Re: [ovs-discuss] [ovs-dev] Project Proposal: OVN Provider Controller

On 6/30/25 6:23 PM, Numan Siddique wrote: > On Mon, Jun 30, 2025 at 5:34 AM Dumitru Ceara wrote: >> >> Hi Numan, >> >> On 6/26/25 4:26 PM, Numan Siddique wrote: >>> On Thu, Jun 26, 2025 at 8:27 AM Dumitru Ceara wrote: Hi Frode, On 6/26/25 1:50 PM, Frode Nordahl wrote: > On

Re: [ovs-discuss] [ovs-dev] Project Proposal: OVN Provider Controller

Hi Numan, On 6/26/25 4:26 PM, Numan Siddique wrote: > On Thu, Jun 26, 2025 at 8:27 AM Dumitru Ceara wrote: >> >> Hi Frode, >> >> On 6/26/25 1:50 PM, Frode Nordahl wrote: >>> On 25.06.2025 14:58, Dumitru Ceara wrote: On 6/23/25 6:23 PM, Frode Nordahl wrote: > Hello, All, > H

Re: [ovs-discuss] [ovs-dev] Project Proposal: OVN Provider Controller

Hi Frode, On 6/26/25 1:50 PM, Frode Nordahl wrote: > On 25.06.2025 14:58, Dumitru Ceara wrote: >> On 6/23/25 6:23 PM, Frode Nordahl wrote: >>> Hello, All, >>> >> >> Hi Frode, >> >>> Apologies for being late to the discussion, but just wanted to document >>> our interest in this as mentioned in the

Re: [ovs-discuss] [ovs-dev] Project Proposal: OVN Provider Controller

On 6/23/25 6:23 PM, Frode Nordahl wrote: > Hello, All, > Hi Frode, > Apologies for being late to the discussion, but just wanted to document > our interest in this as mentioned in the last IRC meeting and just now > in the A/V meeting. > > > On 19.06.2025 16:18, Dumitru Ceara via dev wrote: >>

Re: [ovs-discuss] [ovs-dev] Project Proposal: OVN Provider Controller

Hi Numan, On 6/18/25 11:38 PM, Numan Siddique wrote: > On Wed, Jun 18, 2025 at 5:00 PM Dumitru Ceara wrote: >> >> Hi Han, >> >> On 6/18/25 7:40 PM, Han Zhou wrote: >>> Thanks Numan for the proposal. >>> >>> On Wed, Jun 18, 2025 at 4:27 AM Dumitru Ceara wrote: Hi Numan, Ales,

Re: [ovs-discuss] [ovs-dev] Project Proposal: OVN Provider Controller

Hi Han, On 6/18/25 7:40 PM, Han Zhou wrote: > Thanks Numan for the proposal. > > On Wed, Jun 18, 2025 at 4:27 AM Dumitru Ceara wrote: >> >> Hi Numan, Ales, >> >> On 6/10/25 4:24 PM, Numan Siddique wrote: >>> On Tue, Jun 10, 2025 at 2:04 AM Ales Musil wrote: On Thu, Jun 5, 20

Re: [ovs-discuss] [ovs-dev] Project Proposal: OVN Provider Controller

Hi Numan, Ales, On 6/10/25 4:24 PM, Numan Siddique wrote: > On Tue, Jun 10, 2025 at 2:04 AM Ales Musil wrote: >> >> >> >> On Thu, Jun 5, 2025 at 9:44 PM Numan Siddique wrote: >>> >>> On Thu, Jun 5, 2025 at 11:33 AM Dumitru Ceara wrote: On 6/4/25 6:24 PM, Numan Siddique wrote: > He

Re: [ovs-discuss] [ovs-dev] Project Proposal: OVN Provider Controller

On 6/4/25 6:24 PM, Numan Siddique wrote: > Hello, > Hi Numan, > There's a need to configure the provider bridge with specific OpenFlow > rules after packets leave the OVN pipeline and enter via the patch > port. > > To simplify this for CMS, I propose utilizing OVN logical flows. This > would e

Re: [ovs-discuss] [ovs-disscus] OVN issue in Asymmetric Routing scenario

On 5/26/25 2:18 PM, Q Kay wrote: > Hi Dumitru, > Hi Ice Bear, > I think you got something wrong about the logical_switch_port id. >> The a2b9537d-d8a1-4cb9-9582-f41e49ed22a3 logical switch port is part of > the following port group. > This port does not belong to my two instances. It's just a po

Re: [ovs-discuss] [ovs-disscus] OVN issue in Asymmetric Routing scenario

On 5/26/25 12:31 PM, Q Kay wrote: > Hi Dumitru, > Hi Ice Bear, > I think this is the file you want. Yes, that's it, thanks! > Thanks for guiding me. No problem. So, after looking at the DB contents I see that logical switch 1 (70974da0-2e9d-469a-9782-455a0380ab95) has no ACLs applied (direc

Re: [ovs-discuss] [ovs-disscus] OVN issue in Asymmetric Routing scenario

On 5/26/25 11:38 AM, Q Kay wrote: > Hi Dumitru, > Hi Ice Bear, > Here is the NB DB in JSON format (attachment). > Sorry, I think my request might have been confusing. I didn't mean running something like: ovsdb-client -f json dump Instead I meant just attaching the actual database file. Th

Re: [ovs-discuss] [ovs-disscus] OVN issue in Asymmetric Routing scenario

On 5/22/25 9:05 AM, Q Kay wrote: > Hi Dumitru, > Hi Ice Bear, Please keep the ovs-discuss mailing list in CC. > I am very willing to provide NB DB file for you (attached). > I will provide more information about the ports for you to check. > > Logical switch 1 id: 70974da0-2e9d-469a-9782-455a0

Re: [ovs-discuss] [ovs-disscus] OVN issue in Asymmetric Routing scenario

On 5/21/25 5:16 AM, Q Kay wrote: > Hi Dumitru, Hi Ice Bear, CC: ovs-discuss@openvswitch.org > Thanks for your answer. First, I will address some of your questions. > >>> The critical evidence is in the failed flow, where we see: >>> 'recirc_id(0x3d77),in_port(28),ct_state(-new-est-rel-rpl+inv+t

Re: [ovs-discuss] [ovs-disscus] OVN issue in Asymmetric Routing scenario

On 5/19/25 12:20 PM, Q Kay via discuss wrote: > Attached topology > > Vào Th 2, 19 thg 5, 2025 vào lúc 17:19 Q Kay đã > viết: > >> Dear OVN Team, >> Hi Ice Bear, >> I would like to report an issue observed with OVN networking related to >> asymmetric routing. The problem occurs when using in

Re: [ovs-discuss] [ovn-controller] Possible duplicated sampling in OpenFlow flows causing IPFIX duplication

On 5/19/25 9:01 AM, Trọng Đạt Trần wrote: > Hi Dumitru, > Hi Oscar, > I’d like to verify my understanding of how sampling behaves under traffic > imbalance, specifically when multiple ACLs use the *same sample_collector*. > -- > 🔧 Simplified Scenario > >- > >

Re: [ovs-discuss] [ovn-controller] Possible duplicated sampling in OpenFlow flows causing IPFIX duplication

On 5/16/25 6:07 AM, Trọng Đạt Trần wrote: > Dear Dumitru, > Hi Oscar, > Thank you for confirming the bug — I’m happy to help however I can. > -- > I. Temporary Workaround & Feedback > > To work around the IPFIX duplication issue in the meantime, I’ve > implemented a

Re: [ovs-discuss] OVS version for OVN 25.03

On 5/13/25 3:55 PM, Tiago Pires via discuss wrote: > Hi all, > Hi Tiago, > For OVN 25.03 what would be the correct version match for OVS? Do you mean in terms of building OVN 25.03 or are you interested in the runtime version of OVS OVN is compatible with? > Do we have documentation with that

Re: [ovs-discuss] [ovn-controller] Possible duplicated sampling in OpenFlow flows causing IPFIX duplication

Hi Oscar, On 5/13/25 1:04 PM, Dumitru Ceara wrote: > On 5/13/25 11:06 AM, Trọng Đạt Trần wrote: >> Dear Dumitru, >> > > Hi Oscar, > >> In the previous days, I’ve performed additional tests to gain better >> understanding around the issue before giving you the details. >> >> Thank you for your ea

Re: [ovs-discuss] [ovn-controller] Possible duplicated sampling in OpenFlow flows causing IPFIX duplication

On 5/13/25 11:06 AM, Trọng Đạt Trần wrote: > Dear Dumitru, > Hi Oscar, > In the previous days, I’ve performed additional tests to gain better > understanding around the issue before giving you the details. > > Thank you for your earlier explanation, it clarified how conntrack and > sampling wor

Re: [ovs-discuss] [ovn-controller] Possible duplicated sampling in OpenFlow flows causing IPFIX duplication

On 5/9/25 2:14 PM, Dumitru Ceara wrote: > On 5/9/25 5:38 AM, Trọng Đạt Trần wrote: >> Hi Dimitru, >> > > Hi Oscar, > > >> Thank you for pointing that out. >> >> To clarify: the terms “inbound” and “outbound” in my previous message >> were used from the *VM’s perspective*. >> >> >> Topology

Re: [ovs-discuss] [ovn-controller] Possible duplicated sampling in OpenFlow flows causing IPFIX duplication

On 5/9/25 5:38 AM, Trọng Đạt Trần wrote: > Hi Dimitru, > Hi Oscar, > Thank you for pointing that out. > > To clarify: the terms “inbound” and “outbound” in my previous message > were used from the *VM’s perspective*. > > > Topology: > > |vm_a network1 router network2 ---

Re: [ovs-discuss] [ovn-controller] Possible duplicated sampling in OpenFlow flows causing IPFIX duplication

Hi Oscar, On 5/6/25 12:31 PM, Trọng Đạt Trần wrote: > As requested, I’ve attached additional tracing information related to > the sampling duplication issue. > > * > > The file |ofproto_trace.log| contains the full output of |ofproto/ > trace| commands. > > * > > The archive |o

Re: [ovs-discuss] [External] : Re: Question about ACL sampling

On 4/14/25 11:56 AM, Brendan Doyle via discuss wrote: > > > On 11/04/2025 13:45, Adrián Moreno wrote: >> On Fri, Apr 11, 2025 at 02:11:20PM +0200, Adrián Moreno wrote: >>> On Thu, Apr 10, 2025 at 12:10:13PM +0100,brendan.do...@oracle.com wrote: Hi Dumitru/Adrian, I'm work

Re: [ovs-discuss] [External] : Re: Question about ACL sampling

On 4/10/25 1:10 PM, Brendan Doyle via discuss wrote: > Hi Dumitru/Adrian, > Hi Brendan, > > > I'm working my way through IPFIX test in system-ovn.at, just a couple of > questions. > >> collector1=$(ovn-nbctl create Sample_Collector id=1 name=c1 >> probability=65535 set_id=100) >> collector2=$

Re: [ovs-discuss] [External] : Re: Question about ACL sampling

On 4/10/25 4:49 PM, brendan.do...@oracle.com wrote: > Hi, > Hi Brendan, > Thanks, that is helpful, comments inline below, and I'm sure I'll have a > few more questions > As I work though it. > > > On 10/04/2025 13:40, Dumitru Ceara wrote: >> On 4/10/25 1:10 PM, Brendan Doyle via discuss wrote:

Re: [ovs-discuss] [ovs-dev] The ovn-ic process is using nearly 100% CPU

On 4/9/25 5:58 PM, Numan Siddique wrote: > On Tue, Apr 8, 2025 at 5:57 PM Paulo Guilherme Da Silva via discuss < > ovs-discuss@openvswitch.org> wrote: > >> Hi everyone, Hi all, >> >> I wrote this email to share with the community the behavior we are >> observing in our infrastructure, the high p

Re: [ovs-discuss] ARP request packets put high pressure on the pinctrl thread in ovn-controller

On 4/6/25 8:37 PM, Ilia Baikov wrote: > Hello, Hi Ilia, > I've compiled OVN using provided branch with both patches included and > migrated some VMs to host with L3 networking to see what going to happen. > > Resubmit logs are now back. Interesting thing that there was about 270 > VMs before so

Re: [ovs-discuss] ARP request packets put high pressure on the pinctrl thread in ovn-controller

On 4/1/25 7:30 PM, Ilia Baikov wrote: > Hi Dumitru, Hi Ilia, > Sure, let's give it a try. Is it good idea to apply this patch on top of > the patch you previously sent to try? Yes, you're right, we should apply it on top of that. I pushed both patches here: https://github.com/dceara/ovn/commit

Re: [ovs-discuss] ARP request packets put high pressure on the pinctrl thread in ovn-controller

On 4/1/25 3:15 AM, Ilia Baikov wrote: > Hello, Hi Ilia, > So the things go way deeper and it becomes way strange as i initially > thought. > I've migrated to L3 networking using ovn-bgp-agent, in order to reduce > ARP packets flooded over all ports attached to br-int. However this > didn't help a

Re: [ovs-discuss] [OVN] Logical flows combined in logical_dp_groups lose "stage-hint" information

On 3/29/25 1:25 AM, Qin, Qiaofeng via discuss wrote: > Hi, > Hi Qiaofeng, > I am thinking about a scenario where NB has multiple clients. For > example, there are two users each managing a datapath, and they do not > care about each other. They might accidentally install the same ACL Do you mea

Re: [ovs-discuss] ARP request packets put high pressure on the pinctrl thread in ovn-controller

On 3/22/25 1:59 AM, Ilia Baikov wrote: > Wow, didn't think that resolving this will require patching kernel > module. Really impressive. > I've previously compiled and then deployed forked version of ovn- > controller where you did commit revert. Is it good idea to test when > stable kernel revisio

Re: [ovs-discuss] ARP request packets put high pressure on the pinctrl thread in ovn-controller

On 3/19/25 8:42 PM, Ilia Baikov wrote: > Hello, Hi Ilia, Piotr, > Nice to hear that it is resolved for you. I've got an advice from friend > about reducing ARP pps on Juniper devices (arp is being send only when > unicast packet arrives or expire) which reduced ARP pps from about 2 to > 3 times.

Re: [ovs-discuss] [BUG] ovn-controller stops sending DHCPOFFER

On 3/3/25 5:08 PM, support wrote: >> Hmm, why would a router forward L2 broadcast packets though (in your > case they're not ARPs as the logs in your gist showed)? > > I guess while Juniper switch acts as border router with BGP configured > (for public subnets). So we have L3 vlan interface with I

Re: [ovs-discuss] [BUG] ovn-controller stops sending DHCPOFFER

On 3/3/25 4:35 PM, support via discuss wrote: >> What surprises me though is that they actually need to be sent to >>reg15=0x8000 (MC_FLOOD). >> In your gist src-mac 30:b6:4f:5f:db:a0 is by far the most common, would >> you happen to know who that corresponds to?  Is it legit IP traffic with >>L2 b

Re: [ovs-discuss] [BUG] ovn-controller stops sending DHCPOFFER

On 3/3/25 3:53 PM, support wrote: > Sorry for mispelling Dumitru! Y is damn close to U, didn't get use to > new keyboard yet. No worries! :) > ​​Little clarification: > We making instances public through L2 network. Meanwhile we also have 1 > router (OpenStack entity) for private network wher

Re: [ovs-discuss] [BUG] ovn-controller stops sending DHCPOFFER

Hi Ilia, Thanks for all the additional information! On 3/2/25 8:55 PM, support via discuss wrote: > Probably i found something interesting here. > top -H -p $(pidof ovs-vswitchd) >    PID USER      PR  NI    VIRT    RES    SHR S  %CPU  %MEM     TIME+ > COMMAND                     >  673931 root  

Re: [ovs-discuss] [BUG] ovn-controller stops sending DHCPOFFER

On 2/20/25 11:13 PM, Ilia Baikov via discuss wrote: > Hi > Hi Ilia, + Ilya Maximets for more ovs insights. > Over a lot of observes and testing various number of possible fixes came > with nothing... > > Yes, there are messages that contains NXT_RESUME substring. > > ovn-controller: > 2025-02

Re: [ovs-discuss] Question about ACL sampling

On 2/13/25 7:50 PM, Brendan Doyle via discuss wrote: > Hi, > Hi Brendan, > > Does the ACL sampling only work for stateful ACLs? > No, it works for all kinds of ACLs. > Also how is the sample data queried? > The data is forwarded to a collector based on configuration in the local OVS databa

Re: [ovs-discuss] [OVN] Periodic IPv6 RAs are not forwarded to external network

On 12/6/24 2:55 PM, martin.kal...@canonical.com wrote: > On Fri, 2024-12-06 at 10:31 +0100, Dumitru Ceara wrote: >> On 12/6/24 10:29 AM, martin.kal...@canonical.com wrote: >>> Hi Dumitru, >>> >>> On Fri, 2024-12-06 at 10:01 +0100, Dumitru Ceara wrote: On 8/23/24 2:58 PM, Martin Kalcok via disc

Re: [ovs-discuss] [OVN] Periodic IPv6 RAs are not forwarded to external network

On 12/6/24 10:29 AM, martin.kal...@canonical.com wrote: > Hi Dumitru, > > On Fri, 2024-12-06 at 10:01 +0100, Dumitru Ceara wrote: >> On 8/23/24 2:58 PM, Martin Kalcok via discuss wrote: >>> Hello OVN enthusiasts o/ >>> I noticed that when periodic IPv6 Router Advertisements are enabled >>> on LRP

Re: [ovs-discuss] [OVN] Periodic IPv6 RAs are not forwarded to external network

On 8/23/24 2:58 PM, Martin Kalcok via discuss wrote: > Hello OVN enthusiasts o/ > I noticed that when periodic IPv6 Router Advertisements are enabled on LRP > [0], they wont get forwarded to the external networks. I’m just wondering if > it’s intentional, or a bug. I have following simple setup:

[ovs-discuss] [OVN TSC] Vote results for granting ovn-org/libovsdb permission to move to CNCF

Hi everyone, The OVN TSC (technical steering committee, i.e., OVN maintainers [0]) has voted on the following matter: Vote: Grant permission to authorize libovsdb [1] leaving the OVN LF project and governance for the CNCF [2]. The voting period was October 31st - November 7th 2024 and is now cl

Re: [ovs-discuss] ERR| group-table: out of table ids

On 10/9/24 22:17, Sri kor wrote: > Thanks Dumitru! Good to know that https://github.com/ovn-org/ovn/issues/259 is > strictly specific to meter. We are currently on OVN 23.09.1 and OVS 3.2.2 > I just tried a basic scenario with a load balancer configured on OVN 23.09.1 and OVS 3.2.2 and I don't se

Re: [ovs-discuss] ERR| group-table: out of table ids

On 9/26/24 18:55, Sri kor wrote: > Hi @Dumitru Ceara and @Ilya Maximets > , Hi Srini, > I was hoping that this issue was fixed on *23.09.4*. The other members > in the community faced the similar issue. Looks like it was seen on 24.03 > also. The only kind of similar report I'm aware of

[ovs-discuss] [OVN TSC] Vote Results for granting OVN-Kubernetes permission to apply to join the CNCF

Hi everyone, The OVN TSC (technical steering committee, i.e., OVN maintainers [0]) has voted on the following matter: Vote: Grant permission to OVN-Kubernetes maintainers [1] to apply to join the CNCF [2] in order to better promote the project to its primary user base. If their application is a

Re: [ovs-discuss] NorthD inc-engine Handlers; OVN 24.03

On 7/1/24 14:31, Шагов Георгий wrote: > Hello Dumitru, Numan, Han > Hi George, > I have implemented a Handler for SB_datapath_binding node, could you give me > a favor in taking a look before I would submit a patch (that is attached to > the Issue). > SVN Issue: https://github.com/ovn-org/ovn/

Re: [ovs-discuss] OVN clang-format proposal

On 6/25/24 08:54, Ales Musil wrote: > On Tue, Jun 25, 2024 at 8:48 AM Eelco Chaudron wrote: > >> >> >> On 24 Jun 2024, at 17:52, Ales Musil via discuss wrote: >> >>> Hi, >>> Hi Ales, Thanks for bringing this up! >>> I would like to propose a universal coding style using clang-format [0]. >>> I

Re: [ovs-discuss] ERR| group-table: out of table ids

On 6/6/24 22:41, Ilya Maximets wrote: > On 6/6/24 20:59, Sri kor via discuss wrote: >> Hi Team, >> >>     Currently we are facing  /ERR|group-table: out of table ids .W/e are >> running OVN 23.09 version and OVS 3.2.2.  From the retis trace, the packet >> appears to be dropped shortly after the upc

Re: [ovs-discuss] NorthD inc-engine Handlers; OVN 24.03

On 5/17/24 14:20, Шагов Георгий wrote: > At the first, Numan, Dumitru, Han, I really appreciate your replies, will do > my best to describe the case in details > No problem! > NS> Does your deployment create/delete logical switches/routers frequently > > It is a separate service, i.e.: Open St

Re: [ovs-discuss] [External] : Re: Regression in latest LTS - ACLs for ports in multiple Port Groups not working

On 5/14/24 19:14, Brendan Doyle wrote: > > > On 14/05/2024 15:58, Dumitru Ceara wrote: >> On 5/14/24 15:34, Brendan Doyle wrote: >>> Duh, after looking at the trace, this is in fact working as it should >>> the VRRP pkts are getting through to the LBs, the one that is getting >>> dropped is the o

Re: [ovs-discuss] [External] : Re: Regression in latest LTS - ACLs for ports in multiple Port Groups not working

On 5/14/24 15:34, Brendan Doyle wrote: > > Duh, after looking at the trace, this is in fact working as it should > the VRRP pkts are getting through to the LBs, the one that is getting > dropped is the one forwarded to the VM, as that is not in the PG to allow > proto 112. > > Awesome, thanks f

Re: [ovs-discuss] [External] : Re: Regression in latest LTS - ACLs for ports in multiple Port Groups not working

On 5/14/24 12:06, Brendan Doyle via discuss wrote: > > > On 14/05/2024 09:50, Dumitru Ceara wrote: >> On 5/7/24 12:38, Brendan Doyle via discuss wrote: >>> Hi, >>> >>> Seems there is a regression with the latest LTS release in terms of Port >>> Group >>> ACLs when ports are in multiple Port Group

Re: [ovs-discuss] [OVN] Not working ACLs

On 5/14/24 11:25, Justin Lamp wrote: > Hi Dumitru, > > in case you did not see the attachment. I already did an ovn-trace and > added it to the file. > Ah, sorry about that, I missed it. You should probably re-run the trace and pass "--ct new" twice, for both zones (ingress and egress), e.g.:

Re: [ovs-discuss] [OVN] Not working ACLs

On 4/26/24 12:50, Justin Lamp via discuss wrote: > Hey there, > > we are on OVN 23.06.3 + OVS 3.1.2 and are facing an issue with the ACLs. For > some odd reason some UDP Packets are not dropped. I attached all the > information I was able to gather. The attached traces show the Wireguard > conn

Re: [ovs-discuss] Regression in latest LTS - ACLs for ports in multiple Port Groups not working

On 5/7/24 12:38, Brendan Doyle via discuss wrote: > Hi, > > Seems there is a regression with the latest LTS release in terms of Port > Group > ACLs when ports are in multiple Port Groups. As an example I have 3 > ports in a > Port Group, and  two of them in another Port Group, that has an ACL to >

Re: [ovs-discuss] NorthD inc-engine Handlers; OVN 24.03

On 5/8/24 18:01, Numan Siddique wrote: > On Wed, May 8, 2024 at 8:42 AM Шагов Георгий via discuss < > ovs-discuss@openvswitch.org> wrote: > >> Hello everyone >> >> >> >> In some aspect it might be considered as a continuation of this thread: >> (link1), yet it is different >> >> After we have upgr

Re: [ovs-discuss] Segmentation fault on logical router nat entry addition at nbctl_lr_nat_add

On 4/4/24 19:01, Sri kor wrote: > Hi Dumitru, Hi Srini, >I am on 23.09. here is the output. > > [root@ovnkube-db-0 ~]# rpm -qa | grep ovn > ovn23.09.1-23.09.1-11.el9.x86_64 > ovn23.09.1-central-23.09.1-11.el9.x86_64 > I can't find this RPM version anywhere. Could you please share a link t

Re: [ovs-discuss] Segmentation fault on logical router nat entry addition at nbctl_lr_nat_add

On 4/4/24 01:44, Sri kor wrote: > Hi Dumitru, >I have been facing segmantation fault everytime when I trigger > lr-nat-add with dnat_and_snat. It is distro from centros and it is on rocky > 9.1. > >> # ovn-nbctl --no-leader-only lr-nat-add >> a_4a3e9209_8826_4561_9c58_4a852bd61c45_lr_3a735720_

Re: [ovs-discuss] [ovs-dev] [PATCH] Rename primary development branch as main.

On 3/21/24 13:32, Ilya Maximets wrote: > CC: ovs-discuss for visibility. > Thanks for the heads up, Ilya! > It seems like this change will affect ovn-fake-multinode project > and ovn-heater as they are cloning 'master' branch by default. I opened draft PRs for ovn-fake-multinode and ovn-heater:

[ovs-discuss] [ADVISORY] CVE-2024-2182: Open Virtual Network: Insufficient validation of incoming BFD packets.

Description === Multiple versions of OVN (Open Virtual Network) are vulnerable to crafted BFD packets potentially causing denial of service. OVN supports configuration of gateway chassis and high-availability chassis groups (via the Gateway_Chassis and HA_Chassis_Group tables in the OVN_N

Re: [ovs-discuss] Segmentation fault on logical router nat entry addition at nbctl_lr_nat_add

On 2/13/24 00:10, Sri kor via discuss wrote: > Hi Team, >   When I am trying to add the nat entry for LR, ovn-nbctl cored. here is > back trace.  Hi, > > [root@ovnkube-db-0 ~]# ovn-nbctl --no-leader-only lr-nat-add > a_4a3e9209_8826_4561_9c58_4a852bd61c45_lr_a2b89a8a_530a_446f_bf6c_ecf223a7af22

Re: [ovs-discuss] [External] : Meters for ACL commands

On 12/18/23 12:24, Brendan Doyle wrote: > > > On 18/12/2023 09:58, Dumitru Ceara wrote: >> On 12/12/23 17:58, Brendan Doyle via discuss wrote: >>> Just FYI I got it working with : >>> >>> ovn-nbctl --fair meter-add acl_drop drop 10 pktps >>> >> Sorry for the late reply, Brendan, but is this meter

Re: [ovs-discuss] [External] : Meters for ACL commands

On 12/12/23 17:58, Brendan Doyle via discuss wrote: > > Just FYI I got it working with : > > ovn-nbctl --fair meter-add acl_drop drop 10 pktps > Sorry for the late reply, Brendan, but is this meter shared between multiple ACLs? The "--fair" attribute is only relevant in those cases. Otherwise

Re: [ovs-discuss] OVN upgrade

On 11/29/23 06:49, Sri kor wrote: > Hi Team, Hi, Srini, > Currently OVN 23.09 version packages were not built yet for Centos > platform. ref to > https://ftp.redhat.com/pub/redhat/linux/enterprise/9Base/en/Fast-Datapath/SRPMS/ > . That's, probably, correct. I think that will happen at some poi

Re: [ovs-discuss] OVN rpm-fedora build failure

On 11/29/23 21:58, Sri kor via discuss wrote: > Hi Team, Hi, Srini, >I needed to upgrade to ovn-23.09. As the packages are not ready for > 23.09 and ready only till 23.06 on Centos repo > , > I needed build the

Re: [ovs-discuss] [ovs-discuess] Multicast on router leads to ovs-vswitchd segment fault!

On 11/14/23 07:06, wangchuanlei via discuss wrote: > Hi Joe / Dumitru / Team, Hi Wangchuanlei, > I am testing the process of ipv4 multicast in OVN/OVS, but the process > ovs-vswitchd encountered a segement fault, because the stack memory is > exhausted. > My network is configured as below:

Re: [ovs-discuss] Is there a way to use OVN LRP with BFD table to send a BFD One-Arm-echo to physical switch gw

On 11/3/23 10:35, Brain Empty via discuss wrote: > Hi, teams > Hi, > Is there a way to use OVN LRP with BFD table to send a One-Arm-BFD-echo > packet to the physical switch gw? > > > ref:  > https://support.huawei.com/enterprise/en/doc/EDOC1100096312/7c43c2e3/bfd-one-arm-echo > >

Re: [ovs-discuss] ovn-central and ovn-controller compatibility question on OVS/OVN upgrade

On 11/2/23 19:59, Joe Liu via discuss wrote: > Hi community, > Hi Joe, > We hit an issue during upgrading OVS/OVN on ovn-central on master node, > and ovn-controllers on worker nodes: > > Before the upgrade, we have > openvswitch-2.16.90 > ovn-21.09.0 > ovn-host-21.09.0 > ovn-central-21.09.0 >

Re: [ovs-discuss] Gratuitous ARP is missing

On 11/1/23 21:28, Sri kor via discuss wrote: > Hii,  > Hi Srini, > At times, when I allocate a VM to a compute node, the network fails to > learn an ARP entry. This issue occurs randomly, making it challenging to > predict when it will happen. I am interested in logging any instances > where the

Re: [ovs-discuss] OVN 100% CPU - massive number of ARP entries

On 11/1/23 06:06, Gavin McKee via discuss wrote: > Hi , > Hi Gavin, > We are seeing ovn-controller churning constantly at 100% CPU usage. > > (Open vSwitch) 2.17.6 > ovn-controller 22.09.2 > Is this a deployment that can be upgraded to newer OVS/OVN versions? > 2023-11-01T04:54:08.406Z|01514

Re: [ovs-discuss] OVN/OVSDB Performance Numbers and Tests

On 9/22/23 11:51, Yakov via discuss wrote: > Hello guys, > Hi, Yakov, > My name is Yakov and I am new to the OVN and virtual networks in general. I > am now trying to get some estimates on how a VM cluster of 20k+ VMs spread > across 400-500 hypervisors in one data center will behave (mostly reg

Re: [ovs-discuss] OVN Maximum number of ecmp routes

On 9/21/23 08:16, chuanyun Xiao via discuss wrote: > Hi: > In ovn 23.03.0, I run the "*ovn-nbctl --ecmp lr-route-add ROUTER PREFIX > NEXTHOP [PORT]*" command to add multiple routes with the same prefix but > different nexthop and port. Somebody tell me Specifies the maximum number > of ecmp rou

Re: [ovs-discuss] MAC binding aging refresh mechanism

On 5/26/23 08:37, Ales Musil wrote: > On Fri, May 26, 2023 at 7:58 AM Han Zhou wrote: > >> >> >> On Thu, May 25, 2023 at 9:19 AM Ilya Maximets wrote: >>> >>> On 5/25/23 14:08, Ales Musil via discuss wrote: Hi, to improve the MAC binding aging mechanism we need a way to ensure >> t

Re: [ovs-discuss] Help-How to know the node is offline in northd?

On 4/26/23 09:04, wangchuanlei wrote: >> Hi, > >> On 4/21/23 08:17, wangchuanlei via discuss wrote: >>> I have one center and serveral node, and all nodes are connected >>> to center with options ovn-remote=tcp:192.168.0.x:6642, when one node >>> lost connection to center, the commands "ovn-

Re: [ovs-discuss] Help-How to know the node is offline in northd?

Hi, On 4/21/23 08:17, wangchuanlei via discuss wrote: > I have one center and serveral node, and all nodes are connected to > center with options ovn-remote=tcp:192.168.0.x:6642, when one node lost > connection to center, the commands "ovn-sbctl list chassis" still see the > node. > How ca

Re: [ovs-discuss] OVN: too many resubmits for arp requests

On 2/27/23 17:04, Felix Hüttner wrote: >> On 2/22/23 09:41, Felix Hüttner via discuss wrote: >>> Hello everyone, >>> >> >> Hi Felix, >> >>> we are currently running ovn 22.12 for our openstack environment. >>> We have a large logical switch which is connected to our internet >>> connection. >>> On

Re: [ovs-discuss] OVN: too many resubmits for arp requests

On 2/22/23 09:41, Felix Hüttner via discuss wrote: > Hello everyone, > Hi Felix, > we are currently running ovn 22.12 for our openstack environment. > We have a large logical switch which is connected to our internet connection. > On this switch there are currently around 350 logical routers con

Re: [ovs-discuss] [External] : Re: Do entries in the MAC_Binding table age out? Seeing incorrect entry after a VIP moved

On 1/27/22 11:59, Brendan Doyle wrote: > Hi Daniel , > > Thanks for the response, I'm not sure the patch in [1] would help in > this case. > The stale binding is of a VIP in the underlay learned through an OVN > physical > network port. The VIP is hosted by a number of "Management" nodes, the OVN

Re: [ovs-discuss] TCP Load Balancers and PMTU discovery

On 12/11/20 17:53, Miguel Angel Ajo wrote: > > Do we know if OVN Loadbalancers will forward ICMPs related to a load > balancer connection, or who could I ask? > > Please note that  >  - 172.30.23.156 is the VIP of my TCP load balancer, attached to a router. >  - 10.129.2.2 is the gateway which wi

Re: [ovs-discuss] Multiple localnet ports associated with the same external network/bridge mapping

On 1/6/23 12:37, Rutuja Umesh Madhure via discuss wrote: > Hi team, Hi Rutuja, > Can you please guide us on this. > > We have two logical switches, each with a *localnet*port associated with > the same external network - 'ext-net-1' > (*ovn-bridge-mappings*="ext-net-1:brPhy1") > > switch eb