Merge "[OVN] Ensure traffic for provider vlan networks is not tunneled" into stable/wallaby

This commit is contained in:
Zuul 2023-03-06 13:47:36 +00:00 committed by Gerrit Code Review
commit d74189e1ae
4 changed files with 36 additions and 5 deletions

View File

@ -22,6 +22,7 @@ from neutron_lib.api.definitions import extra_dhcp_opt as edo_ext
from neutron_lib.api.definitions import l3
from neutron_lib.api.definitions import port_security as psec
from neutron_lib.api.definitions import portbindings
from neutron_lib.api.definitions import provider_net
from neutron_lib.api import validators
from neutron_lib import constants as const
from neutron_lib import context as n_context
@ -582,6 +583,10 @@ def is_gateway_chassis_invalid(chassis_name, gw_chassis,
def is_provider_network(network):
return network.get(provider_net.PHYSICAL_NETWORK, False)
def is_external_network(network):
return network.get(external_net.EXTERNAL, False)

View File

@ -785,7 +785,10 @@ class DBInconsistenciesPeriodics(SchemaAwarePeriodicsBase):
# Get router ports belonging to VLAN networks
vlan_nets = self._ovn_client._plugin.get_networks(
context, {pnet.NETWORK_TYPE: [n_const.TYPE_VLAN]})
vlan_net_ids = [vn['id'] for vn in vlan_nets]
# FIXME(ltomasbo): Once Bugzilla 2162756 is fixed the
# is_provider_network check should be removed
vlan_net_ids = [vn['id'] for vn in vlan_nets
if not utils.is_provider_network(vn)]
router_ports = self._ovn_client._plugin.get_ports(
context, {'network_id': vlan_net_ids,
'device_owner': n_const.ROUTER_PORT_OWNERS})

View File

@ -1111,7 +1111,7 @@ class OVNClient(object):
# leak the RAs generated for the tenant networks via the
# provider network
ipv6_ra_configs['send_periodic'] = 'true'
if is_gw_port and utils.is_provider_network(net):
if is_gw_port and utils.is_external_network(net):
ipv6_ra_configs['send_periodic'] = 'false'
ipv6_ra_configs['mtu'] = str(net['mtu'])
@ -1423,9 +1423,12 @@ class OVNClient(object):
# logical router port is centralized in the chassis hosting the
# distributed gateway port.
# https://github.com/openvswitch/ovs/commit/85706c34d53d4810f54bec1de662392a3c06a996
# FIXME(ltomasbo): Once Bugzilla 2162756 is fixed the
# is_provider_network check should be removed
if network.get(pnet.NETWORK_TYPE) == const.TYPE_VLAN:
options[ovn_const.LRP_OPTIONS_RESIDE_REDIR_CH] = (
'false' if ovn_conf.is_ovn_distributed_floating_ip()
'false' if (ovn_conf.is_ovn_distributed_floating_ip() and
not utils.is_provider_network(network))
else 'true')
is_gw_port = const.DEVICE_OWNER_ROUTER_GW == port.get(
@ -1837,8 +1840,9 @@ class OVNClient(object):
for subnet in subnets:
self.update_subnet(context, subnet, network, txn)
if utils.is_provider_network(network):
# make sure to use admin context as this is a providernet
if utils.is_external_network(network):
# make sure to use admin context as this is a external
# network
self.set_gateway_mtu(n_context.get_admin_context(),
network, txn)

View File

@ -0,0 +1,19 @@
---
fixes:
- |
[`bug 2003455 <https://bugs.launchpad.net/neutron/+bug/2003455>`_]
It is added an extra checking to ensure the "reside-on-redirect-chassis"
is set to true for the logical router port associated to vlan provider
network despite having the "ovn_distributed_floating_ip" enabled or not.
This is needed as there is an OVN bug
(https://bugzilla.redhat.com/show_bug.cgi?id=2162756) making it not work
as expected. Until that is fixed, we need these workaround
that makes the traffic centrallized, but not tunneled, through the node
with the gateway port, thus avoiding MTU issues.
issues:
- |
Until the OVN bug (https://bugzilla.redhat.com/show_bug.cgi?id=2162756)
is fixed, setting the "reside-on-redirect-chassis" to true for the logical
router port associated to vlan provider network is needed. This workaround
makes the traffic centrallized, but not tunneled, through the node
with the gateway port, thus avoiding MTU issues.