- Issued:
- 2020-05-26
- Updated:
- 2020-05-26
RHBA-2020:2317 - Bug Fix Advisory
Synopsis
ovn2.13 bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for ovn2.13 is now available in Fast Datapath for Red Hat Enterprise Linux 7.
Description
OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native support for virtual network abstractions, such as virtual L2 and L3 overlays and security groups.
Bug Fix(es) and Enhancement(s):
- [RFE][OVN] IPv6 multicast snooping support (MLD) (BZ#1757716)
- ovn-nbctl --daemon --pidfile will create file under path /var/run/openvswitch/,but ovn 2.12 is seperated from ovs now (BZ#1778016)
- health check for load balance doesn't work if ip is not set for logical switch port (BZ#1801058)
- [2.13]fail to ping6 FIP on external namespace after destroy mac_binding of external ipv6 with ovn-sbctl (BZ#1815009)
- [OVN] QoS rules share the same Openflow meter (BZ#1817606)
- [ovn2.13]dns should not be case sensitive (BZ#1819069)
- ovn_controller crashes after setup is up for a day (BZ#1819604)
- HAProxy Router performance is off with OVNKubernetes as SDN on OCP 4.3.9 deployed on AWS (BZ#1819785)
- Add param to configure ovsdb replication probe interval (BZ#1822859)
- RFE: OVN - Support IPv6 Prefix Delegation (BZ#1823226)
- OVN doesn't allow TCP reset or ICMP unreachable packets when caller has no ingress ACL configured (BZ#1823755)
- ovs-vswitchd crashes with segmentation fault due to packet loop in OVN (BZ#1825334)
- ovn won't generate ipv6_prefix when receive prefix delegation packet without status code present (BZ#1826623)
- ipv6_prefix can't be cleared even stop prefix delegation (BZ#1826683)
- ipv6 prefix delegation solicit would still be sent even set logical router port as enabled=false (BZ#1827084)
- ovn should discards any prefixes for which the preferred lifetime is greater than the valid lifetime (BZ#1827090)
- Explosion of logical flows in sb database after scaling to 100 nodes because of pre-hairpin changes (BZ#1827403)
- ovn-northd does not release memory after cleanup (BZ#1827769)
- [Telco] northd: detect and correct DB consistency and referential integrity issues (BZ#1828637)
- payload for icmp6 reply is not as expected when reject acl is added (BZ#1834655)
- Error with large openflow messages (BZ#1838166)
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat Enterprise Linux Fast Datapath 7 x86_64
- Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 7 ppc64le
- Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 7 s390x
Fixes
- BZ - 1757716 - [RFE][OVN] IPv6 multicast snooping support (MLD)
- BZ - 1778016 - ovn-nbctl --daemon --pidfile will create file under path /var/run/openvswitch/,but ovn 2.12 is seperated from ovs now
- BZ - 1801058 - health check for load balance doesn't work if ip is not set for logical switch port
- BZ - 1815009 - [2.13]fail to ping6 FIP on external namespace after destroy mac_binding of external ipv6 with ovn-sbctl
- BZ - 1817606 - [OVN] QoS rules share the same Openflow meter
- BZ - 1819069 - [ovn2.13]dns should not be case sensitive
- BZ - 1819604 - ovn_controller crashes after setup is up for a day
- BZ - 1819785 - HAProxy Router performance is off with OVNKubernetes as SDN on OCP 4.3.9 deployed on AWS
- BZ - 1822859 - Add param to configure ovsdb replication probe interval
- BZ - 1823226 - RFE: OVN - Support IPv6 Prefix Delegation
- BZ - 1823755 - OVN doesn't allow TCP reset or ICMP unreachable packets when caller has no ingress ACL configured
- BZ - 1825334 - ovs-vswitchd crashes with segmentation fault due to packet loop in OVN
- BZ - 1826623 - ovn won't generate ipv6_prefix when receive prefix delegation packet without status code present
- BZ - 1826683 - ipv6_prefix can't be cleared even stop prefix delegation
- BZ - 1827084 - ipv6 prefix delegation solicit would still be sent even set logical router port as enabled=false
- BZ - 1827090 - ovn should discards any prefixes for which the preferred lifetime is greater than the valid lifetime
- BZ - 1827403 - Explosion of logical flows in sb database after scaling to 100 nodes because of pre-hairpin changes
- BZ - 1827769 - ovn-northd does not release memory after cleanup
- BZ - 1828637 - [Telco] northd: detect and correct DB consistency and referential integrity issues
- BZ - 1834655 - payload for icmp6 reply is not as expected when reject acl is added
- BZ - 1838166 - Error with large openflow messages
CVEs
(none)
References
(none)
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux Fast Datapath 7
| SRPM | |
|---|---|
| ovn2.13-2.13.0-31.el7fdp.src.rpm | SHA-256: caa307ce6914009935e1cdd08f8eacbcdf4ced0e7d91c94f73014c258a5caddb |
| x86_64 | |
| ovn2.13-2.13.0-31.el7fdp.x86_64.rpm | SHA-256: 669624cdc4f6d731568b33e6855e4d6fa46da06dd11e8c4507b212d0f4a6e325 |
| ovn2.13-central-2.13.0-31.el7fdp.x86_64.rpm | SHA-256: d5d6a8e89abf89964a13293320753a1575b81a96f57249a033239cd25720bc92 |
| ovn2.13-debuginfo-2.13.0-31.el7fdp.x86_64.rpm | SHA-256: 91bb014ea613197dc506205c1a760b9c08e591929b92a20c80afef8b5c6d88bf |
| ovn2.13-host-2.13.0-31.el7fdp.x86_64.rpm | SHA-256: e5ab402eec13b98aa0845fe03dd8143ce63887964e22b4e83430666ccfd3b841 |
| ovn2.13-vtep-2.13.0-31.el7fdp.x86_64.rpm | SHA-256: b7f80dda07622ad980e074e92dfea5435d205bec611d95547ca39c926b6c03f9 |
Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 7
| SRPM | |
|---|---|
| ovn2.13-2.13.0-31.el7fdp.src.rpm | SHA-256: caa307ce6914009935e1cdd08f8eacbcdf4ced0e7d91c94f73014c258a5caddb |
| ppc64le | |
| ovn2.13-2.13.0-31.el7fdp.ppc64le.rpm | SHA-256: 7862d16c4a08c081721addd80cf3214722f2163ca74a15a983317aee4446a510 |
| ovn2.13-2.13.0-31.el7fdp.ppc64le.rpm | SHA-256: 7862d16c4a08c081721addd80cf3214722f2163ca74a15a983317aee4446a510 |
| ovn2.13-central-2.13.0-31.el7fdp.ppc64le.rpm | SHA-256: 5db1520a6dd527fa5abb49ed52cab37ef3df560013fc3e5a6fc3edd1b2461e91 |
| ovn2.13-central-2.13.0-31.el7fdp.ppc64le.rpm | SHA-256: 5db1520a6dd527fa5abb49ed52cab37ef3df560013fc3e5a6fc3edd1b2461e91 |
| ovn2.13-debuginfo-2.13.0-31.el7fdp.ppc64le.rpm | SHA-256: 21d7b5b046e9a27e3fdfc3a4d002699ba2dc0b1e57f16177f5c4e3b46b61a5ba |
| ovn2.13-debuginfo-2.13.0-31.el7fdp.ppc64le.rpm | SHA-256: 21d7b5b046e9a27e3fdfc3a4d002699ba2dc0b1e57f16177f5c4e3b46b61a5ba |
| ovn2.13-host-2.13.0-31.el7fdp.ppc64le.rpm | SHA-256: 622f0cf87e60f572fbdc633ab1e0a6c27c987f8931de9523dcfa05731f293230 |
| ovn2.13-host-2.13.0-31.el7fdp.ppc64le.rpm | SHA-256: 622f0cf87e60f572fbdc633ab1e0a6c27c987f8931de9523dcfa05731f293230 |
| ovn2.13-vtep-2.13.0-31.el7fdp.ppc64le.rpm | SHA-256: 4efc1c5f75e5da21aada4149de1e669b5f84fccab5352739ddeca21291dc1884 |
| ovn2.13-vtep-2.13.0-31.el7fdp.ppc64le.rpm | SHA-256: 4efc1c5f75e5da21aada4149de1e669b5f84fccab5352739ddeca21291dc1884 |
Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 7
| SRPM | |
|---|---|
| ovn2.13-2.13.0-31.el7fdp.src.rpm | SHA-256: caa307ce6914009935e1cdd08f8eacbcdf4ced0e7d91c94f73014c258a5caddb |
| s390x | |
| ovn2.13-2.13.0-31.el7fdp.s390x.rpm | SHA-256: 5edc46a7ec8241df820d8291e0783a054c2488cf9d0da96f6f015babea6db3a3 |
| ovn2.13-central-2.13.0-31.el7fdp.s390x.rpm | SHA-256: a13839cf1233bd7012d42d6157cec0397ebd9f29f8fed78fc8865438435960a2 |
| ovn2.13-debuginfo-2.13.0-31.el7fdp.s390x.rpm | SHA-256: 2f2eef83f833f20c160fe3306a36b264c691e98b5c5b00bbdf5b09b428b47b4d |
| ovn2.13-host-2.13.0-31.el7fdp.s390x.rpm | SHA-256: 60d2a8db59dfd18378146c14461bc47212680a22159372f4024bb90d90270547 |
| ovn2.13-vtep-2.13.0-31.el7fdp.s390x.rpm | SHA-256: 5f1fdf445ead1f240c26665adceb647a5957877db666cd986416904740d4504d |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
