Hi Lukasz:
This is happening because you are using the "iptables_hybrid" firewall driver in the OVS agent. That creates a namespace where a set of iptables is defined (firewall rules) and a linux bridge, that is connected to OVS using a veth pair [1]. If you need the native plug implementation, then use the native firewall (or don't use any). That will create a TAP port directly connected to the integration bridge.
Regards.
[1]https://www.rdoproject.org/networking/networking-in-too-much-detail/
On Thu, Mar 30, 2023 at 12:11 PM Luk skidoo@tlen.pl wrote:
Hello,
Can You share some thoughts/ideas or some clues regarding migration from linux bridge to ovs ? Does this migration is posible without interrupting traffic from VMs ?
We have now linuxbridge with l3-ha, and we noticed that for example when doing live migration of VM from linuxbridge baked compute to openvswitch compute is created bridge... inside openvswitch, instead adding qvo device to br-int:
Bridge brq91dc40ac-ea datapath_type: system Port qvo84e2bd98-e9 Interface qvo84e2bd98-e9 Port brq91dc40ac-ea Interface brq91dc40ac-ea type: internalAfter removing the brq91dc40ac-ea from ovs, and hard reboot, the qvo interface is added properly to br-int:
Bridge br-int Controller "tcp:127.0.0.1:6633" is_connected: true fail_mode: secure datapath_type: system Port qvo84e2bd98-e9 tag: 1 Interface qvo84e2bd98-e9
Also, before hard reboot, there is no flow for br-int or any other openvswitch bridge regarding this VM/ip.
Does anyone have same problems ? Have tried to migrate from lb to ovs ?
Openstack version: ussuri OS: ubuntu 20
Regards Lukasz