Uploaded image for project: 'ovsdb'
  1. ovsdb
  2. OVSDB-347

GBP + SFC integration is broken

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • None
    • unspecified
    • Southbound.Open_vSwitch
    • None

    • Operating System: All
      Platform: All

    • 5992

      we have noticed problems when running Group Based Policy demos and CSIT jobs after https://git.opendaylight.org/gerrit/#/c/37730 and it’s cherry-pick were merged.

      Affected Jenkins jobs which started failing since the patch was merged
      https://jenkins.opendaylight.org/groupbasedpolicy/job/groupbasedpolicy-csit-1node-6node-only-beryllium/
      https://jenkins.opendaylight.org/groupbasedpolicy/job/groupbasedpolicy-csit-1node-6node-only-boron/

      I tried to replicated the problem with our asymmetric demo
      https://github.com/opendaylight/groupbasedpolicy/tree/master/demos/gbpsfc-env

      Here we try to send a HTTP request through a service function chain as following:

      Host on VM1 sends HTTP request – sw1 bridge on VM1 encapsulates and forwards the traffic to the service function chain via vxlan-gpe-0 interface. The first SFF node in the chain is VM2.

      Since I could not see any ovs-dpctl dump-flows output on VM2(first SFF) and all the counters on flows were equal to zero, I became convinced that the Service Function Forwarder cannot parse traffic passed from the VM1 classifier.

      This is how ovs-dpctl dump-flows output looks like on the classifier

      vagrant@gbpsfc1:~$ sudo ovs-dpctl dump-flows
      recirc_id(0),skb_priority(0),in_port(4),eth(src=00:00:00:00:35:02,dst=88:f0:31:b5:12:b5),eth_type(0x0800),ipv4(src=10.0.35.2,dst=10.0.36.2,proto=6,tos=0,ttl=64,frag=no),tcp(src=44239/0,dst=80/0xffff), packets:46, bytes:3404, used:0.016s, flags:S, actions:set(tunnel(tun_id=0x3,nsp=0x16,nsi=255,nshc1=0xc0a83246,nshc2=0x3,nshc3=0x0,nshc4=0x0,src=0.0.0.0,dst=192.168.50.71,tos=0x0,ttl=64,flags(df,key,nsp,nsi,nshc1,nshc2,nshc3,nshc4))),set(eth(src=88:f0:31:b5:12:b5,dst=00:00:00:00:36:02)),set(ipv4(src=10.0.35.2,dst=10.0.36.2,proto=6,tos=0,ttl=63,frag=no)),2

      vagrant@gbpsfc1:~$ sudo ovs-dpctl show
      system@ovs-system:
      lookups: hit:2702 missed:415 lost:0
      flows: 3
      masks: hit:3634 total:3 hit/pkt:1.17
      port 0: ovs-system (internal)
      port 1: sw1 (internal)
      port 2: vxlan_sys_6633 (vxlan: df_default=false, ttl=0)
      port 3: vxlan_sys_4789 (vxlan: df_default=false, ttl=0)
      port 4: vethl-h35_2
      port 5: vethl-h35_3
      port 6: vethl-h36_2
      port 7: vethl-h36_3

      Other traffic that does not go through service function chains passes successfully.

      I checked out to version before https://git.opendaylight.org/gerrit/#/c/37730 and tried again, all worked nicely.

      Output of megaflow on the same classifier:

      vagrant@gbpsfc1:~$ sudo ovs-dpctl dump-flows
      recirc_id(0),skb_priority(0),in_port(4),eth(src=00:00:00:00:35:02,dst=88:f0:31:b5:12:b5),eth_type(0x0800),ipv4(src=10.0.35.2,dst=10.0.36.2,proto=6,tos=0,ttl=64,frag=no),tcp(src=45735/0,dst=80/0xffff), packets:65, bytes:5173, used:0.128s, flags:SFP., actions:set(tunnel(tun_id=0xa,nsp=0xf,nsi=255,nshc1=0xc0a83246,nshc2=0xa,nshc3=0x0,nshc4=0x0,src=0.0.0.0,dst=192.168.50.71,tos=0x0,ttl=64,flags(df,key,nsp,nsi,nshc1,nshc2,nshc3,nshc4))),set(eth(src=88:f0:31:b5:12:b5,dst=00:00:00:00:36:02)),set(ipv4(src=10.0.35.2,dst=10.0.36.2,proto=6,tos=0,ttl=63,frag=no)),2

      ovs-dpctl show did not change.
      The only difference I noticed in the output is flags field: SFP vs S

        1. SFF.txt
          1 kB
        2. topology_config.txt
          6 kB
        3. topology_operational.txt
          33 kB

            Avishnoi Anil Vishnoi
            msunal@cisco.com Martin Sunal
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: