OVN Load Balancer on Incus Cluster - ARP Requests and Intermittent Connectivity Issue

xlmnxp · October 23, 2025, 9:20am

Hello,

I’m running an Incus cluster with an OVN network setup using a bridge named incus-bridge as uplink. The load balancer IP 10.12.10.170/32 forwards to an nginx container at 10.6.31.5. Initially, I can curl the load balancer IP, but after some time it stops responding.

Using tcpdump on incus-bridge, I see continuous ARP requests for 10.12.10.170 with no replies. Restarting ovn-controller temporarily fixes connectivity. The IP 10.12.10.170 is not assigned to any host interface; I expect OVN to manage it via the physical interface ens160.

nginx container detail:

nginx-test | RUNNING | 10.6.31.5 (eth0) | CONTAINER (APP) | cluster-node-03

incus-bridge config manifest:

ipv4.address: 10.6.30.1/16
ipv4.dhcp: "true"
ipv4.dhcp.ranges: 10.6.30.1-10.6.30.254
ipv4.nat: "true"
ipv4.ovn.ranges: 10.6.31.1-10.6.31.254
ipv4.routes: 10.12.10.170/32, 10.12.10.171/32, 10.12.10.172/32

cluster-default-network config manifest:

bridge.mtu: "1442"
ipv4.address: 10.6.31.1/24
ipv4.nat: "true"
network: incus-bridge
volatile.network.ipv4.address: 10.6.31.1

Load balancer config for 10.12.10.170:

backends:
- name: nginx
  target_port: "80"
  target_address: 10.6.31.5
ports:
- protocol: tcp
  listen_port: "80"
 target_backend:
 - nginx
listen_address: 10.12.10.170

Tcpdump outputs:

...
08:16:44.833221 ARP, Request who-has 10.12.10.170 tell ubuntu2204, length 28
08:16:45.857252 ARP, Request who-has 10.12.10.170 tell ubuntu2204, length 28
...

How should OVN handle this floating IP to answer ARP requests reliably and avoid intermittent failures? Is there a recommended way to bind or assign the IP on the physical interface or host side?

Thanks!

stgraber · October 23, 2025, 6:41pm

What version of OVN are you running?

xlmnxp · October 26, 2025, 4:36am

latest version in official Ubuntu 24.04.3 LTS repository:

$ ovn-controller --version
ovn-controller 24.03.6
Open vSwitch Library 3.3.4
OpenFlow versions 0x6:0x6
SB DB Schema 20.33.0

xlmnxp · October 28, 2025, 8:37am

I can reach the OVN load balancer from outside of cluster network by adding the address to any interface then delete it after few seconds and restart ovn-controller (it work for few minutes too and I think it work because of DHCP lease)

ip a add 10.12.10.170/24 dev ens160
ip a del 10.12.10.170/24 dev ens160
systemctl restart ovn-controller.service

but still facing same issue, no replies to ARP requests after some time

xlmnxp · November 5, 2025, 7:33am

Hmm, I tried to solve the issue for few days without luck,
Is OVN on Bridge interface don’t support load balance?
also should I can access the VM/Container OVN from host without load balancer (because I cannot)?