c72bdc7742b3065d1df95a3789fbc16b27a > OVS 2.15 -> commit d5dc16670ec95702058fccad253ed6d24ebd5329 > I think I know what the problem is (aside from the missing route). Is it possible that the node's chassis-id (OVS system-id) isn't 9a790be7-a876-48a9-b7c5-1c45c6946dd4? In your the commands you shared you had: ovn-nbctl create Logical_Router name=gw-worker1 options:chassis=9a790be7-a876-48a9-b7c5-1c45c6946dd4 The chassis-id should correspond to the system-id OVS was started with on the node. You can retrieve this with: ovs-vsctl get open_vswitch . external_ids:system-id E.g., on my test setup: $ ovs-vsctl get open_vswitch . external_ids:system-id local $ ovn-sbctl --columns name list chassis local name: local To bind the GW router to this chassis: ovn-nbctl set Logical_Router gw-worker1 options:chassis=local Regards, Dumitru ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] [ovn] help with creating logical topology with l3 gateway
> -Original Message- > From: Dumitru Ceara > Sent: Friday, March 26, 2021 12:58 AM > To: Moshe Levi ; ovs-discuss@openvswitch.org > Subject: Re: [ovs-discuss] [ovn] help with creating logical topology with l3 > gateway > > External email: Use caution opening links or attachments > > > On 3/25/21 10:50 PM, Moshe Levi wrote: > > > > > >> -Original Message- > >> From: Dumitru Ceara > >> Sent: Thursday, March 25, 2021 1:44 PM > >> To: Moshe Levi ; ovs-discuss@openvswitch.org > >> Subject: Re: [ovs-discuss] [ovn] help with creating logical topology > >> with l3 gateway > >> > >> External email: Use caution opening links or attachments > >> > >> > >> On 3/25/21 12:40 PM, Dumitru Ceara wrote: > >>>> Also, to see exactly where the packet is dropped, please share the > >>>> output of: > >>>> > >>>> inport=$(ovs-vsctl --bare --columns ofport list interface vm1) > >>>> > >> > flow=40440003404400010800455417cd40004001b3980a00010264 > >> 40 > >>>> > >> > 00020800e1d35d0a0001c1635c60d789050010111213141516 > >> 171 > >>>> > 8191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031323334353637 > >>> To "demystify" this a bit, I got the packet contents by running the > >>> following command while ping was running from vm1: > >>> > >>> ip netns exec vm1 tcpdump -vvvnne -i vm1 -c1 -XX | ovs-tcpundump > >>> > >>>> ovs-appctl ofproto/trace br-int in_port=$in_port $flow | > >>>> ovn-detrace > >> > >> And here's a typo, sorry, should be: > >> > >> ovs-appctl ofproto/trace br-int in_port=$inport $flow | ovn-detrace > > Here is the output [1] > > > https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpast > > > ebin.ubuntu.com%2Fp%2FjDYz9Dfy2t%2F&data=04%7C01%7Cmoshele > %40nvidi > > > a.com%7C960a360b887d4d8946ec08d8efe17a1b%7C43083d15727340c1b7db3 > 9efd9c > > > cc17a%7C0%7C0%7C637523098980876494%7CUnknown%7CTWFpbGZsb3d8e > yJWIjoiMC4 > > > wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&a > mp;sda > > > ta=JuapJNoC0iQEQfmuQtAsh%2BqmqKNtYajgJtV%2FamT2jQo%3D&res > erved=0 > > > > OVN 21.03 -> commit da028c72bdc7742b3065d1df95a3789fbc16b27a > > OVS 2.15 -> commit d5dc16670ec95702058fccad253ed6d24ebd5329 > > > > I think I know what the problem is (aside from the missing route). > Is it possible that the node's chassis-id (OVS system-id) isn't 9a790be7-a876- > 48a9-b7c5-1c45c6946dd4? > > In your the commands you shared you had: > ovn-nbctl create Logical_Router name=gw-worker1 > options:chassis=9a790be7-a876-48a9-b7c5-1c45c6946dd4 > > The chassis-id should correspond to the system-id OVS was started with on > the node. You can retrieve this with: > > ovs-vsctl get open_vswitch . external_ids:system-id Thanks with you command to get the chassis-id it works. I used the uuid from ovn-sbctl list chassis. Shouldn't that work as well? > > E.g., on my test setup: > > $ ovs-vsctl get open_vswitch . external_ids:system-id local > > $ ovn-sbctl --columns name list chassis local > name: local > > To bind the GW router to this chassis: > ovn-nbctl set Logical_Router gw-worker1 options:chassis=local > > Regards, > Dumitru ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] [ovn] help with creating logical topology with l3 gateway
On 3/26/21 1:14 AM, Moshe Levi wrote: > > >> -Original Message- >> From: Dumitru Ceara >> Sent: Friday, March 26, 2021 12:58 AM >> To: Moshe Levi ; ovs-discuss@openvswitch.org >> Subject: Re: [ovs-discuss] [ovn] help with creating logical topology with l3 >> gateway >> >> External email: Use caution opening links or attachments >> >> >> On 3/25/21 10:50 PM, Moshe Levi wrote: >>> >>> >>>> -Original Message- >>>> From: Dumitru Ceara >>>> Sent: Thursday, March 25, 2021 1:44 PM >>>> To: Moshe Levi ; ovs-discuss@openvswitch.org >>>> Subject: Re: [ovs-discuss] [ovn] help with creating logical topology >>>> with l3 gateway >>>> >>>> External email: Use caution opening links or attachments >>>> >>>> >>>> On 3/25/21 12:40 PM, Dumitru Ceara wrote: >>>>>> Also, to see exactly where the packet is dropped, please share the >>>>>> output of: >>>>>> >>>>>> inport=$(ovs-vsctl --bare --columns ofport list interface vm1) >>>>>> >>>> >> flow=40440003404400010800455417cd40004001b3980a00010264 >>>> 40 >>>>>> >>>> >> 00020800e1d35d0a0001c1635c60d789050010111213141516 >>>> 171 >>>>>> >> 8191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031323334353637 >>>>> To "demystify" this a bit, I got the packet contents by running the >>>>> following command while ping was running from vm1: >>>>> >>>>> ip netns exec vm1 tcpdump -vvvnne -i vm1 -c1 -XX | ovs-tcpundump >>>>> >>>>>> ovs-appctl ofproto/trace br-int in_port=$in_port $flow | >>>>>> ovn-detrace >>>> >>>> And here's a typo, sorry, should be: >>>> >>>> ovs-appctl ofproto/trace br-int in_port=$inport $flow | ovn-detrace >>> Here is the output [1] >>> >> https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpast >>> >> ebin.ubuntu.com%2Fp%2FjDYz9Dfy2t%2F&data=04%7C01%7Cmoshele >> %40nvidi >>> >> a.com%7C960a360b887d4d8946ec08d8efe17a1b%7C43083d15727340c1b7db3 >> 9efd9c >>> >> cc17a%7C0%7C0%7C637523098980876494%7CUnknown%7CTWFpbGZsb3d8e >> yJWIjoiMC4 >>> >> wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&a >> mp;sda >>> >> ta=JuapJNoC0iQEQfmuQtAsh%2BqmqKNtYajgJtV%2FamT2jQo%3D&res >> erved=0 >>> >>> OVN 21.03 -> commit da028c72bdc7742b3065d1df95a3789fbc16b27a >>> OVS 2.15 -> commit d5dc16670ec95702058fccad253ed6d24ebd5329 >>> >> >> I think I know what the problem is (aside from the missing route). >> Is it possible that the node's chassis-id (OVS system-id) isn't >> 9a790be7-a876- >> 48a9-b7c5-1c45c6946dd4? >> >> In your the commands you shared you had: >> ovn-nbctl create Logical_Router name=gw-worker1 >> options:chassis=9a790be7-a876-48a9-b7c5-1c45c6946dd4 >> >> The chassis-id should correspond to the system-id OVS was started with on >> the node. You can retrieve this with: >> >> ovs-vsctl get open_vswitch . external_ids:system-id > Thanks with you command to get the chassis-id it works. I used the uuid from > ovn-sbctl list chassis. Shouldn't that work as well? You need to use the "name" of the SB.Chassis record, not its uuid. For reference, section "Logical_Router TABLE", "options : chassis": https://www.ovn.org/support/dist-docs/ovn-nb.5.html "If set, indicates that the logical router in question is a Gate‐ way router (which is centralized) and resides in the set chas‐ sis. The same value is also used by ovn-controller to uniquely identify the chassis in the OVN deployment and comes from exter‐ nal_ids:system-id in the Open_vSwitch table of Open_vSwitch database." Regards, Dumitru ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
