Uploaded image for project: 'netvirt'
  1. netvirt
  2. NETVIRT-820

DualStack: L3 forwarding broken, absence of appropriate OF rules

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved
    • Medium
    • Resolution: Cannot Reproduce
    • Nitrogen
    • None
    • General
    • None

    • Operating System: All
      Platform: All

    • 8928

    Description

      If we apply DualStack patch set:

      git fetch https://git.opendaylight.org/gerrit/netvirt refs/changes/46/60246/37 && git checkout FETCH_HEAD

      to current HEAD [0], we noticed a problem with L3 forwarding.

      Steps to reproduce:

      0. checkout patch set above and apply it to Nitrogen HEAD [1], compile a build

      1. launch compiled build with following options in etc/custom.properties:

      ovsdb.of.version=1.3
      ovsdb.l3.fwd.enabled=yes
      vpnservice.bgpspeaker.host.name = 127.0.0.1

      install DevStack stable/newton

      2. create following neutron network infrastructure:

      2.1 neutron net-create A

      2.2 neutron subnet-create --name SUB1 A 10.0.0.0/24

      2.3 neutron subnet-create --name SUB2 --ip-version 6 --ipv6-ra-mode slaac --ipv6-address-mode slaac --allocation-pool start=2001:db8:0:2::2,end=2001:db8:0:2:ffff:ffff:ffff:fffe A 2001:db8:0:2::/64

      2.4 neutron router-create RT

      2.5
      root@controller-deray:/opt/stack/devstack# neutron subnet-list
      ----------------------------------------------------------------------------------------------------------------------------------+

      id name cidr allocation_pools

      ----------------------------------------------------------------------------------------------------------------------------------+

      44fd58bd-97d6-4c5f-8a6d-7c012e326155 SUB1 10.0.0.0/24 {"start": "10.0.0.2", "end": "10.0.0.254"}
      75e6f5b8-9cf7-411e-a440-fdfedd995779 SUB2 2001:db8:0:2::/64 {"start": "2001:db8:0:2::2", "end": "2001:db8:0:2:ffff:ffff:ffff:fffe"}

      ----------------------------------------------------------------------------------------------------------------------------------+

      2.6 # neutron router-interface-add RT 44fd58bd-97d6-4c5f-8a6d-7c012e326155
      Added interface 703b9a7d-8de9-4089-8716-84c1789e359e to router RT.

      2.7 # neutron router-interface-add RT 75e6f5b8-9cf7-411e-a440-fdfedd995779
      Added interface 3820373a-4d9e-4af3-8506-571d73a25895 to router RT.

      2.8 # neutron net-create B

      2.9 # neutron subnet-create --name SUB4_B B 20.0.0.0/24

      2.10 # neutron subnet-create --name SUB6_B --ip-version 6 --ipv6-ra-mode slaac --ipv6-address-mode slaac --allocation-pool start=2001:db5:0:5::2,end=2001:db5:0:5:ffff:ffff:ffff:fffe B 2001
      :db5:0:5::/64

      2.11 # neutron router-interface-add RT SUB4_B.

      2.12 # neutron router-interface-add RT SUB6_B.

      2.13 # neutron security-group-create X

      2.14

      openstack security group rule create X --ingress --dst-port 1:65535 --protocol tcp
      openstack security group rule create X --egress --dst-port 1:65535 --protocol tcp
      openstack security group rule create X --egress --dst-port 1:65535 --protocol udp
      openstack security group rule create X --ingress --dst-port 1:65535 --protocol udp
      openstack security group rule create X --ingress --protocol icmp
      openstack security group rule create X --egress --protocol icmp

      openstack security group rule create X --ingress --ethertype IPv6 --dst-port 1:65535 --protocol tcp
      openstack security group rule create X --ingress --ethertype IPv6 --dst-port 1:65535 --protocol udp
      openstack security group rule create X --egress --ethertype IPv6 --dst-port 1:65535 --protocol udp
      openstack security group rule create X --egress --ethertype IPv6 --dst-port 1:65535 --protocol tcp
      openstack security group rule create X --ingress --ethertype IPv6 --protocol icmp
      openstack security group rule create X --egress --ethertype IPv6 --protocol icmp

      2.15

      neutron port-create --name PORT1 --security-group X A

      1. neutron port-list | grep PORT1
        ea93a757-84af-4b0a-a43c-01d1f9b5e85f PORT1 fa:16:3e:84:3b:a1 {"subnet_id": "44fd58bd-97d6-4c5f-8a6d-7c012e326155", "ip_address": "10.0.0.5"}

      2.16

      openstack server create --image cirros-0.3.4-x86_64-uec --flavor m1.tiny --nic port-id=ea93a757-84af-4b0a-a43c-01d1f9b5e85f --security-group X VM1

      2.17

      neutron port-create --name PORT2 --security-group X B

      2.18

      openstack server create --image cirros-0.3.4-x86_64-uec --flavor m1.tiny --nic port-id=<PORT2_id> --security-group X VM2

      3. Try to ping VM2 from network B from dhcp-namespace for network A, en vice-versa

      root@controller-deray:/opt/stack/devstack# ip netns exec qdhcp-93bfb7f2-527d-47ed-a88b-eed291186c51 ping 20.0.0.5
      PING 20.0.0.5 (20.0.0.5) 56(84) bytes of data.
      64 bytes from 20.0.0.5: icmp_seq=1 ttl=64 time=1.58 ms
      64 bytes from 20.0.0.5: icmp_seq=2 ttl=64 time=1.09 ms
      64 bytes from 20.0.0.5: icmp_seq=3 ttl=64 time=1.21 ms
      64 bytes from 20.0.0.5: icmp_seq=4 ttl=64 time=0.635 ms
      64 bytes from 20.0.0.5: icmp_seq=5 ttl=64 time=0.792 ms
      64 bytes from 20.0.0.5: icmp_seq=6 ttl=64 time=1.01 ms
      64 bytes from 20.0.0.5: icmp_seq=7 ttl=64 time=0.801 ms
      64 bytes from 20.0.0.5: icmp_seq=8 ttl=64 time=1.54 ms
      64 bytes from 20.0.0.5: icmp_seq=9 ttl=64 time=0.720 ms
      64 bytes from 20.0.0.5: icmp_seq=10 ttl=64 time=0.784 ms
      64 bytes from 20.0.0.5: icmp_seq=11 ttl=64 time=0.990 ms
      64 bytes from 20.0.0.5: icmp_seq=12 ttl=64 time=0.704 ms
      64 bytes from 20.0.0.5: icmp_seq=13 ttl=64 time=1.22 ms
      ^C
      — 20.0.0.5 ping statistics —
      13 packets transmitted, 13 received, 0% packet loss, time 12003ms
      rtt min/avg/max/mdev = 0.635/1.008/1.588/0.301 ms
      root@controller-deray:/opt/stack/devstack# ip netns exec qdhcp-93bfb7f2-527d-47ed-a88b-eed291186c51 ping 10.0.0.8
      PING 10.0.0.8 (10.0.0.8) 56(84) bytes of data.
      From 20.0.0.2 icmp_seq=1 Destination Host Unreachable
      From 20.0.0.2 icmp_seq=2 Destination Host Unreachable
      From 20.0.0.2 icmp_seq=3 Destination Host Unreachable
      From 20.0.0.2 icmp_seq=4 Destination Host Unreachable
      From 20.0.0.2 icmp_seq=5 Destination Host Unreachable
      From 20.0.0.2 icmp_seq=6 Destination Host Unreachable

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            valentina.krasnobaeva Valentina Krasnobaeva
            valentina.krasnobaeva@6wind.com Valentina Krasnobaeva
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: