Re: [ovs-discuss] NorthD inc-engine Handlers; OVN 24.03

uld be > improved. > > Yours truly, George > > > > On 17.05.2024, 15:28, "Dumitru Ceara" <mailto:dce...@redhat.com>> wrote: > > > ВНИМАНИЕ! ВНЕШНИЙ ОТПРАВИТЕЛЬ > Если отправитель почты неизвестен, не переходите по ссылкам, не сообщ

Re: [ovs-discuss] OVN clang-format proposal

On 6/25/24 08:54, Ales Musil wrote: > On Tue, Jun 25, 2024 at 8:48 AM Eelco Chaudron wrote: > >> >> >> On 24 Jun 2024, at 17:52, Ales Musil via discuss wrote: >> >>> Hi, >>> Hi Ales, Thanks for bringing this up! >>> I would like to propose a universal coding style using clang-format [0]. >>>

Re: [ovs-discuss] ERR| group-table: out of table ids

iffers from 3.2.2 listed above OpenFlow versions 0x6:0x6 SB DB Schema 20.29. Checking when we bumped the OVS submodule from 3.2.2 to the tip (at that moment) of 3.3, it was: 1fa7628db415 ("ovs: Bump submodule to include E721 fixes.") The log between that version and the actual v23.09.1

Re: [ovs-discuss] NorthD inc-engine Handlers; OVN 24.03

That works for me but please link the issue here. Most development happens on-list and github issues don't get as much attention. > Thank you > Yours truly, George > Best regards, Dumitru > > From: Numan Siddique > Date: Wednesday, 8 May 2024, 19:01 > To: Шагов Георгий ,

Re: [ovs-discuss] [External] : Re: Regression in latest LTS - ACLs for ports in multiple Port Groups not working

On 5/14/24 19:14, Brendan Doyle wrote: > > > On 14/05/2024 15:58, Dumitru Ceara wrote: >> On 5/14/24 15:34, Brendan Doyle wrote: >>> Duh, after looking at the trace, this is in fact working as it should >>> the VRRP pkts are getting through to the LBs, th

Re: [ovs-discuss] [External] : Re: Regression in latest LTS - ACLs for ports in multiple Port Groups not working

> >> >> On 14/05/2024 13:21, Brendan Doyle via discuss wrote: >>> >>> >>> On 14/05/2024 11:38, Dumitru Ceara wrote: >>>> On 5/14/24 12:06, Brendan Doyle via discuss wrote: >>>>> >>>>> On 14/05/2024 09:50, Dumitru Cea

Re: [ovs-discuss] [External] : Re: Regression in latest LTS - ACLs for ports in multiple Port Groups not working

On 5/14/24 12:06, Brendan Doyle via discuss wrote: > > > On 14/05/2024 09:50, Dumitru Ceara wrote: >> On 5/7/24 12:38, Brendan Doyle via discuss wrote: >>> Hi, >>> >>> Seems there is a regression with the latest LTS release in terms of Port >>

Re: [ovs-discuss] [OVN] Not working ACLs

marizing: # sb_datapath=4 # sb_inport=1 # sb_outport=3 Hope this helps, Best regards, Dumitru > Thanks! > Best regards, > Justin Lamp > > Am 14.05.24 um 10:55 schrieb Dumitru Ceara: >> On 4/26/24 12:50, Justin Lamp via discuss wrote: >>> Hey there, >>&g

Re: [ovs-discuss] [OVN] Not working ACLs

On 4/26/24 12:50, Justin Lamp via discuss wrote: > Hey there, > > we are on OVN 23.06.3 + OVS 3.1.2 and are facing an issue with the ACLs. For > some odd reason some UDP Packets are not dropped. I attached all the > information I was able to gather. The attached traces show the Wireguard >

Re: [ovs-discuss] Regression in latest LTS - ACLs for ports in multiple Port Groups not working

On 5/7/24 12:38, Brendan Doyle via discuss wrote: > Hi, > > Seems there is a regression with the latest LTS release in terms of Port > Group > ACLs when ports are in multiple Port Groups. As an example I have 3 > ports in a > Port Group, and  two of them in another Port Group, that has an ACL to

Re: [ovs-discuss] NorthD inc-engine Handlers; OVN 24.03

> >>- >>- Do you think there is a reason in implementing that handler? ( >>*SB_datapath_binding*) >> >> > I'm fine adding a handler if it helps in the scale. In our use cases, we > don't frequently create/delete the logical switches and routers &

Re: [ovs-discuss] Segmentation fault on logical router nat entry addition at nbctl_lr_nat_add

> On Thu, Apr 4, 2024 at 2:05 AM Dumitru Ceara wrote: > >> On 4/4/24 01:44, Sri kor wrote: >>> Hi Dumitru, >>>I have been facing segmantation fault everytime when I trigger >>> lr-nat-add with dnat_and_snat. It is distro from centros and it is

Re: [ovs-discuss] Segmentation fault on logical router nat entry addition at nbctl_lr_nat_add

"fedora-logo-icon" >> CPE_NAME="cpe:/o:rocky:rocky:9::baseos" >> HOME_URL="https://rockylinux.org/; >> BUG_REPORT_URL="https://bugs.rockylinux.org/; >> ROCKY_SUPPORT_PRODUCT="Rocky-Linux-9" >> ROCKY_SUPPORT_PRODUCT_VERSION="9.1" >> REDHAT_SUPPOR

Re: [ovs-discuss] [ovs-dev] [PATCH] Rename primary development branch as main.

On 3/21/24 13:32, Ilya Maximets wrote: > CC: ovs-discuss for visibility. > Thanks for the heads up, Ilya! > It seems like this change will affect ovn-fake-multinode project > and ovn-heater as they are cloning 'master' branch by default. I opened draft PRs for ovn-fake-multinode and

[ovs-discuss] [ADVISORY] CVE-2024-2182: Open Virtual Network: Insufficient validation of incoming BFD packets.

Description === Multiple versions of OVN (Open Virtual Network) are vulnerable to crafted BFD packets potentially causing denial of service. OVN supports configuration of gateway chassis and high-availability chassis groups (via the Gateway_Chassis and HA_Chassis_Group tables in the

Re: [ovs-discuss] Segmentation fault on logical router nat entry addition at nbctl_lr_nat_add

On 2/13/24 00:10, Sri kor via discuss wrote: > Hi Team, >   When I am trying to add the nat entry for LR, ovn-nbctl cored. here is > back trace.  Hi, > > [root@ovnkube-db-0 ~]# ovn-nbctl --no-leader-only lr-nat-add > a_4a3e9209_8826_4561_9c58_4a852bd61c45_lr_a2b89a8a_530a_446f_bf6c_ecf223a7af22

Re: [ovs-discuss] [External] : Meters for ACL commands

On 12/18/23 12:24, Brendan Doyle wrote: > > > On 18/12/2023 09:58, Dumitru Ceara wrote: >> On 12/12/23 17:58, Brendan Doyle via discuss wrote: >>> Just FYI I got it working with : >>> >>> ovn-nbctl --fair meter-add acl_drop drop 10 pktp

Re: [ovs-discuss] [External] : Meters for ACL commands

On 12/12/23 17:58, Brendan Doyle via discuss wrote: > > Just FYI I got it working with : > > ovn-nbctl --fair meter-add acl_drop drop 10 pktps > Sorry for the late reply, Brendan, but is this meter shared between multiple ACLs? The "--fair" attribute is only relevant in those cases. Otherwise

Re: [ovs-discuss] OVN upgrade

l Best regards, Dumitru > -Srini > > On Fri, Nov 3, 2023 at 6:54 AM Sri kor wrote: > >> Thanks Dumitru!! >> >> On Fri, Nov 3, 2023 at 3:08 AM Dumitru Ceara wrote: >> >>> On 11/1/23 20:33, Sri kor via discuss wrote: >>>> Hi Team, >>

Re: [ovs-discuss] OVN rpm-fedora build failure

On 11/29/23 21:58, Sri kor via discuss wrote: > Hi Team, Hi, Srini, >I needed to upgrade to ovn-23.09. As the packages are not ready for > 23.09 and ready only till 23.06 on Centos repo > , > I needed build the

Re: [ovs-discuss] [ovs-discuess] Multicast on router leads to ovs-vswitchd segment fault!

On 11/14/23 07:06, wangchuanlei via discuss wrote: > Hi Joe / Dumitru / Team, Hi Wangchuanlei, > I am testing the process of ipv4 multicast in OVN/OVS, but the process > ovs-vswitchd encountered a segement fault, because the stack memory is > exhausted. > My network is configured as

Re: [ovs-discuss] Is there a way to use OVN LRP with BFD table to send a BFD One-Arm-echo to physical switch gw

On 11/3/23 10:35, Brain Empty via discuss wrote: > Hi, teams > Hi, > Is there a way to use OVN LRP with BFD table to send a One-Arm-BFD-echo > packet to the physical switch gw? > > > ref:  > https://support.huawei.com/enterprise/en/doc/EDOC1100096312/7c43c2e3/bfd-one-arm-echo > >

Re: [ovs-discuss] ovn-central and ovn-controller compatibility question on OVS/OVN upgrade

On 11/2/23 19:59, Joe Liu via discuss wrote: > Hi community, > Hi Joe, > We hit an issue during upgrading OVS/OVN on ovn-central on master node, > and ovn-controllers on worker nodes: > > Before the upgrade, we have > openvswitch-2.16.90 > ovn-21.09.0 > ovn-host-21.09.0 > ovn-central-21.09.0 >

Re: [ovs-discuss] Gratuitous ARP is missing

On 11/1/23 21:28, Sri kor via discuss wrote: > Hii,  > Hi Srini, > At times, when I allocate a VM to a compute node, the network fails to > learn an ARP entry. This issue occurs randomly, making it challenging to > predict when it will happen. I am interested in logging any instances > where

Re: [ovs-discuss] OVN 100% CPU - massive number of ARP entries

On 11/1/23 06:06, Gavin McKee via discuss wrote: > Hi , > Hi Gavin, > We are seeing ovn-controller churning constantly at 100% CPU usage. > > (Open vSwitch) 2.17.6 > ovn-controller 22.09.2 > Is this a deployment that can be upgraded to newer OVS/OVN versions? >

Re: [ovs-discuss] OVN/OVSDB Performance Numbers and Tests

On 9/22/23 11:51, Yakov via discuss wrote: > Hello guys, > Hi, Yakov, > My name is Yakov and I am new to the OVN and virtual networks in general. I > am now trying to get some estimates on how a VM cluster of 20k+ VMs spread > across 400-500 hypervisors in one data center will behave (mostly

Re: [ovs-discuss] OVN Maximum number of ecmp routes

On 9/21/23 08:16, chuanyun Xiao via discuss wrote: > Hi: > In ovn 23.03.0, I run the "*ovn-nbctl --ecmp lr-route-add ROUTER PREFIX > NEXTHOP [PORT]*" command to add multiple routes with the same prefix but > different nexthop and port. Somebody tell me Specifies the maximum number > of ecmp

Re: [ovs-discuss] MAC binding aging refresh mechanism

On 5/26/23 08:37, Ales Musil wrote: > On Fri, May 26, 2023 at 7:58 AM Han Zhou wrote: > >> >> >> On Thu, May 25, 2023 at 9:19 AM Ilya Maximets wrote: >>> >>> On 5/25/23 14:08, Ales Musil via discuss wrote: Hi, to improve the MAC binding aging mechanism we need a way to ensure >>

Re: [ovs-discuss] Help-How to know the node is offline in northd?

On 4/26/23 09:04, wangchuanlei wrote: >> Hi, > >> On 4/21/23 08:17, wangchuanlei via discuss wrote: >>> I have one center and serveral node, and all nodes are connected >>> to center with options ovn-remote=tcp:192.168.0.x:6642, when one node >>> lost connection to center, the commands

Re: [ovs-discuss] Help-How to know the node is offline in northd?

Hi, On 4/21/23 08:17, wangchuanlei via discuss wrote: > I have one center and serveral node, and all nodes are connected to > center with options ovn-remote=tcp:192.168.0.x:6642, when one node lost > connection to center, the commands "ovn-sbctl list chassis" still see the > node. > How

Re: [ovs-discuss] OVN: too many resubmits for arp requests

On 2/27/23 17:04, Felix Hüttner wrote: >> On 2/22/23 09:41, Felix Hüttner via discuss wrote: >>> Hello everyone, >>> >> >> Hi Felix, >> >>> we are currently running ovn 22.12 for our openstack environment. >>> We have a large logical switch which is connected to our internet >>> connection. >>>

Re: [ovs-discuss] OVN: too many resubmits for arp requests

On 2/22/23 09:41, Felix Hüttner via discuss wrote: > Hello everyone, > Hi Felix, > we are currently running ovn 22.12 for our openstack environment. > We have a large logical switch which is connected to our internet connection. > On this switch there are currently around 350 logical routers

Re: [ovs-discuss] [External] : Re: Do entries in the MAC_Binding table age out? Seeing incorrect entry after a VIP moved

On 1/27/22 11:59, Brendan Doyle wrote: > Hi Daniel , > > Thanks for the response, I'm not sure the patch in [1] would help in > this case. > The stale binding is of a VIP in the underlay learned through an OVN > physical > network port. The VIP is hosted by a number of "Management" nodes, the OVN

Re: [ovs-discuss] TCP Load Balancers and PMTU discovery

On 12/11/20 17:53, Miguel Angel Ajo wrote: > > Do we know if OVN Loadbalancers will forward ICMPs related to a load > balancer connection, or who could I ask? > > Please note that  >  - 172.30.23.156 is the VIP of my TCP load balancer, attached to a router. >  - 10.129.2.2 is the gateway which

Re: [ovs-discuss] Multiple localnet ports associated with the same external network/bridge mapping

On 1/6/23 12:37, Rutuja Umesh Madhure via discuss wrote: > Hi team, Hi Rutuja, > Can you please guide us on this. > > We have two logical switches, each with a *localnet*port associated with > the same external network - 'ext-net-1' > (*ovn-bridge-mappings*="ext-net-1:brPhy1") > > switch

Re: [ovs-discuss] ovn-controller stranger behaviour

as false to solve this >>> behaviour. >>> It seems the option I have now is to use it as a workaround until I have >>> conditions to upgrade to Yoga that has OVN 22.03. >>> >>> Thank you for your help. >>> >>> Regards, >>> >

Re: [ovs-discuss] [ovs-dev] Commit 355fef6f2 seems to break connectivity in my setup

On 6/14/22 22:24, Ilya Maximets wrote: > On 6/14/22 16:26, Oz Shlomo wrote: >> Hi Ilya, >> >> On 6/14/2022 4:03 PM, Ilya Maximets wrote: >>> On 6/14/22 10:27, Oz Shlomo via dev wrote: On 6/8/2022 3:16 AM, Frode Nordahl wrote: > On Tue, Jun 7, 2022 at 12:16 AM Ilya Maximets

Re: [ovs-discuss] [OVN] branch name renamed from 'master' to 'main'

On 10/7/21 2:26 PM, Aaron Conole wrote: > Aaron Conole writes: > >> Dumitru Ceara writes: >> >>> On 10/5/21 7:39 PM, Numan Siddique wrote: >>>> Hello everyone, >>> >>> Hi Numan, >>> >>> +Aaron > > I re-started

Re: [ovs-discuss] [OVN] branch name renamed from 'master' to 'main'

On 10/5/21 7:39 PM, Numan Siddique wrote: > Hello everyone, Hi Numan, +Aaron > > The default branch of OVN has been renamed from 'master' to 'main'. I > had brought this up > for discussion in our weekly upstream OVN meeting a couple of weeks > ago and the attendees were supportive of it. >

Re: [ovs-discuss] WARN: execute ct(commit, zone=...) failed (Invalid argument)

On 9/3/21 9:10 PM, Odintsov Vladislav wrote: > We do use OOT module. > > Looks like it’s a bugfix and can be backported..? I think it meets backport criteria, I sent a patch: https://patchwork.ozlabs.org/project/openvswitch/patch/20210907080524.27862-1-dce...@redhat.com/ > > Regards, >

Re: [ovs-discuss] [ovn] help with creating logical topology with l3 gateway

On 3/26/21 1:14 AM, Moshe Levi wrote: > > >> -Original Message----- >> From: Dumitru Ceara >> Sent: Friday, March 26, 2021 12:58 AM >> To: Moshe Levi ; ovs-discuss@openvswitch.org >> Subject: Re: [ovs-discuss] [ovn] help with creating logical topology wit

Re: [ovs-discuss] [ovn] help with creating logical topology with l3 gateway

On 3/25/21 10:50 PM, Moshe Levi wrote: > > >> -Original Message----- >> From: Dumitru Ceara >> Sent: Thursday, March 25, 2021 1:44 PM >> To: Moshe Levi ; ovs-discuss@openvswitch.org >> Subject: Re: [ovs-discuss] [ovn] help with creating logical topolo

Re: [ovs-discuss] [ovn] help with creating logical topology with l3 gateway

On 3/25/21 12:40 PM, Dumitru Ceara wrote: >> Also, to see exactly where the packet is dropped, please share the >> output of: >> >> inport=$(ovs-vsctl --bare --columns ofport list interface vm

Re: [ovs-discuss] [ovn] help with creating logical topology with l3 gateway

On 3/25/21 12:36 PM, Dumitru Ceara wrote: > On 3/25/21 12:16 PM, Moshe Levi wrote: >> >> >>> -Original Message- >>> From: Dumitru Ceara >>> Sent: Thursday, March 25, 2021 12:49 PM >>> To: Moshe Levi ; ovs-discuss@openvswitch.org >

Re: [ovs-discuss] [ovn] help with creating logical topology with l3 gateway

On 3/25/21 12:16 PM, Moshe Levi wrote: > > >> -Original Message----- >> From: Dumitru Ceara >> Sent: Thursday, March 25, 2021 12:49 PM >> To: Moshe Levi ; ovs-discuss@openvswitch.org >> Subject: Re: [ovs-discuss] [ovn] help with creating logical topolo

Re: [ovs-discuss] [ovn] help with creating logical topology with l3 gateway

On 3/24/21 11:31 PM, Moshe Levi wrote: > Hi all, Hi Moshe, > I trying to create logical topology with l3 gateway. > I have create the following logical topology: > I able to ping from ns to 100.64.0.1 but it failed to ping 100.64.0.2 (port > on the gw-worker1). > Below I pasted the command I am

Re: [ovs-discuss] tracing ovs flows in br-int

On 1/18/21 11:21 PM, Brendan Doyle wrote: I found some stuff about using ovs-appctl ofproto/trace here (https://docs.ovn.org/_/downloads/en/stable/pdf/) and followed the instructions, but no joy just get an error thrown back at me. Is there a place where the flows are documented with examples

Re: [ovs-discuss] [ovn] TCP/UDP traffic dropped between IP addresses defined in allowed address pairs when remote security group is used

On 12/15/20 12:02 PM, Krzysztof Klimonda wrote: > Hi Dumitru, > > Thanks for checking it out. > > On Tue, Dec 15, 2020, at 10:45, Dumitru Ceara wrote: >> Hi Krzysztof, >> >> Thanks for the DBs and all the details. >> >> I gave it a try on my loc

Re: [ovs-discuss] [ovn] TCP/UDP traffic dropped between IP addresses defined in allowed address pairs when remote security group is used

Hi Krzysztof, Thanks for the DBs and all the details. I gave it a try on my local setup, using your DBs. The behavior below is identical on v20.06.2, branch-20.12 and current master. # ovn-nbctl --columns addresses,port_security list logical_switch_port 81d23182-37ac-4d3d-815e-4c25d26fe154

Re: [ovs-discuss] OVN，does OVN support VXLAN EVPN ？

On 11/10/20 11:14 AM, fangt...@ruijie.com.cn wrote: > HI all， > Hi Tian, >  Currently I want to make a Poc of VXVLAN EVPN with OVN as depicted > below: > >   > >   LS-1    LS-1 > >   > |   

Re: [ovs-discuss] [OVN] Too many resubmits for packets coming from "external" network

On 9/29/20 1:23 PM, Daniel Alvarez Sanchez wrote: > > > On Tue, Sep 29, 2020 at 1:14 PM Dumitru Ceara <mailto:dce...@redhat.com>> wrote: > > On 9/29/20 1:07 PM, Krzysztof Klimonda wrote: > > On Tue, Sep 29, 2020, at 12:40, Dumitru Ceara wrote: >

Re: [ovs-discuss] [OVN] Too many resubmits for packets coming from "external" network

On 9/29/20 1:07 PM, Krzysztof Klimonda wrote: > On Tue, Sep 29, 2020, at 12:40, Dumitru Ceara wrote: >> On 9/29/20 12:14 PM, Daniel Alvarez Sanchez wrote: >>> >>> >>> On Tue, Sep 29, 2020 at 11:14 AM Krzysztof Klimonda >>> >> <mailto:kklimo...@

Re: [ovs-discuss] [OVN] Too many resubmits for packets coming from "external" network

On 9/29/20 12:14 PM, Daniel Alvarez Sanchez wrote: > > > On Tue, Sep 29, 2020 at 11:14 AM Krzysztof Klimonda > <mailto:kklimo...@syntaxhighlighted.com>> wrote: > > On Tue, Sep 29, 2020, at 10:40, Dumitru Ceara wrote: > > On 9/29/20 12:42 AM, Krzys

Re: [ovs-discuss] [OVN] Too many resubmits for packets coming from "external" network

that needs to be explicitly enabled on the logical switch connected to the external network. Would this work for you? Thanks, Dumitru > -- Krzysztof Klimonda kklimo...@syntaxhighlighted.com On Mon, Sep 28, > 2020, at 21:14, Dumitru Ceara wrote: >> On 9/28/20 5:33 PM, Krzysztof Klimonda wrote:

Re: [ovs-discuss] [OVN] Too many resubmits for packets coming from "external" network

On 9/28/20 5:33 PM, Krzysztof Klimonda wrote: > Hi, > Hi Krzysztof, > We're still doing some scale tests of OpenStack ussuri with ml2/ovn driver. > We've deployed 140 virtualized compute nodes, and started creating routers > that share single external network between them. Additionally, each

Re: [ovs-discuss] OVN Scale with RAFT: how to make ovn-northd more reliable when RAFT leader unstable

Regards, Dumitru > > On Fri, Jul 17, 2020 at 8:53 AM Winson Wang <mailto:windson.w...@gmail.com>> wrote: > > > > On Fri, Jul 17, 2020 at 12:54 AM Dumitru Ceara <mailto:dce...@redhat.com>> wrote: > > On 7/17/20 2:58 AM, Winson Wang wrote:

Re: [ovs-discuss] Inquiry for DDlog status for ovn-northd

On 8/26/20 5:11 PM, Dumitru Ceara wrote: > On 8/25/20 7:46 PM, Ben Pfaff wrote: >> On Tue, Aug 25, 2020 at 06:43:51PM +0200, Dumitru Ceara wrote: >>> On 8/25/20 6:01 PM, Ben Pfaff wrote: >>>> On Mon, Aug 24, 2020 at 04:28:22PM -0700, Han Zhou wrote: >>>>&

Re: [ovs-discuss] Inquiry for DDlog status for ovn-northd

On 8/25/20 7:46 PM, Ben Pfaff wrote: > On Tue, Aug 25, 2020 at 06:43:51PM +0200, Dumitru Ceara wrote: >> On 8/25/20 6:01 PM, Ben Pfaff wrote: >>> On Mon, Aug 24, 2020 at 04:28:22PM -0700, Han Zhou wrote: >>>> As I remember you were working on the new

Re: [ovs-discuss] Inquiry for DDlog status for ovn-northd

On 8/25/20 6:01 PM, Ben Pfaff wrote: > On Mon, Aug 24, 2020 at 04:28:22PM -0700, Han Zhou wrote: >> As I remember you were working on the new ovn-northd that utilizes DDlog >> for incremental processing. Could you share the current status? >> >> Now that some more improvements have been made in

Re: [ovs-discuss] SB flows not being created in OVN K8 Stateful set

On 8/6/20 2:03 PM, Brendan Doyle wrote: > > > On 06/08/2020 12:31, Dumitru Ceara wrote: >> On 8/6/20 11:54 AM, Brendan Doyle wrote: >>> I don't see any ovn-northd.log log, I only see those when I'm running >>> OVN outside the k8s cluster. >>> Before I

Re: [ovs-discuss] SB flows not being created in OVN K8 Stateful set

eceive error: Connection reset by peer > 2020-08-05T14:10:05.378Z|00022|reconnect|WARN|tcp:253.255.0.33:6642: > connection dropped (Connection reset by peer) > 2020-08-05T14:10:05.379Z|00023|reconnect|INFO|tcp:253.255.0.35:6642: > connecting... > 2020-08-05T14:10:05.379Z|00024|reconne

Re: [ovs-discuss] SB flows not being created in OVN K8 Stateful set

On 8/5/20 5:14 PM, Brendan Doyle wrote: > Folks, > > I'm stumped here, I have the k8 ovnkube-db-raft Stateful set up and > running. > But when I create a simple network, no SB flows are generated. > > ovn-nbctl show shows my network. ovn-sbctl show shows the physicals > systems in my network. >

Re: [ovs-discuss] OVN Scale with RAFT: how to make ovn-northd more reliable when RAFT leader unstable

.txt | grep "=53" | wc -l > 249488 > Coredns pod has svc with port number 53 and 9153. > How many backends do you have for these VIPs (with port number 53 and 9153) in your load_balancer config? Thanks, Dumitru > Please let me know if you need more information. >

Re: [ovs-discuss] OVN Scale with RAFT: how to make ovn-northd more reliable when RAFT leader unstable

ded. However, I didn't get the chance to try it out yet. Thanks, Dumitru > > Regards, > Winson > > > On Fri, May 1, 2020 at 1:35 AM Dumitru Ceara <mailto:dce...@redhat.com>> wrote: > > On 5/1/20 12:00 AM, Winson Wang wrote: > > H

Re: [ovs-discuss] [OVN] logical flow explosion in lr_in_ip_input table for dnat_and_snat IPs

d, as expected, we > still have a rule to Flood the Gratuitous ARPs sent for all SNAT and > DNAT extenal IP addresses. > > This looks great. Thank you both. > > Regards, > ~Girish > Hi Girish, Thanks for the confirmation! Regards, Dumitru > On Wed, Jul 8, 2020 at 5:2

Re: [ovs-discuss] [IDL] unhandled/unexpected OVSDB reply to set_db_change_aware method

On 7/9/20 9:02 PM, Dumitru Ceara wrote: > On 7/9/20 3:40 PM, Dan Williams wrote: >> On Mon, 2020-07-06 at 23:57 -0700, Girish Moodalbail wrote: >>> Hello all, >>> >>> In the OVN Kubernetes project, we are seeing a ton of following >>> errors in &g

Re: [ovs-discuss] [IDL] unhandled/unexpected OVSDB reply to set_db_change_aware method

On 7/9/20 3:40 PM, Dan Williams wrote: > On Mon, 2020-07-06 at 23:57 -0700, Girish Moodalbail wrote: >> Hello all, >> >> In the OVN Kubernetes project, we are seeing a ton of following >> errors in >> ovsdb-server-nb.log and ovsdb-server-sb.log. >> >> -8<8<-- >>

Re: [ovs-discuss] [OVN] logical flow explosion in lr_in_ip_input table for dnat_and_snat IPs

On 6/25/20 9:47 PM, Dumitru Ceara wrote: > On 6/25/20 9:34 PM, Girish Moodalbail wrote: >> Hello Dumitru, Han, >> >> So, we applied this patchset and gave it a spin on our large scale >> cluster and saw a significant reduction in the number of logical flows >>

Re: [ovs-discuss] [OVN] logical flow explosion in lr_in_ip_input table for dnat_and_snat IPs

ts to > through a gateway port.  > This is also a bug, similar to the one above, we should only deal with external_mac's that might be used on this port. I'll fix it too soon. Thanks, Dumitru > Regards, > ~Girish > > On Wed, Jun 24, 2020 at 8:55 AM Dumitru Ceara <mailto

Re: [ovs-discuss] [OVN] logical flow explosion in lr_in_ip_input table for dnat_and_snat IPs

Hi Girish, I sent a patch series to implement Han's suggestion: https://patchwork.ozlabs.org/project/openvswitch/list/?series=185580 https://mail.openvswitch.org/pipermail/ovs-dev/2020-June/372005.html It would be great if you could give it a run on your setup too. Thanks, Dumitru On 6/16/20

Re: [ovs-discuss] RFC - OVN end to end packet tracing - ovn-global-trace

On 6/8/20 1:52 PM, Dumitru Ceara wrote: > Hi everyone, > > CC-ing ovn-kubernetes mailing list as I know there's interest about this > there too. > > OVN currently has a couple of tools that help > tracing/tracking/simulating what would happen to packets within OVN, > so

Re: [ovs-discuss] RFC - OVN end to end packet tracing - ovn-global-trace

rectly uses the tools already existing in OVS/OVN essentially performing the steps that something like ovn-global-trace would do. Thanks, Dumitru > Tim Rozet > Red Hat CTO Networking Team > > > On Mon, Jun 8, 2020 at 7:53 AM Dumitru Ceara <mailto:dce...@redhat.com>> wro

[ovs-discuss] RFC - OVN end to end packet tracing - ovn-global-trace

Hi everyone, CC-ing ovn-kubernetes mailing list as I know there's interest about this there too. OVN currently has a couple of tools that help tracing/tracking/simulating what would happen to packets within OVN, some examples: 1. ovn-trace 2. ovs-appctl ofproto/trace ... | ovn-detrace They're

Re: [ovs-discuss] check_pkt_larger precision

On 5/29/20 12:51 PM, Numan Siddique wrote: > > > On Fri, May 29, 2020 at 3:41 PM Miroslav Kubiczek > > wrote: > > > On 29. 05. 20 11:29, Numan Siddique wrote: >> On Fri, May 29, 2020 at 2:25 PM Miroslav Kubiczek >> >

Re: [ovs-discuss] [OVN] flow explosion in lr_in_arp_resolve table

er will generate an ARP request for the next hop using the FIP-IP and FIP-MAC. This will be broadcasted to all routers connected to the public LS and will trigger them to learn the FIP-IP:FIP-MAC binding. > Thanks, > Daniel > > > On Thu, May 28, 2020 at 10:51 AM Dumitru Ceara wro

Re: [ovs-discuss] [OVN] flow explosion in lr_in_arp_resolve table

On 5/28/20 8:34 AM, Han Zhou wrote: > > > On Wed, May 27, 2020 at 1:10 AM Dumitru Ceara <mailto:dce...@redhat.com>> wrote: >> >> Hi Girish, Han, >> >> On 5/26/20 11:51 PM, Han Zhou wrote: >> > >> > >> > On Tue, May

Re: [ovs-discuss] [OVN] flow explosion in lr_in_arp_resolve table

; > >>> >   table=19(ls_in_l2_lkup      ), priority=80   , match=(eth.src == > { M2 } && (arp.op == 1 || nd_ns)), action=(outport = "_MC_flood"; output;) >>> >   table=19(ls_in_l2_lkup      ), priority=75   , match=(flags[1] == > 0 && arp.o

Re: [ovs-discuss] [OVN] flow explosion in lr_in_arp_resolve table

ou think this works? > > > I think this should work as well. > > For the single join switch connected to 1000 GRs, it should work as well > (assuming your other fix for dynamic learning is present as well). > However, in this case,  even with this option set we will still be >

Re: [ovs-discuss] [ovn] should allow-related action apply to packets destined to logical router?

On 5/7/20 9:26 PM, Flavio Fernandes wrote: > > Heh, let me take a moment to answer my own question. ;^) > dceara pointed me to a change in ovn [a] that explains this change in > behavior. > It was done to address issue 1076 [b]. > Well, actually [b] was opened due to [a] and the fix was to add

Re: [ovs-discuss] OVN Scale with RAFT: how to make ovn-northd more reliable when RAFT leader unstable

On 5/1/20 12:00 AM, Winson Wang wrote: > Hi Han,  Dumitru, > Hi Winson, > With the fix from Dumitru > https://github.com/ovn-org/ovn/commit/97e82ae5f135a088c9e95b49122d8217718d23f4 > > It can greatly reduced the OVS SB RAFT workload based on my stress test > mode with k8s svc with large

Re: [ovs-discuss] OVN - Opaque metadata on logical switch ports to simplify network policies

On 4/17/20 7:52 AM, Han Zhou wrote: > > > On Thu, Apr 16, 2020 at 9:54 PM Han Zhou <mailto:hz...@ovn.org>> wrote: >> >> >> >> On Thu, Apr 16, 2020 at 2:41 AM Dumitru Ceara <mailto:dce...@redhat.com>> wrote: >> > >> > On 4/11

Re: [ovs-discuss] OVN - Opaque metadata on logical switch ports to simplify network policies

On 4/11/20 1:03 AM, Han Zhou wrote: > > > On Thu, Apr 9, 2020 at 4:54 PM Mark Michelson <mailto:mmich...@redhat.com>> wrote: >> >> On 4/2/20 7:30 AM, Dumitru Ceara wrote: >> > Hi all, >> > >> > I'd like to bring up to discussion th

[ovs-discuss] OVN - Opaque metadata on logical switch ports to simplify network policies

Hi all, I'd like to bring up to discussion the following feature request that would make the life of some CMSs easier when implementing network policies with OVN ACLs. If OVN would allow a CMS to attach an opaque metadata value to logical switch ports (e.g., a 32-bit integer) and also support

Re: [ovs-discuss] [OVN] Routed provider networks

On 3/30/20 4:53 PM, Maciej Jozefczyk wrote: > Hello! > > I started to work on Routed Provider Networks feature for Openstack > Neutron, that is described [1]. > Neutron community chosen second variant of this RFE, that would be > easier to implement for now. > > To achieve this we would need to

Re: [ovs-discuss] [OVN] QoS rules share the same Openflow meter

On 3/24/20 2:33 PM, Maciej Jozefczyk wrote: > Hi all! > > I have the following setup: > - Logical Switch with 3 Logical Ports that are VMs: >    * 1 LSP from which i test QoS with iperf3 >    * 2 LSPs have QoS policy set. > > Configured QoS rules: >

Re: [ovs-discuss] No connectivity due to missing ARP reply

b.com/ovn-org/ovn/commit/d2ab98463f299e67a9f9a31e8b7c42680b8645cf Regards, Dumitru > > > -Ursprüngliche Nachricht- > Von: Dumitru Ceara > Gesendet: Montag, 23. März 2020 13:28 > An: Plato, Michael ; ovs-discuss@openvswitch.org > Betreff: Re: [ovs-discuss] No connectivity due

Re: [ovs-discuss] No connectivity due to missing ARP reply

On 3/21/20 7:04 PM, Plato, Michael wrote: > > Hi all, > > we use OVN with Openstack and have a problem with the following setup: > > > | | > --- |   10.176.0.156 | --- > | VM1 |-

Re: [ovs-discuss] Too many resubmits in the OVS pipeline for scaled OVN topologies due to multicast_group implementation

On Wed, Oct 2, 2019 at 8:46 PM Han Zhou wrote: > > > > On Wed, Oct 2, 2019 at 9:11 AM Dumitru Ceara wrote: > > > > On Tue, Oct 1, 2019 at 8:41 PM Han Zhou wrote: > > > > > > > > > > > > On Tue, Oct 1, 2019 at 3:34 AM Dumitru Ceara wr

Re: [ovs-discuss] Too many resubmits in the OVS pipeline for scaled OVN topologies due to multicast_group implementation

On Tue, Oct 1, 2019 at 8:41 PM Han Zhou wrote: > > > > On Tue, Oct 1, 2019 at 3:34 AM Dumitru Ceara wrote: > > > > Hi, > > > > We've hit a scaling issue recently [1] in the following topology: > > > > - External network connected to public logical

[ovs-discuss] Too many resubmits in the OVS pipeline for scaled OVN topologies due to multicast_group implementation

Hi, We've hit a scaling issue recently [1] in the following topology: - External network connected to public logical switch "LS-pub" - ~300 logical networks (LR-i <--> LS-i <--> VMi) connected to LS-pub with dnat_and_snat rules. While trying to ping the VMs from outside the ARP request packet

Re: [ovs-discuss] [OVN] Aging mechanism for MAC_Binding table

On Wed, Aug 21, 2019 at 6:47 PM Ben Pfaff wrote: > > On Tue, Aug 20, 2019 at 06:11:12PM -0700, Han Zhou wrote: > > On Tue, Aug 20, 2019 at 4:57 PM Ben Pfaff wrote: > > > > > > Let me see if I'm following this correctly. This is what currently > > > happens: > > > > > > - HV1 needs a MAC address

Re: [ovs-discuss] [OVN] ovn-controller Incremental Processing scale testing

On Tue, Jun 11, 2019 at 10:40 AM Daniel Alvarez Sanchez wrote: > > Hi Han, all, > > Lucas, Numan and I have been doing some 'scale' testing of OpenStack > using OVN and wanted to present some results and issues that we've > found with the Incremental Processing feature in ovn-controller. Below >