Hi, Maybe You hit this bug [1]. Please check what ovn version do You have and maybe update it if needed. On Mon, Sep 07, 2020 at 06:23:44PM +0430, Reza Bakhshayeshi wrote:
Hi all,
I deployed an environment with TripleO Ussuri with 3 HA Controllers and some Compute nodes with neutron-ovn-dvr-ha.yaml Instances have Internet access through routers with SNAT traffic (in this case traffic is routed via a controller node), and by assigning IP address directly from provider network (not having a router).
But in case of assigning FIP from provider to an instance, VM Internet connection is lost. Here is the output of router nat lists, which seems OK:
# ovn-nbctl lr-nat-list 587182a4-4d6b-41b0-9fd8-4c1be58811b0 TYPE EXTERNAL_IP EXTERNAL_PORT LOGICAL_IP EXTERNAL_MAC LOGICAL_PORT dnat_and_snat X.X.X.X 192.168.0.153 fa:16:3e:0a:86:4d e65bd8e9-5f95-4eb2-a316-97e86fbdb9b6 snat Y.Y.Y.Y 192.168.0.0/24
I replaced FIP with X.X.X.X and router IP with Y.Y.Y.Y
When I remove * EXTERNAL_MAC* and *LOGICAL_PORT*, FIP works fine and as it has to be, but traffic routes from a Controller node and it won't be distributed anymore.
Any idea or suggestion would be grateful. Regards, Reza
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1834433 -- Slawek Kaplonski Principal software engineer Red Hat