RHBA-2021:2507 - Bug Fix Advisory

Topic

An update for ovn2.13 is now available in Fast Datapath for Red Hat
Enterprise Linux 7.

Description

OVN, the Open Virtual Network, is a system to support virtual network
abstraction. OVN complements the existing capabilities of OVS to add
native support for virtual network abstractions, such as virtual L2 and L3
overlays and security groups.

Bug Fix(es) and Enhancement(s):

• [ovn] Traffic between localnet and localport ports should be dropped (BZ#1942877)
• [OVN] ovn-ctl should wait for database processes being stopped (BZ#1944239)
• OVN builds too many lflows for ARP responding for load balancer VIPs (BZ#1945415)
• [OVN] Missing case in ovn-controller that delays port.up notifications (BZ#1946420)
• [ovn-controller] Packet drops when using logical_dp_groups when a lflow dp_group is updated. (BZ#1947056)
• [ovn-controller] OVS.Interface.external-ids:ovn-installed is not set if original OVS TXN failed. (BZ#1952846)
• OVN Expression parser generates repeated conjunctions (BZ#1955161)
• [OVN] Provider vlan offload is lost after enabling a tenant network (geneve) port with security groups (BZ#1955191)
• [ovn] Missing/wrong openflow rules after ofport change (BZ#1956748)
• [ovn] ARP broadcasts and duplicate mac address issues happen due to unexpected openflow rules before ovn-controller is fully up (BZ#1957025)
• --may-exist does not work on ECMP routes (BZ#1959909)

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

• Red Hat Enterprise Linux Fast Datapath 7 x86_64
• Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 7 ppc64le
• Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 7 s390x

Fixes

• BZ - 1942877 - [ovn] Traffic between localnet and localport ports should be dropped
• BZ - 1944239 - [OVN] ovn-ctl should wait for database processes being stopped
• BZ - 1945415 - OVN builds too many lflows for ARP responding for load balancer VIPs
• BZ - 1946420 - [OVN] Missing case in ovn-controller that delays port.up notifications
• BZ - 1947056 - [ovn-controller] Packet drops when using logical_dp_groups when a lflow dp_group is updated.
• BZ - 1952846 - [ovn-controller] OVS.Interface.external-ids:ovn-installed is not set if original OVS TXN failed.
• BZ - 1955161 - OVN Expression parser generates repeated conjunctions
• BZ - 1956748 - [ovn] Missing/wrong openflow rules after ofport change
• BZ - 1957025 - [ovn] ARP broadcasts and duplicate mac address issues happen due to unexpected openflow rules before ovn-controller is fully up
• BZ - 1959909 - --may-exist does not work on ECMP routes

CVEs

(none)

References

(none)