<div dir="ltr">I had a look for fix that and I don't found a simple way.<div><br></div><div>The minimal MTU can be deducted by the LB agent with the value found on the bridge and the LB agent can set it on veth interface connect to that bridge.</div>
<div>But there no easy way to set it on the other side of the veth in the namespace. LB agent doesn't know the name of the other side of the veth and it doesn't know the name of the namespace. Furthermore, I'm not sure it's a good way to modify network in a namespace doesn't manage by the LB agent.</div>
<div><br><div>Another simple solution, is to set a global config flag to define the minimal MTU and all agents which create veth use it to set interfaces MTU.<br></div></div><div><br></div><div>I opened a bug to discuss: <a href="https://bugs.launchpad.net/neutron/+bug/1242534">https://bugs.launchpad.net/neutron/+bug/1242534</a></div>
<div><br></div><div>Regards,</div><div>Édouard.</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Sun, Oct 20, 2013 at 5:29 PM, Salvatore Orlando <span dir="ltr"><<a href="mailto:sorlando@nicira.com" target="_blank">sorlando@nicira.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">It might be worth both documenting this limitation on the admin guide and provide a fix which we should backport to havana too.<div>
It sounds like the fix should not be too extensive, so the backport should be easily feasible.</div>
<div><br></div><div>Regards,</div><div>Salvatore</div></div><div class="gmail_extra"><br><br><div class="gmail_quote"><div><div class="h5">On 18 October 2013 21:50, Édouard Thuleau <span dir="ltr"><<a href="mailto:thuleau@gmail.com" target="_blank">thuleau@gmail.com</a>></span> wrote:<br>
</div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="h5"><div dir="ltr">Hi all,<div><br></div><div>I made some tests with the ML2 plugin and the Linux Bridge agent with VXLAN tunneling.</div>
<div><br></div><div>By default, physical interface (used for VXLAN tunneling) has an MTU of 1500 octets. And when LB agent creates a VXLAN interface, the MTU is automatically 50 octets less than the physical interface (so 1450 octets) [1]. Therefore, the bridge use to plug tap of VM, veth from network namespaces (l3 or dhcp) and VXLAN interface has an MTU of 1450 octets (Linux bridges take minimum of all the underlying ports [2]).</div>
<div><br></div><div>So the bridge could only forward packets of length smaller than 1450 octets to VXLAN interface [3].</div><div><br></div><div>But the veth interfaces used to link network namespaces and bridges are spawn by l3 and dhcp agents (and perhaps other agents) with an MTU of 1500 octets. So, packets which arriving from them are dropped if they need to be forwarded to the VXLAN interface.</div>
<div><br></div><div>A simple workaround is to increase by 50 at least the MTU of the physical interface to harmonize MTU between interfaces. But by default (without MTU customizing), the LB/VXLAN mode have strange behavior (cannot make curl from server behind a router or execute command with verbose output in SSH through a floating IP (SSH connection works)...)</div>
<div><br></div><div>So my question is, do you think we need to open a bug and find a fix for that ? Or do we need to put warning in docs (and logs perhaps)?</div><div><br></div><div>[1] <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/drivers/net/vxlan.c#n2437" target="_blank">http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/drivers/net/vxlan.c#n2437</a></div>
<div>[2] <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/net/bridge/br_if.c#n402" target="_blank">http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/net/bridge/br_if.c#n402</a></div>
<div>[3] <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/net/bridge/br_forward.c#n74" target="_blank">http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/net/bridge/br_forward.c#n74</a></div>
<span><font color="#888888">
<div><br></div><div>Édouard.</div></font></span></div>
<br></div></div>_______________________________________________<br>
OpenStack-dev mailing list<br>
<a href="mailto:OpenStack-dev@lists.openstack.org" target="_blank">OpenStack-dev@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
<br></blockquote></div><br></div>
<br>_______________________________________________<br>
OpenStack-dev mailing list<br>
<a href="mailto:OpenStack-dev@lists.openstack.org">OpenStack-dev@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
<br></blockquote></div><br></div>