Allow Address Pairs not working across tenant networks
Description
Environment
Operating System: All
Platform: All
Activity
Show:
karthikeyan Krishnan August 18, 2020 at 3:42 AM
Please try to validate the reported use case testing in latest ODL release(Aluminium/Silicon) and open the new ticket if the issue is still persist.
Abhinav Gupta November 25, 2019 at 7:22 AM
any update here?
Aswin Suryanarayanan October 17, 2018 at 8:34 AM
yes it is , I am yet to work on it.
Sam Hague October 4, 2018 at 4:25 AM
is this still an issue?
Aswin Suryanarayanan April 6, 2018 at 11:59 AM
Yes this issue is yet to be resolved.
Cannot Reproduce
Created October 2, 2017 at 3:47 PM
Updated August 18, 2020 at 3:42 AM
Resolved August 18, 2020 at 3:42 AM
Allowed address pairs (AAP) does not across neutron networks when using ODL as ml2 backend. I tried with both, Nitrogen and Carbon.
Steps to reproduce:
Create two tenant networks, for example 10.0.0.0/24 and 20.0.0.0/24
Create a router and connect both networks to it
Create a VM on first tenant network: VM1 with IP 10.0.0.5
Create a VM on second tenant network: VM2 with IP 20.0.0.5
Create a port on second tenant network: for example 20.0.0.10
Attach the IP of that port as AAP of the port being used by VM2
Then, if you try to ping VM2 from VM1 it works, i.e., ping 20.0.0.5 from 10.0.0.5. However, if you try to ping the AAP (i.e., 20.0.0.10) from VM1, the traffic does not reach VM2. Actually, it does not even reach the second tenant network (20.0.0.0/24) as the traffic gets to the OVS table 46 and from there it is sent to the controller, therefore not reaching the port where VM2 is connected.