Traffic Flow is interrupted between nodes on different subnets/vlans from node but succeed from pods

Solution Unverified - Updated -

Issue

  • Host -> pod (or svc) is broken between nodes, but pod->pod (overlay->overlay) is working fine between pair of nodes.
  • Nodes are bridged via vlan management upstream from node layer (managed by vmware)
  • Nodes are aware of their peers on secondary vlan and all nodes respond to ICMP ping when queried
  • Nodes are unable to route traffic (curl to services/pods) hosted on secondary VLAN nodes; but PODS hosted on the same node CAN make the curl successfully.
  • This may affect nodes on VLAN1 hosting the router-default haproxy pods, which rely on HostNetwork to connect to peers; and may intermittently be unable to query peer services and pods on VLAN2.
  • Scaling up a test pod on host node on VLAN1 can consistently curl services/pods on VLAN2, even while host node is unable to complete the same.

Environment

  • Red Hat OpenShift Container Platform 4.10+
  • OpenShift-SDN
  • VSphere

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content