I have run into a similar problem myself and have not found the
solution. The ARP traffic from one direction makes it to OVS, but does
not get sent to device it needs to go to. It my case OVS pretty much
isn't sending any ARP packets out from itself except to the other OVS
instances I have a GRE tunnel with. I'm running version 2.5.0.
Please let me know if you made any progress on your issue.
On 08/07/2017 07:19 PM, Schlacta, Christopher wrote:
Ping. Anybody? Hello?
On Wed, Aug 2, 2017 at 10:32 PM, Schlacta, Christopher
<aarc...@aarcane.org> wrote:
So this is a bit hard to explain, but I hope you'll follow. I have
two hosts, density and densetsu. they each host VMs and CEPH nodes
using libvirt and ceph and they're connected to a smart switch using
openvswitch and there are a bunch of VLANs. 5, 6, 10, 20, and 30.
Most "normal" traffic goes along VLAN 10. That's just the LAN VLAN.
So here's what the ovs-vsctl show looks like on each host:
density:
aarcane@density:~$ sudo ovs-vsctl show
YubiKey for `aarcane':
f2ae0266-6cae-44f0-8ca5-9d6f66562ff4
Bridge "br0"
Port lan
tag: 10
Interface lan
type: internal
Port "vnet0"
trunks: [5, 6, 10, 20, 30]
Interface "vnet0"
Port "eth1"
Interface "eth1"
Port "vnet1"
trunks: [5, 6, 10, 20, 30]
Interface "vnet1"
Port "br0"
Interface "br0"
type: internal
ovs_version: "2.7.0"
densetsu:
aarcane@densetsu:~$ sudo ovs-vsctl show
2d6843ee-2bb6-48b8-a979-ba7f64bf5ebc
Bridge "br0"
Port "eth0"
Interface "eth0"
Port lan
tag: 10
Interface lan
type: internal
Port "br0"
Interface "br0"
type: internal
ovs_version: "2.7.0"
The problem is when I try to ping the opposite machine (densetsu to
density or vice versa), the ARP packets get sent with appropriate
information through BR0 and out the eth device all tagged with VLAN
10, but the *inbound* arp packet is never sent to the lan interface.
I see it at the br0 and the eth interface, but not the destination
host's lan interface. Furthermore, the destination never seems to see
this or respond to it, so it's then impossible for the to initiate
contact without adding entries to the ethers file.
This is well and good, but it also means that other systems on the
network also cannot connect to them for purposes of administration and
management, and this is very problematic.
I've not made any changes to openflow. They've been able to
communicate with each other for a long time. This change happened
with a recent kernel upgrade. Not sure how to fix it or if it's a
bug. Again, note: All IP traffic seems to work fine. ICMP works
without issue, TCP, etc. It's only the ARP protocol that seems to not
be passing inward when it should be.
_______________________________________________
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
_______________________________________________
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
