On 5/18/23 12:56, Ihar Hrachyshka wrote:
> When a multichassis port belongs to a switch with a localnet port,
> packets originating or directed to the multichassis port are NOT sent
> thorugh the localnet port. Instead, tunneling is enforced in-cluster to
> guarantee delivery of all packets to all chassis of the port.
>
> This behavior has an unfortunate side effect, where - because of
> additional tunnel header added to each packet - the effective MTU of the
> path for multichassis ports changes from what's set as mtu_request. This
> effectively makes OVN to black hole all packets for the port that use
> full capacity of the interface MTU. This breaks usual TCP / UDP
> services, among other things (SSH, iperf sessions etc.)
>
> This patch adds flows so that
> - (in table 38) detect too-big packets (table 38), and then
> - (in table 39) icmp fragmentation needed / too big errors are sent
> back to offending port.
>
> Once the error is received, the sender is expected to adjust the route
> MTU accordingly, sending the next packets with the new path MTU. After a
> multichassis port is re-assigned to a single chassis, the effective path
> MTU is restored to "usual". Peers will eventually see their "learned"
> path MTU cache expire, which will make them switch back to the "usual"
> MTU.
>
> Among other scenarios, this patch helps to maintain existing services
> working during live migration of a VM, if multichassis ports are used.
> (E.g. in OpenStack Nueutron.)
>
> Fixes: 7084cf437421 ("Always funnel multichassis port traffic through
> tunnels")
>
> Signed-off-by: Ihar Hrachyshka <[email protected]>
> ---
> NEWS | 6 +
> controller/physical.c | 260 ++++++++++++++++++++++++++++++++-
> include/ovn/actions.h | 3 +
> lib/actions.c | 4 +-
> lib/ovn-util.h | 7 +
> northd/northd.c | 2 +
> ovn-architecture.7.xml | 9 +-
> tests/ovn.at | 321 +++++++++++++++++++++++++++++++++++++++++
Thanks for adding a test! I also manually tested this inside
ovn-fake-multinode and it works as expected.
Feel free to add my ack to the next revision:
Acked-by: Dumitru Ceara <[email protected]>
Regards,
Dumitr
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
