Merge "[OVN] Ensure traffic for provider vlan networks is not tunneled" into stable/wallaby

4 files changed, 36 insertions, 5 deletions

diff --git a/neutron/common/ovn/utils.py b/neutron/common/ovn/utils.py
index 09e3939ec2..5af6ba8f3a 100644
--- a/neutron/common/ovn/utils.py
+++ b/neutron/common/ovn/utils.py
@@ -22,6 +22,7 @@ from neutron_lib.api.definitions import extra_dhcp_opt as edo_ext
 from neutron_lib.api.definitions import l3
 from neutron_lib.api.definitions import port_security as psec
 from neutron_lib.api.definitions import portbindings
+from neutron_lib.api.definitions import provider_net
 from neutron_lib.api import validators
 from neutron_lib import constants as const
 from neutron_lib import context as n_context
@@ -582,6 +583,10 @@ def is_gateway_chassis_invalid(chassis_name, gw_chassis,
 
 
 def is_provider_network(network):
+    return network.get(provider_net.PHYSICAL_NETWORK, False)
+
+
+def is_external_network(network):
     return network.get(external_net.EXTERNAL, False)
 
 
diff --git a/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/maintenance.py b/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/maintenance.py
index 5df7536c26..083c8964c2 100644
--- a/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/maintenance.py
+++ b/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/maintenance.py
@@ -785,7 +785,10 @@ class DBInconsistenciesPeriodics(SchemaAwarePeriodicsBase):
         # Get router ports belonging to VLAN networks
         vlan_nets = self._ovn_client._plugin.get_networks(
             context, {pnet.NETWORK_TYPE: [n_const.TYPE_VLAN]})
-        vlan_net_ids = [vn['id'] for vn in vlan_nets]
+        # FIXME(ltomasbo): Once Bugzilla 2162756 is fixed the
+        # is_provider_network check should be removed
+        vlan_net_ids = [vn['id'] for vn in vlan_nets
+                        if not utils.is_provider_network(vn)]
         router_ports = self._ovn_client._plugin.get_ports(
             context, {'network_id': vlan_net_ids,
                       'device_owner': n_const.ROUTER_PORT_OWNERS})
diff --git a/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/ovn_client.py b/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/ovn_client.py
index 481c27162d..b951a542bc 100644
--- a/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/ovn_client.py
+++ b/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/ovn_client.py
@@ -1111,7 +1111,7 @@ class OVNClient(object):
                 # leak the RAs generated for the tenant networks via the
                 # provider network
                 ipv6_ra_configs['send_periodic'] = 'true'
-                if is_gw_port and utils.is_provider_network(net):
+                if is_gw_port and utils.is_external_network(net):
                     ipv6_ra_configs['send_periodic'] = 'false'
                 ipv6_ra_configs['mtu'] = str(net['mtu'])
 
@@ -1423,9 +1423,12 @@ class OVNClient(object):
         # logical router port is centralized in the chassis hosting the
         # distributed gateway port.
         # https://github.com/openvswitch/ovs/commit/85706c34d53d4810f54bec1de662392a3c06a996
+        # FIXME(ltomasbo): Once Bugzilla 2162756 is fixed the
+        # is_provider_network check should be removed
         if network.get(pnet.NETWORK_TYPE) == const.TYPE_VLAN:
             options[ovn_const.LRP_OPTIONS_RESIDE_REDIR_CH] = (
-                'false' if ovn_conf.is_ovn_distributed_floating_ip()
+                'false' if (ovn_conf.is_ovn_distributed_floating_ip() and
+                            not utils.is_provider_network(network))
                 else 'true')
 
         is_gw_port = const.DEVICE_OWNER_ROUTER_GW == port.get(
@@ -1837,8 +1840,9 @@ class OVNClient(object):
                 for subnet in subnets:
                     self.update_subnet(context, subnet, network, txn)
 
-                if utils.is_provider_network(network):
-                    # make sure to use admin context as this is a providernet
+                if utils.is_external_network(network):
+                    # make sure to use admin context as this is a external
+                    # network
                     self.set_gateway_mtu(n_context.get_admin_context(),
                                          network, txn)
 
diff --git a/releasenotes/notes/bug-2003455-b502cc637427560e.yaml b/releasenotes/notes/bug-2003455-b502cc637427560e.yaml
new file mode 100644
index 0000000000..2e89cf055f
--- /dev/null
+++ b/releasenotes/notes/bug-2003455-b502cc637427560e.yaml
@@ -0,0 +1,19 @@
+---
+fixes:
+  - |
+    [`bug 2003455 <https://bugs.launchpad.net/neutron/+bug/2003455>`_]
+    It is added an extra checking to ensure the "reside-on-redirect-chassis"
+    is set to true for the logical router port associated to vlan provider
+    network despite having the "ovn_distributed_floating_ip" enabled or not.
+    This is needed as there is an OVN bug
+    (https://bugzilla.redhat.com/show_bug.cgi?id=2162756) making it not work
+    as expected. Until that is fixed, we need these workaround
+    that makes the traffic centrallized, but not tunneled, through the node
+    with the gateway port, thus avoiding MTU issues.
+issues:
+  - |
+    Until the OVN bug (https://bugzilla.redhat.com/show_bug.cgi?id=2162756)
+    is fixed, setting the "reside-on-redirect-chassis" to true for the logical
+    router port associated to vlan provider network is needed. This workaround
+    makes the traffic centrallized, but not tunneled, through the node
+    with the gateway port, thus avoiding MTU issues.