On Tue, Apr 21, 2020 at 6:37 PM Brendan Doyle <[email protected]> wrote:
>
> Folks,
>
> Anybody seen this, is it a known problem?
>
> VM1 on hypervisor 1
> ----------------------------
> ping IP of VM1 on hypervisor2
>
> # ping -c1 192.16.1.5
> PING 192.16.1.5 (192.16.1.5) 56(84) bytes of data.
> 64 bytes from 192.16.1.5: icmp_seq=1 ttl=64 time=0.494 ms
>
> But
> # ssh 192.16.1.5
> Connection closed by 192.16.1.5 port 22
>
>
> ssh works between VMs on the same hypervisor, seems going through the
> tunnel is the
> problem.
I don't think its a tunnel problem.
On VM2 hypervisor, you can run tcpdump on genev_sys_6081 interface and
see if you receive the ssh packets.
Thanks
Numan
>
>
> configuration
> ===========
> VM1 hypervisor1
> -----------------------
> ca-rain06-vmovs-1 ~]# ip a sh eth1
> 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
> state UP group default qlen 1000
> link/ether 52:54:00:be:06:16 brd ff:ff:ff:ff:ff:ff
> inet 192.16.1.6/24 brd 192.16.1.255 scope global eth1
> valid_lft forever preferred_lft forever
> inet6 fe80::5054:ff:febe:616/64 scope link
> valid_lft forever preferred_lft forever
>
> VM1 hypervisor2
> ------------------------
> ca-rain05-vmovs-1 ~]# ip a sh eth1
> 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
> state UP group default qlen 1000
> link/ether 52:54:00:e6:4f:46 brd ff:ff:ff:ff:ff:ff
> inet 192.16.1.5/24 brd 192.16.1.255 scope global eth1
> valid_lft forever preferred_lft forever
> inet6 fe80::5054:ff:fee6:4f46/64 scope link
> valid_lft forever preferred_lft forever
>
>
>
> hypervisor1
> -----------------
> # ovs-vsctl show
> dbcc7c2e-cf07-4052-b40d-d4f47f5560b0
> Bridge br-int
> fail_mode: secure
> Port ovn-ca-rai-0
> Interface ovn-ca-rai-0
> type: geneve
> options: {csum="true", key=flow, remote_ip="172.20.1.17"}
> Port ovn-ca-rai-1
> Interface ovn-ca-rai-1
> type: geneve
> options: {csum="true", key=flow, remote_ip="172.20.1.5"}
> Port vnet3
> Interface vnet3
> Port vnet1
> Interface vnet1
> Port vnet5
> Interface vnet5
> Port br-int
> Interface br-int
> type: internal
> ovs_version: "2.13.90"
>
> [ca-rain06 ~]# ip a sh bond0
> 7: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc
> noqueue state UP group default qlen 1000
> link/ether 98:03:9b:59:af:1c brd ff:ff:ff:ff:ff:ff
> inet 172.20.1.6/24 brd 172.20.1.255 scope global bond0
> valid_lft forever preferred_lft forever
> inet6 fe80::9a03:9bff:fe59:af1c/64 scope link
> valid_lft forever preferred_lft forever
>
>
>
> hypervisor2
> ----------------
> # ovs-vsctl show
> 169dc085-7224-42c3-b119-390b7d0fe450
> Bridge br-int
> fail_mode: secure
> Port vnet6
> Interface vnet6
> Port br-int
> Interface br-int
> type: internal
> Port ovn-ca-rai-1
> Interface ovn-ca-rai-1
> type: geneve
> options: {csum="true", key=flow, remote_ip="172.20.1.6"}
> Port ovn-ca-rai-0
> Interface ovn-ca-rai-0
> type: geneve
> options: {csum="true", key=flow, remote_ip="172.20.1.17"}
> Port vnet4
> Interface vnet4
> Port vnet8
> Interface vnet8
> Port vnet2
> Interface vnet2
> ovs_version: "2.13.90"
>
> [ca-rain05 ~]# ip a sh bond0
> 7: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc
> noqueue state UP group default qlen 1000
> link/ether 98:03:9b:2d:91:a2 brd ff:ff:ff:ff:ff:ff
> inet 172.20.1.5/24 brd 172.20.1.255 scope global bond0
> valid_lft forever preferred_lft forever
> inet6 fe80::9a03:9bff:fe2d:91a2/64 scope link
> valid_lft forever preferred_lft forever
>
>
> OVN Central (on a different hypervisor)
> -----------------------------------------------------
> # ovn-sbctl show
> Chassis ca-rain17
> hostname: ca-rain17.us.oracle.com
> Encap geneve
> ip: "172.20.1.17"
> options: {csum="true"}
> Chassis ca-rain06
> hostname: ca-rain06.us.oracle.com
> Encap geneve
> ip: "172.20.1.6"
> options: {csum="true"}
> Port_Binding "47433b54-ac10-42f1-ae84-cc6fbb580297"
> Port_Binding "06e85cca-867a-44fc-b2c1-be62f2fb06c0"
> Port_Binding "284195d2-9280-4334-900e-571ecd00327a"
> Chassis ca-rain05
> hostname: ca-rain05.us.oracle.com
> Encap geneve
> ip: "172.20.1.5"
> options: {csum="true"}
> Port_Binding "ce78fd2b-4c68-428c-baf1-71718e7f3871"
> Port_Binding "269089c4-9464-41ec-9f63-6b3804b34b07"
> Port_Binding "00bff7c0-2e2d-41ba-9485-3b5fa9801365"
> Port_Binding "1cb7d760-90b0-4201-9517-88cb2de31c79"
>
> # ovn-nbctl show
> switch 10073c55-8f96-411f-a3b6-89b13389a084 (ls_vcn2)
> port 06e85cca-867a-44fc-b2c1-be62f2fb06c0
> addresses: ["52:54:00:2a:7b:49 192.17.1.6"]
> port ce78fd2b-4c68-428c-baf1-71718e7f3871
> addresses: ["52:54:00:d8:6e:eb 192.17.1.5"]
> port vcn2_subnet1-lr_vcn2
> type: router
> addresses: ["40:44:00:00:00:50"]
> router-port: lr_vcn2-vcn2_subnet1
> switch 0e58d3cd-c36a-4651-8b42-4821f653bcb2 (ls_vcn3)
> port vcn3_subnet1-lr_vcn3
> type: router
> addresses: ["40:44:00:00:00:60"]
> router-port: lr_vcn3-vcn3_subnet1
> port 269089c4-9464-41ec-9f63-6b3804b34b07
> addresses: ["52:54:00:30:38:35 192.16.1.5"]
> port 284195d2-9280-4334-900e-571ecd00327a
> addresses: ["52:54:00:02:55:96 192.16.1.6"]
> switch e89dea6b-0fbd-4a6e-aeef-8d6a213efb55 (ls_vcn1)
> port vcn1_subnet1-lr_vcn1
> type: router
> addresses: ["40:44:00:00:00:30"]
> router-port: lr_vcn1-vcn1_subnet1
> port vcn1_subnet2-lr_vcn1
> type: router
> addresses: ["40:44:00:00:00:40"]
> router-port: lr_vcn1-vcn1_subnet2
> port 00bff7c0-2e2d-41ba-9485-3b5fa9801365
> addresses: ["52:54:00:e6:4f:46 192.16.1.5"]
> port 1cb7d760-90b0-4201-9517-88cb2de31c79
> addresses: ["52:54:00:80:d0:c8 192.16.2.5"]
> port 47433b54-ac10-42f1-ae84-cc6fbb580297
> addresses: ["52:54:00:be:06:16 192.16.1.6"]
> router 6019ef0c-d5c3-428a-8fa2-4f7db3af2f4b (lr_vcn2)
> port lr_vcn2-vcn2_subnet1
> mac: "40:44:00:00:00:50"
> networks: ["192.17.1.1/24"]
> port lr_vcn2-lr_vcn1
> mac: "40:44:00:00:00:80"
> networks: ["100.64.30.2/10"]
> router 318562e0-6c1d-4bc7-9da0-d8ccbd63c0b6 (lr_vcn3)
> port lr_vcn3-vcn3_subnet1
> mac: "40:44:00:00:00:60"
> networks: ["192.16.1.1/24"]
> router 61d04449-adaf-406f-b280-ad5aa24f24ca (lr_vcn1)
> port lr_vcn1-lr_vcn2
> mac: "40:44:00:00:00:70"
> networks: ["100.64.30.1/10"]
> port lr_vcn1-vcn1_subnet2
> mac: "40:44:00:00:00:40"
> networks: ["192.16.2.1/24"]
> port lr_vcn1-vcn1_subnet1
> mac: "40:44:00:00:00:30"
> networks: ["192.16.1.1/24"]
>
>
> [ca-rain17 ~]# ip a sh bond0
> 11: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc
> noqueue state UP group default qlen 1000
> link/ether 98:03:9b:89:21:d2 brd ff:ff:ff:ff:ff:ff
> inet 172.20.1.17/24 brd 172.16.1.255 scope global bond0
> valid_lft forever preferred_lft forever
> inet 172.20.1.1/24 brd 172.16.1.255 scope global secondary bond0
> valid_lft forever preferred_lft forever
> inet6 fe80::9a03:9bff:fe89:21d2/64 scope link
> valid_lft forever preferred_lft forever
>
>
>
> Any Thoughs?
>
> Thanks
>
> Brendan
> _______________________________________________
> discuss mailing list
> [email protected]
> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
_______________________________________________
discuss mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
