Ovirt KVM, connection lost after VM migration within the cluster

  • 0
  • 1
  • Problem
  • Updated 3 years ago
  • Solved
Hello, 
Im setting up an Ovirt HA KVM environment with two stacked x440 Summit switches.
My cluster has only two nodes, and I'm currently testing the live migration with a virtualized firewall (pfsense).

The firewall has many virtual interfaces (wan0-wan3) which act as dhcp client on different VLANs. After migrating the firewall to another cluster node, the interfaces lose the ip and the data connection, while the link stays up. After moving the VM back everything works again. 

The switch has no special configuration. What is needed to get the VMs running with IPs from an external DHCP on the wan interfaces? 
Do I need VM-Tracking, to allow the movement of the MAC address from one physical port to another?


show iparp:

Dynamic Entries  :           3             Static Entries            :          0
Pending Entries  :           0
In Request       :      293832             In Response               :    1524218
Out Request      :     1524043             Out Response              :       1194
Failed Requests  :           1
Proxy Answered   :           0
Rx Error         :           0             Dup IP Addr               :     192.168.1.1
Rejected Count   :      277511             Rejected IP               :     192.168.3.4
Rejected Port    :         1:1             Rejected I/F              : wan1

Max ARP entries  :        8192             Max ARP pending entries   :        256
ARP address check:    Enabled              ARP refresh               :    Enabled
Timeout          :          20 minutes     ARP Sender-Mac Learning   : both-request-and-reply
Locktime         :        1000 milliseconds
Retransmit Time  :        1000 milliseconds
Reachable Time   :      900000 milliseconds (Auto)
Fast Convergence :         Off

Switches:
ExtremeXOS version 16.1.1.4
X440-48p-10G (Stack)


Thanks for any suggestions
Photo of Florian Nolden

Florian Nolden

  • 110 Points 100 badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of agd

agd

  • 382 Points 250 badge 2x thumb
Hi, as I understand on the switch there's no need to make an extra configuration.
The problem can be on the oVirt side, both hypervisors have attached the virtual networks that the pfsense VM "needs" ?

BR.
Photo of Florian Nolden

Florian Nolden

  • 110 Points 100 badge 2x thumb
Without the attached networks I would get errors during the migration and also would have inconsistencys in the cluster. However, the network setup is not easy, with four physical links as 2x 2 lacp and multiple vlans on top of them, I will check that again.
I thought that the switch sets the ip/mac as dublicated after the migration and rejects all traffic in. Im also wondering why the Reject Count is so high and the out response is so low in my iparp stats.

Thanks
Photo of Florian Nolden

Florian Nolden

  • 110 Points 100 badge 2x thumb
I found my issue! It was not switch related. The bond0 slave interfaces where recreated by ovirt, using the propper interface name, while I choose a other name during the initial os installation. However, these interface configuration was still there and caused the trouble on all Vlans over this bond interface. The RX value of these VLAN interfaces where all zero. 
After deleting the old bond slave interface configuration files, I rebooted. Now it seems to work as expected.

Thanks for pointing me in the right direction!
Photo of agd

agd

  • 382 Points 250 badge 2x thumb
Great, thanks for the update.

BR.