Fix OpFlex Identity Request for VLAN mode #652
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Commit Ifd20ed1848f3e775c5b5b0d9ef217b34d941ba01 introcuced a MAC address to the OpFlex Identity Request message to address use cases for the TEP MAC in transport mode. When VLAN encap is used, the code to set the TEP MAC isn't called, so the agent fills the MAC with an undetermined value (usualy all 0's, but could be non-zero memory as well). The server side application code was changed recently to address live- migration scenarios, which use this MAC value to identify movement of agents (e.g. when the agent is running inside a VM that's live-migrated). The change on the server side application is to send a Policy Update message to the agent with the PlatformConfig deleted event when it sees a MAC of 0's in the Identity Request, forcing the agent to restart the connection process. This results in constant agent restarts when the agent is using VLAN mode encapsulation. To avoid this behavior, this patch ensures that the MAC address in the Identity Request is set to a non-zero value (specifically, the value of the MAC for the interface specified in the "uplink-native-iface" parameter). Note that the uplink-native-iface provided must be a host-accessible interface (e.g. can't be an interface that's only visible to an OVS bridge, such as a patch port). The patch also extracts some of the static methods from TunnelEpManager.cpp, so that they can be used by other classes.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Commit Ifd20ed1848f3e775c5b5b0d9ef217b34d941ba01 introcuced a MAC address to the OpFlex Identity Request message to address use cases for the TEP MAC in transport mode. When VLAN encap is used, the code to set the TEP MAC isn't called, so the agent fills the MAC with an undetermined value (usualy all 0's, but could be non-zero memory as well).
The server side application code was changed recently to address live- migration scenarios, which use this MAC value to identify movement of agents (e.g. when the agent is running inside a VM that's live-migrated). The change on the server side application is to send a Policy Update message to the agent with the PlatformConfig deleted event when it sees a MAC of 0's in the Identity Request, forcing the agent to restart the connection process. This results in constant agent restarts when the agent is using VLAN mode encapsulation.
To avoid this behavior, this patch ensures that the MAC address in the Identity Request is set to a non-zero value (specifically, the value of the MAC for the interface specified in the "uplink-native-iface" parameter). Note that the uplink-native-iface provided must be a host-accessible interface (e.g. can't be an interface that's only visible to an OVS bridge, such as a patch port).
The patch also extracts some of the static methods from TunnelEpManager.cpp, so that they can be used by other classes.