[NETVIRT-235] NAPT is not functional Created: 02/Nov/16  Updated: 10/Dec/16  Resolved: 10/Dec/16

Status: Resolved
Project: netvirt
Component/s: General
Affects Version/s: Boron
Fix Version/s: None

Type: Bug
Reporter: zan cohen Assignee: Tali Ben-Meir
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All

Attachments: Microsoft Word Table 19_rules.docx    
Issue Links:
Duplicate
is duplicated by NETVIRT-245 split horizon bit should be reset to ... Resolved
is duplicated by NETVIRT-247 arp responder for router gateway inte... Resolved
External issue ID: 7081

 Description   

Action:
*******
1.Load Devstuck(with ODL) Setup
2.Lunch vm with Default Sg.
3.Try to wget from vm to google(wget http://8.8.8.8)

Resualt:
********
connection timeout from server

analysis:
*********
Router
-------
Router External Gateway(ip 10.64.121.2) Mac= fa:16:3e:90:77:26
Router External internal(ip 10.0.123.1) Mac= fa:16:3e:48:8f:fe

Review table 19 rules
----------------------
**it can be seen that there is no rules with External network

 Comments   
Comment by zan cohen [ 02/Nov/16 ]

Attachment Table 19_rules.docx has been added with description: Table 19 rules

Comment by Koby Aizer [ 06/Nov/16 ]

This bug seems to originate from the table=19 changes introduced a while ago.
The router gateway interface is not installed in table=19, and therefore traffic destined to it is not entering the L3 pipeline.

The fix for this should include a solution similar to floating IPs:
1. Installing table=19 rules for the router gateway interface in the primary NAPT switch only
2. Make sure ARP responses for the router gateway interface are only answered from the NAPT switch (and not from all OVSs as in today)

Comment by Koby Aizer [ 14/Nov/16 ]

(In reply to Koby Aizer from comment #1)
> This bug seems to originate from the table=19 changes introduced a while ago.
> The router gateway interface is not installed in table=19, and therefore
> traffic destined to it is not entering the L3 pipeline.
>
> The fix for this should include a solution similar to floating IPs:
> 1. Installing table=19 rules for the router gateway interface in the
> primary NAPT switch only
> 2. Make sure ARP responses for the router gateway interface are only
> answered from the NAPT switch (and not from all OVSs as in today)

3. Also make sure that ARP destined to the router gateway interface are only punted from that NAPT switch

Comment by Tali Ben-Meir [ 08/Dec/16 ]

Review links
https://git.opendaylight.org/gerrit/#/c/48867
https://git.opendaylight.org/gerrit/#/c/49111

Comment by Koby Aizer [ 10/Dec/16 ]

Fixed by the patches Tali mentioned in the previous comment.

Generated at Wed Feb 07 20:21:03 UTC 2024 using Jira 8.20.10#820010-sha1:ace47f9899e9ee25d7157d59aa17ab06aee30d3d.