[ovs-discuss] [ovn-loadbalance]Not all subnets can connect to vip (taoyunupt)
taoyunupt
taoyunupt at 126.com
Wed Jun 19 08:40:39 UTC 2019
hi, Shetty ,
we have meet a problem with ovn/load-balancer , which has described as bellow, hope to have your suggestions.
Thanks.
yun
At 2019-06-19 16:03:01, "txfh2007" <txfh2007 at aliyun.com> wrote:
>Hi tao:
> I have studied this situation for a time, and met almost same problem. I have found that there are two ct actions with different zone id during successful ovn-lb process. I have capture the related conntrack status as below:(192.168.1.8 is vip, 192.168.1.2 is the ip after load balance):
>
> tcp,orig=(src=192.168.11.25,dst=192.168.1.8,sport=49338,dport=22),reply=(src=192.168.1.2,dst=192.168.11.25,sport=22,dport=49338),zone=12,protoinfo=(state=ESTABLISHED)
>tcp,orig=(src=192.168.11.25,dst=192.168.1.2,sport=49338,dport=22),reply=(src=192.168.1.2,dst=192.168.11.25,sport=22,dport=49338),zone=4,protoinfo=(state=ESTABLISHED)
>
>But when I access the vip from VM which is on different network(the OVN datapath id is differ), the access failed and the conntrack status is as below:
>
>tcp,orig=(src=192.168.10.7,dst=192.168.1.8,sport=39206,dport=22),reply=(src=192.168.3.2,dst=192.168.10.7,sport=22,dport=39206),protoinfo=(state=SYN_SENT)
>tcp,orig=(src=192.168.10.7,dst=192.168.1.8,sport=39206,dport=22),reply=(src=192.168.1.8,dst=192.168.10.7,sport=22,dport=39206),zone=17,protoinfo=(state=SYN_SENT)
>
>obviously, one ct action without any zone id !!
>
>I guess this may be a reason for link failure. But I have no idea about the root cause.
>Can anyone tell me the root cause? Thank you !
>
> +--------------+
> | VIP | 192.168.1.8/24 [ovn-datapath1]
> +--------------+
> |
> |
> +--------------+
> | POOL |
> +--------------+
> |
> |
> |
> |----------------------------------------------------|
> | |
> | |
> +--------------+ +--------------+ +--------------+
> | member1 | | member2 | | member3 |
> +--------------+ +--------------+ +--------------+
> | 192.168.1.2 | | 192.168.11.25| |192.168.10.7|
> +--------------+ +--------------+ +--------------+
>
> [ovn-datapath1] [ovn-datapath1] [ovn-datapath3]
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20190619/8d43ec17/attachment.html>
More information about the discuss
mailing list