Ensure vlan network traffic is not centralized

This patch partly reverts the workaround introduced at [1]. In patch [1] the reside-on-redirect-chassis was forced for vlan provider networks to force centralized but not tunneled traffic for those network. In this patch we are making use of the "redirect-type" flag instead so that the traffic can be distributed and still not tunneled. This flag needs to be set on the router gateway port (port connecting the router to the external network) unlike the previous one that was set on the router interface port (port connecting the (vlan) internal network to the router). In this patch we are setting it on all ovn gateway ports if DVR is enabled, as: - It is needed for vlan (provider) network to have their traffic distributed instead of tunneled to the controller where the cr-lrp is associated - It is not having any effect on the geneve tenant networks as it only applies to network that has a localnet port associated to them. [1] https://review.opendev.org/c/openstack/neutron/+/871252 Closes-Bug: #2003455 Change-Id: Ia05416df88904e864d4fc9760ffcdc97a4651f9f (cherry picked from commit 8e3bddbf8b)
2023-03-02 11:04:11 +01:00 · 2023-03-02 11:04:11 +01:00 · 786d89fee0
parent 0e97381485
commit 786d89fee0
4 changed files with 24 additions and 8 deletions
--- a/neutron/common/ovn/constants.py
+++ b/neutron/common/ovn/constants.py
@ -301,6 +301,8 @@ LSP_OPTIONS_MCAST_FLOOD_REPORTS = 'mcast_flood_reports'
 LSP_OPTIONS_MCAST_FLOOD = 'mcast_flood'

 LRP_OPTIONS_RESIDE_REDIR_CH = 'reside-on-redirect-chassis'
+LRP_OPTIONS_REDIRECT_TYPE = 'redirect-type'
+BRIDGE_REDIRECT_TYPE = "bridged"

 HA_CHASSIS_GROUP_DEFAULT_NAME = 'default_ha_chassis_group'
 HA_CHASSIS_GROUP_HIGHEST_PRIORITY = 32767
--- a/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/maintenance.py
+++ b/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/maintenance.py
@ -785,10 +785,7 @@ class DBInconsistenciesPeriodics(SchemaAwarePeriodicsBase):
        # Get router ports belonging to VLAN networks
        vlan_nets = self._ovn_client._plugin.get_networks(
            context, {pnet.NETWORK_TYPE: [n_const.TYPE_VLAN]})
-        # FIXME(ltomasbo): Once Bugzilla 2162756 is fixed the
-        # is_provider_network check should be removed
-        vlan_net_ids = [vn['id'] for vn in vlan_nets
-                        if not utils.is_provider_network(vn)]
+        vlan_net_ids = [vn['id'] for vn in vlan_nets]
        router_ports = self._ovn_client._plugin.get_ports(
            context, {'network_id': vlan_net_ids,
                      'device_owner': n_const.ROUTER_PORT_OWNERS})
--- a/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/ovn_client.py
+++ b/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/ovn_client.py
@ -1418,21 +1418,29 @@ class OVNClient(object):
        if network is None:
            network = self._plugin.get_network(admin_context,
                                               port['network_id'])
+
        # For VLAN type networks we need to set the
        # "reside-on-redirect-chassis" option so the routing for this
        # logical router port is centralized in the chassis hosting the
        # distributed gateway port.
        # https://github.com/openvswitch/ovs/commit/85706c34d53d4810f54bec1de662392a3c06a996
-        # FIXME(ltomasbo): Once Bugzilla 2162756 is fixed the
-        # is_provider_network check should be removed
        if network.get(pnet.NETWORK_TYPE) == const.TYPE_VLAN:
            options[ovn_const.LRP_OPTIONS_RESIDE_REDIR_CH] = (
-                'false' if (ovn_conf.is_ovn_distributed_floating_ip() and
-                            not utils.is_provider_network(network))
+                'false' if ovn_conf.is_ovn_distributed_floating_ip()
                else 'true')

        is_gw_port = const.DEVICE_OWNER_ROUTER_GW == port.get(
            'device_owner')
+
+        # NOTE(ltomasbo): For VLAN type networks connected through the gateway
+        # port there is a need to set the redirect-type option to bridge to
+        # ensure traffic is not centralized through the controller.
+        # For geneve based tenant networks it won't have any effect as it only
+        # applies to network with a localnet associated to it
+        if is_gw_port and ovn_conf.is_ovn_distributed_floating_ip():
+            options[ovn_const.LRP_OPTIONS_REDIRECT_TYPE] = (
+                ovn_const.BRIDGE_REDIRECT_TYPE)
+
        if is_gw_port and ovn_conf.is_ovn_emit_need_to_frag_enabled():
            try:
                router_ports = self._get_router_ports(admin_context,
--- a/releasenotes/notes/bug-2003455-dff0d0f00b5a18e2.yaml
+++ b/releasenotes/notes/bug-2003455-dff0d0f00b5a18e2.yaml
@ -0,0 +1,9 @@
+---
+fixes:
+  - |
+    [`bug 2003455 <https://bugs.launchpad.net/neutron/+bug/2003455>`_]
+    Previous commit (https://review.opendev.org/c/openstack/neutron/+/871252)
+    added a workaround to avoid vlan provider networks traffic to be tunneled
+    to the compute nodes but it was still centralized. Now the traffic is
+    distributed thanks to using the "redirect-type" flag on the ovn gateway
+    port.