Merge "[OVN] Ensure traffic for provider vlan networks is not tunneled" into stable/yoga

Zuul · openstack-gerrit · commit 5b8646a5762a · 2023-03-01T11:39:01.000Z
diff --git a/neutron/common/ovn/utils.py b/neutron/common/ovn/utils.py
@@ -21,6 +21,7 @@
 from neutron_lib.api.definitions import l3
 from neutron_lib.api.definitions import port_security as psec
 from neutron_lib.api.definitions import portbindings
+from neutron_lib.api.definitions import provider_net
 from neutron_lib.api import validators
 from neutron_lib import constants as const
 from neutron_lib import context as n_context
@@ -610,6 +611,10 @@ def is_gateway_chassis_invalid(chassis_name, gw_chassis,
 
 
 def is_provider_network(network):
+    return network.get(provider_net.PHYSICAL_NETWORK, False)
+
+
+def is_external_network(network):
     return network.get(external_net.EXTERNAL, False)
 
 
diff --git a/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/maintenance.py b/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/maintenance.py
@@ -831,7 +831,10 @@ def check_vlan_distributed_ports(self):
         # Get router ports belonging to VLAN networks
         vlan_nets = self._ovn_client._plugin.get_networks(
             context, {pnet.NETWORK_TYPE: [n_const.TYPE_VLAN]})
-        vlan_net_ids = [vn['id'] for vn in vlan_nets]
+        # FIXME(ltomasbo): Once Bugzilla 2162756 is fixed the
+        # is_provider_network check should be removed
+        vlan_net_ids = [vn['id'] for vn in vlan_nets
+                        if not utils.is_provider_network(vn)]
         router_ports = self._ovn_client._plugin.get_ports(
             context, {'network_id': vlan_net_ids,
                       'device_owner': n_const.ROUTER_PORT_OWNERS})
diff --git a/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/ovn_client.py b/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/ovn_client.py
@@ -1247,7 +1247,7 @@ def _get_nets_and_ipv6_ra_confs_for_router_port(self, context, port):
                 # leak the RAs generated for the tenant networks via the
                 # provider network
                 ipv6_ra_configs['send_periodic'] = 'true'
-                if is_gw_port and utils.is_provider_network(net):
+                if is_gw_port and utils.is_external_network(net):
                     ipv6_ra_configs['send_periodic'] = 'false'
                 ipv6_ra_configs['mtu'] = str(net['mtu'])
 
@@ -1559,9 +1559,12 @@ def _gen_router_port_options(self, port, network=None):
         # logical router port is centralized in the chassis hosting the
         # distributed gateway port.
         # https://github.com/openvswitch/ovs/commit/85706c34d53d4810f54bec1de662392a3c06a996
+        # FIXME(ltomasbo): Once Bugzilla 2162756 is fixed the
+        # is_provider_network check should be removed
         if network.get(pnet.NETWORK_TYPE) == const.TYPE_VLAN:
             options[ovn_const.LRP_OPTIONS_RESIDE_REDIR_CH] = (
-                'false' if ovn_conf.is_ovn_distributed_floating_ip()
+                'false' if (ovn_conf.is_ovn_distributed_floating_ip() and
+                            not utils.is_provider_network(network))
                 else 'true')
 
         is_gw_port = const.DEVICE_OWNER_ROUTER_GW == port.get(
@@ -1976,8 +1979,9 @@ def update_network(self, context, network, original_network=None):
                 for subnet in subnets:
                     self.update_subnet(context, subnet, network, txn)
 
-                if utils.is_provider_network(network):
-                    # make sure to use admin context as this is a providernet
+                if utils.is_external_network(network):
+                    # make sure to use admin context as this is a external
+                    # network
                     self.set_gateway_mtu(n_context.get_admin_context(),
                                          network, txn)
 
diff --git a/releasenotes/notes/bug-2003455-b502cc637427560e.yaml b/releasenotes/notes/bug-2003455-b502cc637427560e.yaml
@@ -0,0 +1,19 @@
+---
+fixes:
+  - |
+    [`bug 2003455 <https://bugs.launchpad.net/neutron/+bug/2003455>`_]
+    It is added an extra checking to ensure the "reside-on-redirect-chassis"
+    is set to true for the logical router port associated to vlan provider
+    network despite having the "ovn_distributed_floating_ip" enabled or not.
+    This is needed as there is an OVN bug
+    (https://bugzilla.redhat.com/show_bug.cgi?id=2162756) making it not work
+    as expected. Until that is fixed, we need these workaround
+    that makes the traffic centrallized, but not tunneled, through the node
+    with the gateway port, thus avoiding MTU issues.
+issues:
+  - |
+    Until the OVN bug (https://bugzilla.redhat.com/show_bug.cgi?id=2162756)
+    is fixed, setting the "reside-on-redirect-chassis" to true for the logical
+    router port associated to vlan provider network is needed. This workaround
+    makes the traffic centrallized, but not tunneled, through the node
+    with the gateway port, thus avoiding MTU issues.
