Re: [ovs-discuss] ovs geneve vrf support

[Odintsov Vladislav via discuss]

Hi Artem,


did you try running ovs-vswitchd inside a desired VRF?

I mean:


ip vrf exec my-super-vrf /usr/share/openvswitch/scripts/ovs-ctl start 
<...args...>


On 03.10.2024 15:28, Денисов Артём via discuss wrote:

Hello!
In my environment (ovs 3.3.1 + ovn 24.0.3) I use option "ovn-encap-ip" to set 
geneve tunnel src/dst as loopback address on chassis.

I want to set master VRF on this loopback, but when I did it, geneve tunnels 
gone down even VRF table has route for other chassis loopbacks.

Is it possible to say OVS to work with interfaces in VRF other than default 
table in linux?


I'll describe below what I mean.

In default global table OVS work with IP on loopback ext as  "ovn-encap-ip" and 
listen 6081 UDP port for Geneve

```

ip a sh dev ext-loopback
47: ext-loopback: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state 
UNKNOWN group default qlen 1000
    link/ether 76:40:c6:10:12:54 brd ff:ff:ff:ff:ff:ff
    inet 10.99.0.8/32 scope global ext-loopback
       valid_lft forever preferred_lft forever
    inet6 fe80::7440:c6ff:fe10:1254/64 scope link
       valid_lft forever preferred_lft forever



ovs-vsctl list open
_uuid               : 1c682b4b-536e-496b-a69d-ec6d790140e3
bridges             : [2e4374ac-1e27-4601-802c-778af24ce4bc, 
31a5a3db-d7d3-48f5-bb04-a20db1f66b46, 37a2a66c-ee43-46b0-bc5a-9dd9e7f5811a, 
bbdf43dd-488b-4615-9f4e-9476fcfd5e08]
cur_cfg             : 37
datapath_types      : [netdev, system]
datapaths           : {system=0222470b-e992-4fdd-a916-e251aabeb1e2}
db_version          : []
dpdk_initialized    : false
dpdk_version        : none
external_ids        : {ovn-encap-ip="10.99.0.8", ovn-encap-type=geneve, 
ovn-monitor-all="true", ovn-openflow-probe-interval="0", 
ovn-remote="tcp:10.99.16.2:6642,tcp:10.99.16.3:6642,tcp:10.99.16.4:6642", 
ovn-remote-probe-interval="60000", ovn-set-local-ip="true", 
system-id=az30-network-2}
iface_types         : [bareudp, erspan, geneve, gre, gtpu, internal, ip6erspan, 
ip6gre, lisp, patch, srv6, stt, system, tap, vxlan]
manager_options     : []
next_cfg            : 37
other_config        : {bundle-idle-timeout="100", 
ovn-chassis-idx-az30-network-2="", vlan-limit="0"}
ovs_version         : []
ssl                 : []
statistics          : {}
system_type         : []
system_version      : []

ss -ulp | grep 6081
UNCONN 0      0                0.0.0.0:6081        0.0.0.0:*
UNCONN 0      0                   [::]:6081           [::]:*
```

When I move ext-loopback to VRF, Geneve tunnel immediately goes down and OVS 
still try to send Geneve packets through interface in default table.
```
sudo ip link set dev ext-loopback master vrf-ext

sudo tcpdump -nei any host 10.99.0.8 and udp
tcpdump: data link type LINUX_SLL2
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 
262144 bytes
15:08:14.155256 ens160 Out ifindex 2 fa:16:3e:5c:8d:b0 ethertype IPv4 (0x0800), 
length 122: 10.99.0.8.37085 > 10.99.0.7.6081: Geneve, Flags [none], vni 0x0, 
proto TEB (0x6558): c2:f2:19:ae:c1:c6 > 00:23:20:00:00:01, ethertype IPv4 
(0x0800), length 66: 169.254.1.1.49154 > 169.254.1.0.3784: BFDv1, Control, 
State Down, Flags: [none], length: 24

ip a sh ens160
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP 
group default qlen 1000
    link/ether fa:16:3e:5c:8d:b0 brd ff:ff:ff:ff:ff:ff
    altname enp0s3
    inet 192.168.109.156/23 brd 192.168.109.255 scope global ens160
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe5c:8db0/64 scope link
       valid_lft forever preferred_lft forever


ip r sh vrf vrf-ext
10.99.0.7 via 10.99.96.6 dev extA
10.99.96.6/31 dev extA proto kernel scope link src 10.99.96.7
10.99.96.102/31 dev extB proto kernel scope link src 10.99.96.103

```
Set master VRF for ovs-system interface, restart OVS, don't help, OVS still 
listen 6081 port in global table.


If it is not supported by OVS, could some one to point me where in OVS code I 
can start to program this feature and how much in code lines it could cost?

Appreciate any help for this topic
BR, Artyom




УВЕДОМЛЕНИЕ О КОНФИДЕНЦИАЛЬНОСТИ: Это электронное сообщение и любые документы, 
приложенные к нему, содержат конфиденциальную информацию. Настоящим уведомляем 
Вас о том, что если это сообщение не предназначено Вам, использование, 
копирование, распространение информации, содержащейся в настоящем сообщении, а 
также осуществление любых действий на основе этой информации, строго запрещено. 
Если Вы получили это сообщение по ошибке, пожалуйста, сообщите об этом 
отправителю по электронной почте и удалите это сообщение.
CONFIDENTIALITY NOTICE: This email and any files attached to it are 
confidential. If you are not the intended recipient you are notified that 
using, copying, distributing or taking any action in reliance on the contents 
of this information is strictly prohibited. If you have received this email in 
error please notify the sender and delete this email.



_______________________________________________
discuss mailing list
disc...@openvswitch.org<mailto:disc...@openvswitch.org>
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss


--
---
Regards,
Vladislav Odintsov

_______________________________________________
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss