Uploaded image for project: 'netvirt'
  1. netvirt
  2. NETVIRT-480

non-NAPT bridge is also sending package out to external GW

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved
    • Medium
    • Resolution: Cannot Reproduce
    • Carbon
    • None
    • General
    • None

    • Operating System: Linux
      Platform: Other

    • 7810

    Description

      distribution-karaf-0.6.0-20170208.220244-3708.zip

      I set up a two-nodes env via devstack:

      node1:
      odl@odl31:/opt/stack/opendaylight$ sudo ovs-vsctl show
      1849da19-afae-48db-b5d4-2a63e7b86d0b
      Manager "ptcp:6641:127.0.0.1"
      is_connected: true
      Manager "tcp:192.168.254.31:6640"
      is_connected: true
      Bridge br-int
      Controller "tcp:192.168.254.31:6653"
      is_connected: true
      fail_mode: secure
      Port "enp0s9"
      Interface "enp0s9"
      Port "tun70d00fe1b8c"
      Interface "tun70d00fe1b8c"
      type: vxlan
      options:

      {key=flow, local_ip="192.168.254.31", remote_ip="192.168.254.32"}

      Port br-int
      Interface br-int
      type: internal
      Port "tap70897536-9b"
      Interface "tap70897536-9b"
      type: internal
      Port "tap81e28235-bd"
      Interface "tap81e28235-bd"
      ovs_version: "2.6.0"

      node1's datapath ID:
      odl@odl31:/opt/stack/opendaylight$ sudo ovs-ofctl -Oopenflow13 show br-int | grep dpid | awk -F":" -e '

      {print "ibase=16; "toupper($3)}' | bc
      185439651770720

      node2:
      odl@odl32:~$ sudo ovs-vsctl show
      cbf6ad51-36d8-4d8d-abdf-869e7e2310c2
      Manager "tcp:192.168.254.31:6640"
      is_connected: true
      Bridge br-int
      Controller "tcp:192.168.254.31:6653"
      is_connected: true
      fail_mode: secure
      Port "enp0s9"
      Interface "enp0s9"
      Port "tun50d944cb5fe"
      Interface "tun50d944cb5fe"
      type: vxlan
      options: {key=flow, local_ip="192.168.254.32", remote_ip="192.168.254.31"}
      Port "tapa13d9ce7-68"
      Interface "tapa13d9ce7-68"
      Port br-int
      Interface br-int
      type: internal
      ovs_version: "2.6.0"

      node2's datapathid:
      odl@odl32:~$ sudo ovs-ofctl -Oopenflow13 show br-int | grep dpid | awk -F":" -e '{print "ibase=16; "toupper($3)}

      ' | bc
      255404308847466

      and get my NPAT bridge is on node2:
      odl@odl31:~$ curl -s -u admin:admin -X GET http://localhost:8181/restconf/config/odl-nat:napt-switches/ | python -mjson.tool
      {
      "napt-switches": {
      "router-to-napt-switch": [

      { "primary-switch-id": 255404308847466, "router-name": "f6c84bd6-9f25-4992-b72d-e194f77e6857" }

      ]
      }
      }

      I login my nova VM on node1 (without FIP bound), and try to using SNAT feature:

      I found the VM's traffic is going through node1's enp0s9 nic, not through node2 which
      is NAPT bridge node. If I disable the node1's enp0s9 by "ifconfig enp0s9 down", the traffic is blocked.

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            Unassigned Unassigned
            gong_ys2013@yahoo.com yong sheng gong
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: