Hello, I have this problem with rocky or newer with iptables_hybrid firewall. So, can I solve using post copy live migration ??? Thanks Ignazio Il Lun 27 Apr 2020, 17:57 Sean Mooney <smooney@redhat.com> ha scritto:
On Mon, 2020-04-27 at 17:06 +0200, Ignazio Cassano wrote:
Hello, I have a problem on stein neutron. When a vm migrate from one node to another I cannot ping it for several minutes. If in the vm I put a script that ping the gateway continously, the live migration works fine and I can ping it. Why this happens ? I read something about gratuitous arp. qemu does not use gratuitous arp but instead uses an older protocal called RARP to do mac address learning.
what release of openstack are you using. and are you using iptables firewall of openvswitch firewall.
if you are using openvswtich there is is nothing we can do until we finally delegate vif pluging to os-vif. currently libvirt handels interface plugging for kernel ovs when using the openvswitch firewall driver https://review.opendev.org/#/c/602432/ would adress that but it and the neutron patch are https://review.opendev.org/#/c/640258 rather out dated. while libvirt is pluging the vif there will always be a race condition where the RARP packets sent by qemu and then mac learning packets will be lost.
if you are using the iptables firewall and you have opnestack rock or later then if you enable post copy live migration it should reduce the downtime. in this conficution we do not have the race betwen neutron and libvirt so the rarp packets should not be lost.
Please, help me ? Any workaround , please ?
Best Regards Ignazio