subject:"\[ovs\-discuss\] OVN load balancing on same subnet failing"

Re: [ovs-discuss] OVN load balancing on same subnet failing

2018-03-09 Thread Guru Shetty

On 9 March 2018 at 11:19, Ben Pfaff  wrote:

> On Fri, Mar 02, 2018 at 09:40:07AM -0800, Guru Shetty wrote:
> > On 1 March 2018 at 21:09, Anil Venkata  wrote:
> >
> > >
> > >
> > > On Fri, Mar 2, 2018 at 7:23 AM, Guru Shetty  wrote:
> > >
> > >>
> > >>
> > >> On 27 February 2018 at 03:13, Anil Venkata 
> > >> wrote:
> > >>
> > >>> For example, I have a 10.1.0.0/24 network and a load balancer is
> added
> > >>> to it with 10.1.0.10 as VIP and 10.1.0.2(MAC 50:54:00:00:00:01),
> > >>> 10.1.0.3(MAC 50:54:00:00:00:02) as members.
> > >>> ovn-nbctl  create load_balancer vips:10.1.0.10="10.1.0.2,10.1.0.3"
> > >>>
> > >>
> > >> We currently need the VIP to be in a different subnet. You should
> connect
> > >> switch it to a dummy logical router (or connect it to a external
> router).
> > >> Since a VIP is in a different subnet, it sends an ARP for logical
> router IP
> > >> and then things will work.
> > >>
> > >>
> > >
> > > Thanks Guru. Any reason for introducing this constraint(i.e VIP to be
> in a
> > > different subnet)? Can we address this limitation?
> > >
> >
> > It was just easy to implement with the constraint. You will need a ARP
> > responder for the VIP. And now, you will have to specify the mac address
> > for each VIP in the schema. So that is a bit of work - but not hard.
>
> Do we document the constraint?  If we do not, then that would be
> helpful.
>
I sent a patch:
https://patchwork.ozlabs.org/patch/884054/
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] OVN load balancing on same subnet failing

2018-03-09 Thread Ben Pfaff

On Fri, Mar 02, 2018 at 09:40:07AM -0800, Guru Shetty wrote:
> On 1 March 2018 at 21:09, Anil Venkata  wrote:
> 
> >
> >
> > On Fri, Mar 2, 2018 at 7:23 AM, Guru Shetty  wrote:
> >
> >>
> >>
> >> On 27 February 2018 at 03:13, Anil Venkata 
> >> wrote:
> >>
> >>> For example, I have a 10.1.0.0/24 network and a load balancer is added
> >>> to it with 10.1.0.10 as VIP and 10.1.0.2(MAC 50:54:00:00:00:01),
> >>> 10.1.0.3(MAC 50:54:00:00:00:02) as members.
> >>> ovn-nbctl  create load_balancer vips:10.1.0.10="10.1.0.2,10.1.0.3"
> >>>
> >>
> >> We currently need the VIP to be in a different subnet. You should connect
> >> switch it to a dummy logical router (or connect it to a external router).
> >> Since a VIP is in a different subnet, it sends an ARP for logical router IP
> >> and then things will work.
> >>
> >>
> >
> > Thanks Guru. Any reason for introducing this constraint(i.e VIP to be in a
> > different subnet)? Can we address this limitation?
> >
> 
> It was just easy to implement with the constraint. You will need a ARP
> responder for the VIP. And now, you will have to specify the mac address
> for each VIP in the schema. So that is a bit of work - but not hard.

Do we document the constraint?  If we do not, then that would be
helpful.
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] OVN load balancing on same subnet failing

2018-03-02 Thread aginwala

Hi:

IRL , we always use different subnets for VIPs for OpenStack workloads in
production for couple of reasons:
1.  It's easy to fail over in case of outages if VIP and pool members are
in different subnets.
2.  It is also easy for neutron's IPAM to manage 2 different subnets; one
for VIP and other for VM/containers instead of allocating from a same
subnet because neutron doesn't care if the allocated IP is getting used for
VIP or VM/container

 Hence, I think its ok to stick with the solution suggested by Guru. If
folks in OpenStack community are exclusively asking for this requirement;
this implementation is worth prioritizing.

On Fri, Mar 2, 2018 at 9:40 AM, Guru Shetty  wrote:

>
>
> On 1 March 2018 at 21:09, Anil Venkata  wrote:
>
>>
>>
>> On Fri, Mar 2, 2018 at 7:23 AM, Guru Shetty  wrote:
>>
>>>
>>>
>>> On 27 February 2018 at 03:13, Anil Venkata 
>>> wrote:
>>>
 For example, I have a 10.1.0.0/24 network and a load balancer is added
 to it with 10.1.0.10 as VIP and 10.1.0.2(MAC 50:54:00:00:00:01),
 10.1.0.3(MAC 50:54:00:00:00:02) as members.
 ovn-nbctl  create load_balancer vips:10.1.0.10="10.1.0.2,10.1.0.3"

>>>
>>> We currently need the VIP to be in a different subnet. You should
>>> connect switch it to a dummy logical router (or connect it to a external
>>> router). Since a VIP is in a different subnet, it sends an ARP for logical
>>> router IP and then things will work.
>>>
>>>
>>
>> Thanks Guru. Any reason for introducing this constraint(i.e VIP to be in
>> a different subnet)? Can we address this limitation?
>>
>
> It was just easy to implement with the constraint. You will need a ARP
> responder for the VIP. And now, you will have to specify the mac address
> for each VIP in the schema. So that is a bit of work - but not hard.
>
>
>>
>>
  When I try to send a request from client within the subnet(i.e
 10.1.0.33) its not reaching any load balancer members.
 I noticed ARP not resolved for VIP 10.1.0.10.

 I tried to resolve this in two ways
 1) Adding a new ARP reply ovs flow for VIP 10.1.0.10 with router port's
 MAC. When client tries to connect VIP, it will use router's MAC. Now router
 gets the packet after load balancing, and will forward the packet to
 appropriate member.

 2) Second approach,
a) Using a new MAC(example, 50:54:00:00:00:ab) for VIP 10.1.0.10,
 and adding a new ARP reply flow with this MAC.
b) As we are not using router, when load balancing changes
 destination ip, VIP MAC has to be replaced with corresponding member's MAC
 i.e
   sudo ovs-ofctl add-flow br-int "table=24,ip,priority=150,dl_d
 st=50:54:00:00:00:ab,nw_dst=10.1.0.2,action=mod_dl_dst:50:54
 :00:00:00:01,load:0x1->NXM_NX_REG15[],resubmit(,32)"
 sudo ovs-ofctl add-flow br-int "table=24,ip,priority=150,dl_d
 st=50:54:00:00:00:ab,nw_dst=10.1.0.3,action=mod_dl_dst:50:54
 :00:00:00:02,load:0x2->NXM_NX_REG15[],resubmit(,32)"

 Which approach will be better or is there any alternate solution?

 Thanks
 Anil

 ___
 discuss mailing list
 disc...@openvswitch.org
 https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

>>>
>>
>
> ___
> discuss mailing list
> disc...@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
>
>
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] OVN load balancing on same subnet failing

2018-03-02 Thread Guru Shetty

On 1 March 2018 at 21:09, Anil Venkata  wrote:

>
>
> On Fri, Mar 2, 2018 at 7:23 AM, Guru Shetty  wrote:
>
>>
>>
>> On 27 February 2018 at 03:13, Anil Venkata 
>> wrote:
>>
>>> For example, I have a 10.1.0.0/24 network and a load balancer is added
>>> to it with 10.1.0.10 as VIP and 10.1.0.2(MAC 50:54:00:00:00:01),
>>> 10.1.0.3(MAC 50:54:00:00:00:02) as members.
>>> ovn-nbctl  create load_balancer vips:10.1.0.10="10.1.0.2,10.1.0.3"
>>>
>>
>> We currently need the VIP to be in a different subnet. You should connect
>> switch it to a dummy logical router (or connect it to a external router).
>> Since a VIP is in a different subnet, it sends an ARP for logical router IP
>> and then things will work.
>>
>>
>
> Thanks Guru. Any reason for introducing this constraint(i.e VIP to be in a
> different subnet)? Can we address this limitation?
>

It was just easy to implement with the constraint. You will need a ARP
responder for the VIP. And now, you will have to specify the mac address
for each VIP in the schema. So that is a bit of work - but not hard.


>
>
>>>  When I try to send a request from client within the subnet(i.e
>>> 10.1.0.33) its not reaching any load balancer members.
>>> I noticed ARP not resolved for VIP 10.1.0.10.
>>>
>>> I tried to resolve this in two ways
>>> 1) Adding a new ARP reply ovs flow for VIP 10.1.0.10 with router port's
>>> MAC. When client tries to connect VIP, it will use router's MAC. Now router
>>> gets the packet after load balancing, and will forward the packet to
>>> appropriate member.
>>>
>>> 2) Second approach,
>>>a) Using a new MAC(example, 50:54:00:00:00:ab) for VIP 10.1.0.10, and
>>> adding a new ARP reply flow with this MAC.
>>>b) As we are not using router, when load balancing changes
>>> destination ip, VIP MAC has to be replaced with corresponding member's MAC
>>> i.e
>>>   sudo ovs-ofctl add-flow br-int "table=24,ip,priority=150,dl_d
>>> st=50:54:00:00:00:ab,nw_dst=10.1.0.2,action=mod_dl_dst:50:54
>>> :00:00:00:01,load:0x1->NXM_NX_REG15[],resubmit(,32)"
>>> sudo ovs-ofctl add-flow br-int "table=24,ip,priority=150,dl_d
>>> st=50:54:00:00:00:ab,nw_dst=10.1.0.3,action=mod_dl_dst:50:54
>>> :00:00:00:02,load:0x2->NXM_NX_REG15[],resubmit(,32)"
>>>
>>> Which approach will be better or is there any alternate solution?
>>>
>>> Thanks
>>> Anil
>>>
>>>
>>> ___
>>> discuss mailing list
>>> disc...@openvswitch.org
>>> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
>>>
>>>
>>
>
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] OVN load balancing on same subnet failing

2018-03-02 Thread Numan Siddique

On Fri, Mar 2, 2018 at 10:39 AM, Anil Venkata 
wrote:

>
>
> On Fri, Mar 2, 2018 at 7:23 AM, Guru Shetty  wrote:
>
>>
>>
>> On 27 February 2018 at 03:13, Anil Venkata 
>> wrote:
>>
>>> For example, I have a 10.1.0.0/24 network and a load balancer is added
>>> to it with 10.1.0.10 as VIP and 10.1.0.2(MAC 50:54:00:00:00:01),
>>> 10.1.0.3(MAC 50:54:00:00:00:02) as members.
>>> ovn-nbctl  create load_balancer vips:10.1.0.10="10.1.0.2,10.1.0.3"
>>>
>>
>> We currently need the VIP to be in a different subnet. You should connect
>> switch it to a dummy logical router (or connect it to a external router).
>> Since a VIP is in a different subnet, it sends an ARP for logical router IP
>> and then things will work.
>>
>>
>
> Thanks Guru. Any reason for introducing this constraint(i.e VIP to be in a
> different subnet)? Can we address this limitation?
>
>
For OpenStack I think this is a valid use case and I think we should
support it.

Thanks
Numan


>>>  When I try to send a request from client within the subnet(i.e
>>> 10.1.0.33) its not reaching any load balancer members.
>>> I noticed ARP not resolved for VIP 10.1.0.10.
>>>
>>> I tried to resolve this in two ways
>>> 1) Adding a new ARP reply ovs flow for VIP 10.1.0.10 with router port's
>>> MAC. When client tries to connect VIP, it will use router's MAC. Now router
>>> gets the packet after load balancing, and will forward the packet to
>>> appropriate member.
>>>
>>> 2) Second approach,
>>>a) Using a new MAC(example, 50:54:00:00:00:ab) for VIP 10.1.0.10, and
>>> adding a new ARP reply flow with this MAC.
>>>b) As we are not using router, when load balancing changes
>>> destination ip, VIP MAC has to be replaced with corresponding member's MAC
>>> i.e
>>>   sudo ovs-ofctl add-flow br-int "table=24,ip,priority=150,dl_d
>>> st=50:54:00:00:00:ab,nw_dst=10.1.0.2,action=mod_dl_dst:50:54
>>> :00:00:00:01,load:0x1->NXM_NX_REG15[],resubmit(,32)"
>>> sudo ovs-ofctl add-flow br-int "table=24,ip,priority=150,dl_d
>>> st=50:54:00:00:00:ab,nw_dst=10.1.0.3,action=mod_dl_dst:50:54
>>> :00:00:00:02,load:0x2->NXM_NX_REG15[],resubmit(,32)"
>>>
>>> Which approach will be better or is there any alternate solution?
>>>
>>> Thanks
>>> Anil
>>>
>>>
>>> ___
>>> discuss mailing list
>>> disc...@openvswitch.org
>>> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
>>>
>>>
>>
>
> ___
> discuss mailing list
> disc...@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
>
>
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] OVN load balancing on same subnet failing

2018-03-01 Thread Anil Venkata

On Fri, Mar 2, 2018 at 7:23 AM, Guru Shetty  wrote:

>
>
> On 27 February 2018 at 03:13, Anil Venkata  wrote:
>
>> For example, I have a 10.1.0.0/24 network and a load balancer is added
>> to it with 10.1.0.10 as VIP and 10.1.0.2(MAC 50:54:00:00:00:01),
>> 10.1.0.3(MAC 50:54:00:00:00:02) as members.
>> ovn-nbctl  create load_balancer vips:10.1.0.10="10.1.0.2,10.1.0.3"
>>
>
> We currently need the VIP to be in a different subnet. You should connect
> switch it to a dummy logical router (or connect it to a external router).
> Since a VIP is in a different subnet, it sends an ARP for logical router IP
> and then things will work.
>
>

Thanks Guru. Any reason for introducing this constraint(i.e VIP to be in a
different subnet)? Can we address this limitation?


>>  When I try to send a request from client within the subnet(i.e
>> 10.1.0.33) its not reaching any load balancer members.
>> I noticed ARP not resolved for VIP 10.1.0.10.
>>
>> I tried to resolve this in two ways
>> 1) Adding a new ARP reply ovs flow for VIP 10.1.0.10 with router port's
>> MAC. When client tries to connect VIP, it will use router's MAC. Now router
>> gets the packet after load balancing, and will forward the packet to
>> appropriate member.
>>
>> 2) Second approach,
>>a) Using a new MAC(example, 50:54:00:00:00:ab) for VIP 10.1.0.10, and
>> adding a new ARP reply flow with this MAC.
>>b) As we are not using router, when load balancing changes destination
>> ip, VIP MAC has to be replaced with corresponding member's MAC i.e
>>   sudo ovs-ofctl add-flow br-int "table=24,ip,priority=150,dl_d
>> st=50:54:00:00:00:ab,nw_dst=10.1.0.2,action=mod_dl_dst:50:54
>> :00:00:00:01,load:0x1->NXM_NX_REG15[],resubmit(,32)"
>> sudo ovs-ofctl add-flow br-int "table=24,ip,priority=150,dl_d
>> st=50:54:00:00:00:ab,nw_dst=10.1.0.3,action=mod_dl_dst:50:54
>> :00:00:00:02,load:0x2->NXM_NX_REG15[],resubmit(,32)"
>>
>> Which approach will be better or is there any alternate solution?
>>
>> Thanks
>> Anil
>>
>>
>> ___
>> discuss mailing list
>> disc...@openvswitch.org
>> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
>>
>>
>
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] OVN load balancing on same subnet failing

2018-03-01 Thread Guru Shetty

On 27 February 2018 at 03:13, Anil Venkata  wrote:

> For example, I have a 10.1.0.0/24 network and a load balancer is added to
> it with 10.1.0.10 as VIP and 10.1.0.2(MAC 50:54:00:00:00:01), 10.1.0.3(MAC
> 50:54:00:00:00:02) as members.
> ovn-nbctl  create load_balancer vips:10.1.0.10="10.1.0.2,10.1.0.3"
>

We currently need the VIP to be in a different subnet. You should connect
switch it to a dummy logical router (or connect it to a external router).
Since a VIP is in a different subnet, it sends an ARP for logical router IP
and then things will work.


>
>  When I try to send a request from client within the subnet(i.e 10.1.0.33)
> its not reaching any load balancer members.
> I noticed ARP not resolved for VIP 10.1.0.10.
>
> I tried to resolve this in two ways
> 1) Adding a new ARP reply ovs flow for VIP 10.1.0.10 with router port's
> MAC. When client tries to connect VIP, it will use router's MAC. Now router
> gets the packet after load balancing, and will forward the packet to
> appropriate member.
>
> 2) Second approach,
>a) Using a new MAC(example, 50:54:00:00:00:ab) for VIP 10.1.0.10, and
> adding a new ARP reply flow with this MAC.
>b) As we are not using router, when load balancing changes destination
> ip, VIP MAC has to be replaced with corresponding member's MAC i.e
>   sudo ovs-ofctl add-flow br-int "table=24,ip,priority=150,dl_
> dst=50:54:00:00:00:ab,nw_dst=10.1.0.2,action=mod_dl_dst:50:
> 54:00:00:00:01,load:0x1->NXM_NX_REG15[],resubmit(,32)"
> sudo ovs-ofctl add-flow br-int "table=24,ip,priority=150,dl_
> dst=50:54:00:00:00:ab,nw_dst=10.1.0.3,action=mod_dl_dst:50:
> 54:00:00:00:02,load:0x2->NXM_NX_REG15[],resubmit(,32)"
>
> Which approach will be better or is there any alternate solution?
>
> Thanks
> Anil
>
>
> ___
> discuss mailing list
> disc...@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
>
>
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

[ovs-discuss] OVN load balancing on same subnet failing

2018-02-27 Thread Anil Venkata

For example, I have a 10.1.0.0/24 network and a load balancer is added to
it with 10.1.0.10 as VIP and 10.1.0.2(MAC 50:54:00:00:00:01), 10.1.0.3(MAC
50:54:00:00:00:02) as members.
ovn-nbctl  create load_balancer vips:10.1.0.10="10.1.0.2,10.1.0.3"

 When I try to send a request from client within the subnet(i.e 10.1.0.33)
its not reaching any load balancer members.
I noticed ARP not resolved for VIP 10.1.0.10.

I tried to resolve this in two ways
1) Adding a new ARP reply ovs flow for VIP 10.1.0.10 with router port's
MAC. When client tries to connect VIP, it will use router's MAC. Now router
gets the packet after load balancing, and will forward the packet to
appropriate member.

2) Second approach,
   a) Using a new MAC(example, 50:54:00:00:00:ab) for VIP 10.1.0.10, and
adding a new ARP reply flow with this MAC.
   b) As we are not using router, when load balancing changes destination
ip, VIP MAC has to be replaced with corresponding member's MAC i.e
  sudo ovs-ofctl add-flow br-int
"table=24,ip,priority=150,dl_dst=50:54:00:00:00:ab,nw_dst=10.1.0.2,action=mod_dl_dst:50:54:00:00:00:01,load:0x1->NXM_NX_REG15[],resubmit(,32)"
sudo ovs-ofctl add-flow br-int
"table=24,ip,priority=150,dl_dst=50:54:00:00:00:ab,nw_dst=10.1.0.3,action=mod_dl_dst:50:54:00:00:00:02,load:0x2->NXM_NX_REG15[],resubmit(,32)"

Which approach will be better or is there any alternate solution?

Thanks
Anil
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] OVN load balancing on same subnet failing

Re: [ovs-discuss] OVN load balancing on same subnet failing

Re: [ovs-discuss] OVN load balancing on same subnet failing

Re: [ovs-discuss] OVN load balancing on same subnet failing

Re: [ovs-discuss] OVN load balancing on same subnet failing

Re: [ovs-discuss] OVN load balancing on same subnet failing

Re: [ovs-discuss] OVN load balancing on same subnet failing

[ovs-discuss] OVN load balancing on same subnet failing

8 matches

Site Navigation

Mail list logo

Footer information