[ovs-discuss] IPv6 dadfailed

Gurucharan Shetty shettyg at nicira.com
Thu Mar 5 23:09:56 UTC 2015


> Thanks a lot for this suggestions. We did some deeper investigation and this
> is what we found out:
>
> After configuring an IPv6 address on the VM guest, the neighbor solicitation
> message is sent out and immediately bounced back to the VM, leading to the
> situation that the kernel thinks there is a duplicate address. This produces
> the log entry "Mar  5 22:54:16 ubuntuutopic kernel: [ 1602.276491] IPv6: eth0:
> IPv6 duplicate address ADDRESS detected!"
>
> The VM host is connected to the network using LACP with two uplinks. The link
> aggregation is configured on the OVS:
>
> ---- bond0 ----
> bond_mode: balance-tcp
> bond may use recirculation: yes, Recirc-ID : 300
> bond-hash-basis: 0
> updelay: 0 ms
> downdelay: 0 ms
> next rebalance: 1705 ms
> lacp_status: negotiated
> active slave mac: 90:e2:ba:7d:99:3d(p258p2)
>
> Running tcpdump on the two physical uplinks shows that the neighbor
> solicitation is sent out on both interfaces (Or maybe sent out on one and
> received on the other, I'm not quite sure...).
If it is the later, it makes sense that the sending VM receives it
again. Which means that there is some sort of loop in the upstream
switch.
If it is the former, it looks to be a OVS bug (or some sort of LACP
negotiation issue?)


> Tcpdumping on another VM running on a different VM host shows that it receives
> the neighbor solicitation message two times.
I cannot yet reconcile this with the previous message of the sending
VM receiving the traffic with a hairpin.



>
> I have a feeling that there *could* be something wrong with how the bonding in
> OVS handles this neighbor solicitation messages.
>
> Are there any ideas from the community on this topic? We're not yet sure if it
> has something to do with OVS, but at the moment we're searching in this
> direction...

Are you using OVS tunnels? If so, one idea could be to connect  VM
vifs to a OVS bridge. But use Linux bonding to carry the tunneled
traffic out of the machine. Another option to try out is not to use
LACP bonds but rather something like active-backup (man
ovs-vswitchd.conf.db -> Bonding Configuration)

I have added 2 people familiar with OVS bonding code. They should be
able to discern better.



More information about the discuss mailing list