[ovs-discuss] [ovn-loadbalance]Not all subnets can connect to vip (taoyunupt)

taoyunupt taoyunupt at 126.com
Wed Jun 19 08:40:39 UTC 2019


hi, Shetty ,
               we have meet a  problem with ovn/load-balancer , which has described as  bellow, hope to have your suggestions.






Thanks.
yun


At 2019-06-19 16:03:01, "txfh2007" <txfh2007 at aliyun.com> wrote:
>Hi tao:
>    I have studied this situation for a time, and met almost same problem. I have found that there are two ct actions with different zone id during successful ovn-lb process. I have capture the related conntrack status as below:(192.168.1.8 is vip, 192.168.1.2 is the ip after load balance):
>
> tcp,orig=(src=192.168.11.25,dst=192.168.1.8,sport=49338,dport=22),reply=(src=192.168.1.2,dst=192.168.11.25,sport=22,dport=49338),zone=12,protoinfo=(state=ESTABLISHED)
>tcp,orig=(src=192.168.11.25,dst=192.168.1.2,sport=49338,dport=22),reply=(src=192.168.1.2,dst=192.168.11.25,sport=22,dport=49338),zone=4,protoinfo=(state=ESTABLISHED)
>
>But when I access the vip from VM which is on different network(the OVN datapath id is differ), the access failed and the conntrack status is as below:
>
>tcp,orig=(src=192.168.10.7,dst=192.168.1.8,sport=39206,dport=22),reply=(src=192.168.3.2,dst=192.168.10.7,sport=22,dport=39206),protoinfo=(state=SYN_SENT)
>tcp,orig=(src=192.168.10.7,dst=192.168.1.8,sport=39206,dport=22),reply=(src=192.168.1.8,dst=192.168.10.7,sport=22,dport=39206),zone=17,protoinfo=(state=SYN_SENT)
>
>obviously, one ct action without any zone id !!
>
>I guess this may be a reason for link failure. But I have no idea about the root cause. 
>Can anyone tell me the root cause? Thank you !
>          
>                              +--------------+
>                              |      VIP       | 192.168.1.8/24 [ovn-datapath1]
>                              +--------------+
>                                       |
>				       |
>                              +--------------+
>                              |     POOL    | 
>                              +--------------+
>                                       |
>                                       |
>     				       |									   
>           |----------------------------------------------------|
>           |                                                              |
>           |                                                              |
>    +--------------+         +--------------+          +--------------+    
>    |  member1 |          | member2   |          | member3  |                    
>    +--------------+         +--------------+          +--------------+        
>    | 192.168.1.2 |       | 192.168.11.25|          |192.168.10.7|       
>    +--------------+         +--------------+          +--------------+       
>  
> [ovn-datapath1]       [ovn-datapath1]        [ovn-datapath3]
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20190619/8d43ec17/attachment.html>


More information about the discuss mailing list