Hey List, Any thoughts, or a direction of travel I could take to start investigating?
Rgds Steve. On Tue, 1 Apr 2025 at 13:44, Steven Relf <steven.r...@nscale.com> wrote: > Hello all. > > Looking for some help and direction tracking down an odd problem. > > Environment: > OpenStack 2023.2 > OVN: 23.09.3 > > Inside OpenStack I have two routers. They are both connected to an > "internet" network which is a provider VLAN network. > > On the inside they are also connected to a seperate provider vlan network, > which is used for bare metal nodes. Both routers have SNAT enabled. > > There is a load balancer attached to one of the provider networks, with a > FIP attached. > > The issue we encountered is as follows: > > When sending traffic from a virtual machine on network A, to the FIP of > the loadbalancer on network B, when doing a TCPdump on the controller > hosting the routers, we can see the traffic but it is showing the internal > ip address of the virtual machine, not (as expected) the SNAT address of > the Network A router. This of course causes return traffic to be dropped. > > We noticed that both routers were hosted on the same controller, > ha_chassis_group and gateway_chassis were both on the same controller. > > We forced one to move, by adjusting the priorities. > > Once we did that, when looking at the tcpdump we were then seeing the > correct SNAT address on the incoming traffic. > > It looks like for what ever reason, SNAT is ignored if the two routers are > sat on the same controller. > > Any ideas on how to work around this, stop it from happening. > > Cheers > Steve. > -- This email contains information, which is private and confidential, and is intended for the person(s) named above. All commercial rights to the content included herein are owned exclusively by Nscale Global Holdings Limited or its affiliates (collectively, "Nscale"). Any use, distribution, copying, or disclosure by any other person without the prior written permission of Nscale is strictly prohibited. If you have received this email in error or you do not consent to receiving messages of this kind, then please inform me as soon as possible.
_______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
