Skip to content

Commit 0b1f091

Browse files
bjoerntbjoernt
committed
Update neutron-helm-overrides.yaml
Enable FDB learning for OVN as part of https://review.opendev.org/c/openstack/neutron/+/877675 which is observed once port security is disabled
1 parent 046a9aa commit 0b1f091

File tree

2 files changed

+12
-0
lines changed

2 files changed

+12
-0
lines changed

base-helm-configs/neutron/neutron-helm-overrides.yaml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -246,6 +246,12 @@ conf:
246246
ovn_l3_scheduler: leastloaded
247247
ovn_nb_connection: "tcp:127.0.0.1:6641"
248248
ovn_sb_connection: "tcp:127.0.0.1:6642"
249+
250+
# Fix disabled port security on provider network
251+
# https://review.opendev.org/c/openstack/neutron/+/877675
252+
localnet_learn_fdb: true
253+
fdb_age_threshold: 900
254+
fdb_removal_limit: 2048
249255
metadata_rate_limiting:
250256
rate_limit_enabled: true
251257
ip_versions: 4

releasenotes/notes/neutron-ovn-fdb-learning-fedb1a56b321ec8b.yaml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
---
2+
upgrade:
3+
- |
4+
Neutron OVN setting `localnet_learn_fdb` is now enabled to avoid flodding
5+
on provider networks once port security is disabled.
6+
See https://launchpad.net/bugs/2012069

0 commit comments

Comments
 (0)