-
Bug
-
Resolution: Done
-
High
-
Oxygen
-
None
-
High
Stale flows not removed for many data stores and OVS flows/Groups
prerequisite:
1. Collect Dump-flows and Dump-groups before starting the test on all compute nodes.
Flows: sudo ovs-ofctl -OOpenflow13 dump-flows br-int
Groups: sudo ovs-ofctl -OOpenflow13 dump-groups br-int
*+Security Group Configuration(X is CUSTM_GROUP): --> Below one is simple
+*
openstack security group create X
openstack security group rule create X --egress --dst-port 1:65535 --protocol tcp
openstack security group rule create X --egress --dst-port 1:65535 --protocol udp
openstack security group rule create X --egress --protocol icmp
openstack security group rule create X --ethertype IPv6 --egress --dst-port 1:65535 --protocol tcp
openstack security group rule create X --ethertype IPv6 --egress --dst-port 1:65535 --protocol udp
openstack security group rule create X --ethertype IPv6 --egress --protocol icmp
openstack security group rule create X --ingress --dst-port 1:65535 --protocol tcp
openstack security group rule create X --ingress --dst-port 1:65535 --protocol udp
openstack security group rule create X --ingress --protocol icmp
openstack security group rule create X --ethertype IPv6 --ingress --dst-port 1:65535 --protocol tcp
openstack security group rule create X --ethertype IPv6 --ingress --dst-port 1:65535 --protocol udp
openstack security group rule create X --ethertype IPv6 --ingress --protocol icmp
Steps:
- Create Network1 with each Subnet(ipv4 and IPv6)and boot VM.
- Create Network2 with each Subnet(ipv4 and IPv6)and boot VM.
- Create Router
- Associate Subnet to it. --> Check FIB entries Observed
- Dissociate subnet from Router --> Check FIB entries removed.
- Repeat associate and dissociate multiple time(5 times) and validate data path
- Delete all network,port,subnet, Router and check flows and data stores.
Verification has to be done following points.
1. All Config Data stores.
2. All Operational Data stores.
3. FIB Entries.
4. Dump-flows. – > Verify with Dump-flows which was taken before testing
5.Dump-groups.-> . – > Verify with Dump-Groups which was taken before testing
Commands Used:
neutron router-create R1
neutron net-create mynet1
neutron subnet-create mynet1 10.1.1.0/24 --enable-dhcp --name net1-snet1
neutron port-create mynet1 --name myport11 --security-group=CUSTM_SGP
neutron port-create mynet1 --name myport21 --security-group=CUSTM_SGP
nova boot --image cirros --flavor myhuge --nic port-id=$(neutron port-list | grep 'myport11' | awk '{print $2}') myhost11 --availability-zone nova:compute-0-4.domain.tld
nova boot --image cirros --flavor myhuge --nic port-id=$(neutron port-list | grep 'myport21' | awk '{print $2}') myhost21 --availability-zone nova:compute-0-5.domain.tld
neutron subnet-create mynet1 2001:db8:1111::/64 --ip-version 6 --ipv6-ra-mode slaac --ipv6-address-mode slaac --name net1-snet2
neutron router-create R1
neutron router-interface-add R1 net1-snet2
neutron port-create mynet1 --name myport12 --security-group=CUSTM_SGP
neutron port-create mynet1 --name myport22 --security-group=CUSTM_SGP
nova boot --image cirros --flavor myhuge --nic port-id=$(neutron port-list | grep 'myport12' | awk '{print $2}') myhost12 --availability-zone nova:compute-0-4.domain.tld
nova boot --image cirros --flavor myhuge --nic port-id=$(neutron port-list | grep 'myport22' | awk '{print $2}') myhost22 --availability-zone nova:compute-0-5.domain.tld
neutron net-create mynet2
neutron subnet-create mynet2 10.1.2.0/24 --enable-dhcp --name net2-snet1
neutron port-create mynet1 --name myport13 --security-group=CUSTM_SGP
neutron port-create mynet1 --name myport23 --security-group=CUSTM_SGP
nova boot --image cirros --flavor myhuge --nic port-id=$(neutron port-list | grep 'myport13' | awk '{print $2}') myhost13 --availability-zone nova:compute-0-4.domain.tld
nova boot --image cirros --flavor myhuge --nic port-id=$(neutron port-list | grep 'myport23' | awk '{print $2}') myhost23 --availability-zone nova:compute-0-5.domain.tld
neutron subnet-create mynet2 2001:d58:2222::/64 --ip-version 6 --ipv6-ra-mode slaac --ipv6-address-mode slaac --name net2-snet2
neutron router-interface-add R2 net2-snet2
neutron port-create mynet1 --name myport14 --security-group=CUSTM_SGP
neutron port-create mynet1 --name myport24 --security-group=CUSTM_SGP
nova boot --image cirros --flavor myhuge --nic port-id=$(neutron port-list | grep 'myport14' | awk '{print $2}') myhost14 --availability-zone nova:compute-0-4.domain.tld
nova boot --image cirros --flavor myhuge --nic port-id=$(neutron port-list | grep 'myport24' | awk '{print $2}') myhost24 --availability-zone nova:compute-0-5.domain.tld