Return (ack) packets are not seen in the network node

asked 2018-11-12 08:15:29 -0600

mariusleu gravatar image

Hi, I have an Openstack Rocky installation.

The external bridge (br-ex) is only on the network node, while the compute nodes only have the tunnel bridge (br-tun). So SNAT and DNAT is done by the network node, which is in dvr_snat mode (east-west is handled by compute nodes using dvr).

While performing some download / iperf tests on a VM, I am doing also tcpdump on the qruouter namespace of the network node and of the compute node.

In the network node qrouter namespace I can only see "seq" or data packets like this:

16:06:33.822051 IP 94.130.38.154.http > 10.0.0.11.44970: Flags [.], seq 154487540:154506412, ack 1, win 235, options [nop,nop,TS val 1323375434 ecr 1831090179], length 18872: HTTP

While in the compute node in qrouter namespace I can only see the "ack" packets:

16:06:30.722865 IP 10.0.0.11.44970 > 94.130.38.154.http: Flags [.], ack 19614749, win 1382, options [nop,nop,TS val 1831087121 ecr 1323374661], length 0

Is this normal ? I am also facing lower download speed on the VM than the host (about half the speed).

edit retag flag offensive close merge delete