[ovirt-users] Re: How to fix ovn apparent inconsistency?
On Sat, Mar 23, 2019 at 7:44 PM Dominik Holler <dholler(a)redhat.com> wrote:
Sorry for late reply Dominik.... busy on other (interesting at least ;-)
things
> I have to dig a bit more, because from first tests if I start another VM
on
> the same ovn192 network also on the same host they are not able to
> communicate
> Possibly an iptables misconfiguration on host?
>
Just to understand the error, would you please check if
/var/log/openvswitch/ovn-controller.log
or any other logfile in the same directory contains any hints?
It seems not
Would communication using a new created ovn network without port
security enabled work?
I confirm that if I create a new ovn with security port "Disabled" the VMs
can communicate both when running on the same host and on hosts even in
different datacenters ;-)
I unplug vnic / change ovn network of vms to match the new one / plug vnics
again and they communicate.
I unplug vnic / change ovn network of vms to the old one with port securty
enabled / plug vnics again and they don't communicate.
Questions:
- what is the role of the "Network port security" option for an OVN network?
- what is the meaning of "Undefined" option for it other than
"Enabled" and
"Disabled"?
- it seems I cannot edit the value for "Network port security" option of an
existing OVN network, is it correct?
Thanks again,
Gianluca
Attachments:
- attachment.html (text/html — 2.1 KB)