subject:"\[ovs\-discuss\] \[ovn\-loadbalance\]Not all subnets can connect to vip"

Re: [ovs-discuss] [ovn-loadbalance]Not all subnets can connect to vip (taoyunupt)

2019-06-19 Thread taoyunupt

hi, Shetty ,
   we have meet a  problem with ovn/load-balancer , which has 
described as  bellow, hope to have your suggestions.






Thanks.
yun


At 2019-06-19 16:03:01, "txfh2007"  wrote:
>Hi tao:
>I have studied this situation for a time, and met almost same problem. I 
> have found that there are two ct actions with different zone id during 
> successful ovn-lb process. I have capture the related conntrack status as 
> below:(192.168.1.8 is vip, 192.168.1.2 is the ip after load balance):
>
> tcp,orig=(src=192.168.11.25,dst=192.168.1.8,sport=49338,dport=22),reply=(src=192.168.1.2,dst=192.168.11.25,sport=22,dport=49338),zone=12,protoinfo=(state=ESTABLISHED)
>tcp,orig=(src=192.168.11.25,dst=192.168.1.2,sport=49338,dport=22),reply=(src=192.168.1.2,dst=192.168.11.25,sport=22,dport=49338),zone=4,protoinfo=(state=ESTABLISHED)
>
>But when I access the vip from VM which is on different network(the OVN 
>datapath id is differ), the access failed and the conntrack status is as below:
>
>tcp,orig=(src=192.168.10.7,dst=192.168.1.8,sport=39206,dport=22),reply=(src=192.168.3.2,dst=192.168.10.7,sport=22,dport=39206),protoinfo=(state=SYN_SENT)
>tcp,orig=(src=192.168.10.7,dst=192.168.1.8,sport=39206,dport=22),reply=(src=192.168.1.8,dst=192.168.10.7,sport=22,dport=39206),zone=17,protoinfo=(state=SYN_SENT)
>
>obviously, one ct action without any zone id !!
>
>I guess this may be a reason for link failure. But I have no idea about the 
>root cause. 
>Can anyone tell me the root cause? Thank you !
>  
>  +--+
>  |  VIP   | 192.168.1.8/24 [ovn-datapath1]
>  +--+
>   |
>  |
>  +--+
>  | POOL| 
>  +--+
>   |
>   |
>  |
>
>   ||
>   |  |
>   |  |
>+--+ +--+  +--+
>|  member1 |  | member2   |  | member3  |  
>   
>+--+ +--+  +--+
>| 192.168.1.2 |   | 192.168.11.25|  |192.168.10.7|   
>+--+ +--+  +--+   
>  
> [ovn-datapath1]   [ovn-datapath1][ovn-datapath3]
>
>
>
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

[ovs-discuss] [ovn-loadbalance]Not all subnets can connect to vip (taoyunupt)

2019-06-19 Thread txfh2007 via discuss

Hi tao:
I have studied this situation for a time, and met almost same problem. I 
have found that there are two ct actions with different zone id during 
successful ovn-lb process. I have capture the related conntrack status as 
below:(192.168.1.8 is vip, 192.168.1.2 is the ip after load balance):

 
tcp,orig=(src=192.168.11.25,dst=192.168.1.8,sport=49338,dport=22),reply=(src=192.168.1.2,dst=192.168.11.25,sport=22,dport=49338),zone=12,protoinfo=(state=ESTABLISHED)
tcp,orig=(src=192.168.11.25,dst=192.168.1.2,sport=49338,dport=22),reply=(src=192.168.1.2,dst=192.168.11.25,sport=22,dport=49338),zone=4,protoinfo=(state=ESTABLISHED)

But when I access the vip from VM which is on different network(the OVN 
datapath id is differ), the access failed and the conntrack status is as below:

tcp,orig=(src=192.168.10.7,dst=192.168.1.8,sport=39206,dport=22),reply=(src=192.168.3.2,dst=192.168.10.7,sport=22,dport=39206),protoinfo=(state=SYN_SENT)
tcp,orig=(src=192.168.10.7,dst=192.168.1.8,sport=39206,dport=22),reply=(src=192.168.1.8,dst=192.168.10.7,sport=22,dport=39206),zone=17,protoinfo=(state=SYN_SENT)

obviously, one ct action without any zone id !!

I guess this may be a reason for link failure. But I have no idea about the 
root cause. 
Can anyone tell me the root cause? Thank you !
  
  +--+
  |  VIP   | 192.168.1.8/24 [ovn-datapath1]
  +--+
   |
   |
  +--+
  | POOL| 
  +--+
   |
   |
   |
   
   ||
   |  |
   |  |
+--+ +--+  +--+
|  member1 |  | member2   |  | member3  |   
 
+--+ +--+  +--+
| 192.168.1.2 |   | 192.168.11.25|  |192.168.10.7|   
+--+ +--+  +--+   
  
 [ovn-datapath1]   [ovn-datapath1][ovn-datapath3]



___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

[ovs-discuss] [ovn-loadbalance]Not all subnets can connect to vip

2019-06-18 Thread taoyunupt

Hi,
 I have deployed ovn with openstack/octavia. 


 I have four subnets,that are 192.168.1.0, 192.168.2.0, 192.168.3.0, 
192.168.4.0, which are added to a logical router. 
 
 vips   : {"192.168.1.8:22"="192.168.1.2:22,192.168.2.2:22,192.168.3.2:22"}
 
 I found that if I want to connect the vip 192.168.1.8:22, my ip must be in 
192.168.1.0/24 or 192.168.2.0/24,192.168.3.0/24, otherwise it will failed. That 
means the ip which try to connect ,must be in subnet of vip or subnet of pool 
member. 


Dose this situation is right ?  I think all the subnets added to the same 
router with vip ,should connect successfully.




Thanks ,
Yun



___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] [ovn-loadbalance]Not all subnets can connect to vip (taoyunupt)

[ovs-discuss] [ovn-loadbalance]Not all subnets can connect to vip (taoyunupt)

[ovs-discuss] [ovn-loadbalance]Not all subnets can connect to vip

3 matches

Site Navigation

Mail list logo

Footer information