Direct Server Return load balancer does not work in Red Hat OpenStack Platform with ML2/OVN plugin
Issue
- Implement a Direct Server Return load balancer on a instance of Red Hat OpenStack Platform.
Note:Direct Server Return
load balancer is also known asDirect Routing
load balancer. The name may vary depending on the load balancing software. - VIP of the load balancer has been added to
allowed-address-pairs
of the ports. - However, the Direct Server Return load balancer doesn't work.
Client cannot connect to the server via the load balancer. - Packet captures indicates that ACK packets are dropped when client send the packets to the load balancer.
Client Loadbalancer Server
InstanceA InstanceB InstanceC
aa:aa:aa:aa:aa:aa bb:bb:bb:bb:bb:bb cc:cc:cc:cc:cc:cc
10.0.0.1 10.0.0.100(VIP) 10.0.0.100(VIP)
| | |
| TCP SYN | |
| src: aa:aa:aa:aa:aa:aa | |
| 10.0.0.1 | |
| dst: bb:bb:bb:bb:bb:bb | |
| 10.0.0.100 | |
|-------------------------->| |
| | TCP SYN |
| | src: bb:bb:bb:bb:bb:bb |
| | 10.0.0.1 |
| | dst: cc:cc:cc:cc:cc:cc |
| | 10.0.0.100 |
| |---------------------------> eth1 - - - - > eth1 ------->|
| | computeA computeB |
| TCP SYN+ACK |
| src: cc:cc:cc:cc:cc:cc |
| 10.0.0.100 |
| dst: aa:aa:aa:aa:aa:aa |
| 10.0.0.1 VLAN 3 |
|<------------------------------------------------------- eth1 < - - - - eth1 <-------|
| | computeA computeB |
| TCP ACK | |
| src: aa:aa:aa:aa:aa:aa | |
| 10.0.0.1 | |
| dst: bb:bb:bb:bb:bb:bb | |
| 10.0.0.100 | |
|---------------------->* | |
| dropped | |
| here | |
| | |
- This issue doesn't occur on ML2/OVS environment.
Environment
- Red Hat OpenStack Platform 16.1
- Red Hat OpenStack Platform 16.2
- Red Hat OpenStack Platform 17.0
- ML2/OVN
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.