[NETVIRT-934] Allow Address Pairs not working across tenant networks Created: 02/Oct/17  Updated: 18/Aug/20  Resolved: 18/Aug/20

Status: Resolved
Project: netvirt
Component/s: General
Affects Version/s: Nitrogen
Fix Version/s: Aluminium, Silicon

Type: Bug Priority: Medium
Reporter: Luis Tomas Assignee: Karthikeyan Krishnan
Resolution: Cannot Reproduce Votes: 0
Labels: feedback
Remaining Estimate: 0 minutes
Time Spent: 1 day
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All

External issue ID: 9232

 Description   

Allowed address pairs (AAP) does not across neutron networks when using ODL as ml2 backend. I tried with both, Nitrogen and Carbon.

Steps to reproduce:

  • Create two tenant networks, for example 10.0.0.0/24 and 20.0.0.0/24
  • Create a router and connect both networks to it
  • Create a VM on first tenant network: VM1 with IP 10.0.0.5
  • Create a VM on second tenant network: VM2 with IP 20.0.0.5
  • Create a port on second tenant network: for example 20.0.0.10
  • Attach the IP of that port as AAP of the port being used by VM2

Then, if you try to ping VM2 from VM1 it works, i.e., ping 20.0.0.5 from 10.0.0.5. However, if you try to ping the AAP (i.e., 20.0.0.10) from VM1, the traffic does not reach VM2. Actually, it does not even reach the second tenant network (20.0.0.0/24) as the traffic gets to the OVS table 46 and from there it is sent to the controller, therefore not reaching the port where VM2 is connected.

 Comments   
Comment by Aswin Suryanarayanan [ 23/Oct/17 ]

Though we create a neutron port and associate its IP an AAP to the vm, the flows related to the port will not be programmed since the port lacks operational state . Also we don't program any FIB flows (table 21) flows for the addition of an AAP. So this IP needs to be learned via subnet route feature in ODL, where controller will ARP for the unkown mac and install the necessary flows. But currently the subnet route feature seems to be broken for non BGP private tenant networks and needs to be fixed.

Comment by Sam Hague [ 06/Apr/18 ]

aswinsuryan@gmail.com is this still an issue?

Comment by Aswin Suryanarayanan [ 06/Apr/18 ]

shague Yes this issue is yet to be resolved.

Comment by Sam Hague [ 04/Oct/18 ]

aswins is this still an issue?

Comment by Aswin Suryanarayanan [ 17/Oct/18 ]

yes it is , I am yet to work on it.

Comment by Abhinav Gupta [ 25/Nov/19 ]

any update here?

Comment by Karthikeyan Krishnan [ 18/Aug/20 ]

Please try to validate the reported use case testing in latest ODL release(Aluminium/Silicon) and open the new ticket if the issue is still persist.

Generated at Wed Feb 07 20:22:50 UTC 2024 using Jira 8.20.10#820010-sha1:ace47f9899e9ee25d7157d59aa17ab06aee30d3d.