[ovs-dev] [OVN] OVN doesn't work using OVS 2.8.1 on Centos 7.3 using conntrack
Daniel Alvarez Sanchez
dalvarez at redhat.com
Thu Oct 19 12:37:52 UTC 2017
System information:
===============
OS: CentOS Linux release 7.3.1611 (Core)
Kernel version: 3.10.0-693.2.2.el7.x86_64 #1 SMP
OVS version: v2.8.1 (git tag)
#ovs-vswitchd --version
ovs-vswitchd (Open vSwitch) 2.8.1
Bug description:
============
Right now, OVN doesn't work using OVS 2.8.1 on Centos 7.3 and conntrack.
Numan Siddique and I have been doing some research on this and we have come
up with the following conclusions:
When doing a DHCP request on the mentioned system above, the kernel throws
the following error (see Reproducer section below):
netlink: Key 26 has unexpected len 16 expected 0
Apparently, this commit [0], introduced that key (26
/OVS_KEY_ATTR_CT_ORIG_TUPLE_IPV4 and looks like the OVS modules in the above
kernel doesn't have that key. When ovs-vswitchd sends those extra bytes,
the kernel
module can't find the key and fails with the netlink error above:
2017-10-18T08:00:18Z|00444|netlink_socket|DBG|nl_sock_transact_multiple__
(Success): nl(len:496, type=30(ovs_packet), flags=1[REQUEST], seq=6d,
pid=5939,genl(cmd=3,version=1)
However, if we run OVS master, everything works ok and ovs-vswitchd sends
20 bytes less (4 bytes of the header + 16 bytes of data) so it looks like
it's adapting to the kernel datapath in some way:
2017-10-18T07:59:03Z|00391|netlink_socket|DBG|nl_sock_transact_multiple__
(Success): nl(len:476, type=30(ovs_packet), flags=1[REQUEST], seq=32,
pid=4294962064,genl(cmd=3,version=1)
Note lengths in both cases: 496 vs 476 (working case). In the first case
(496) the kernel throws the netlink error ("netlink: Key 26 has unexpected
len 16 expected 0").
I've checked that running an OVS version up to [1] fixes it but can't find
the exact commit which fixes the current bug.
[0]
https://github.com/openvswitch/ovs/commit/c30b4ceafa235d11a1a9ded5fed11fec86182ee0
[1]
https://github.com/openvswitch/ovs/commit/80cee1163e6301dd1c0bd01c5f0323fb1a45adf4
Reproducer:
=========
ovn-nbctl ls-add sw0
ovn-nbctl lsp-add sw0 sw0-port1
ovn-nbctl lsp-set-addresses sw0-port1 "50:54:00:00:00:01 192.168.0.2"
ovn-nbctl --wait=hv acl-add sw0 from-lport 1001 'inport == "sw0-port1" &&
ip' allow-related
ovn-nbctl --wait=hv acl-add sw0 to-lport 1001 'outport == "sw0-port1" &&
ip' drop
ovn-nbctl acl-list sw0
add_phys_port() {
name=$1
mac=$2
ip=$3
mask=$4
gw=$5
iface_id=$6
ip netns add $name
ovs-vsctl add-port br-int $name -- set interface $name type=internal
ip link set $name netns $name
ip netns exec $name ip link set $name address $mac
ip netns exec $name ip addr add $ip/$mask dev $name
ip netns exec $name ip link set $name up
ip netns exec $name ip route add default via $gw
ovs-vsctl set Interface $name external_ids:iface-id=$iface_id
}
d1="$(ovn-nbctl create DHCP_Options cidr=192.168.0.0/24 \
options="\"server_id\"=\"192.168.0.1\" \"server_mac\"=\"ff:10:00:00:00:01\"
\
\"lease_time\"=\"3600\" \"router\"=\"192.168.0.1\"")"
ovn-nbctl lsp-set-dhcpv4-options sw0-port1 ${d1}
# when you run the below command it should list the dhcp options just added
ovn-nbctl list dhcp_options
add_phys_port vm1 50:54:00:00:00:01 192.168.0.2 24 192.168.0.1 sw0-port1
# the below command should get the ip address from the OVN
ip netns exec vm1 dhclient -d vm1
At this point, the DHCP request won't succeed and the error can be seen
using
'dmesg'.
More information about the dev
mailing list