(vv) root@wk:~/dev/tests/kube-ovn/ovn-vip-slr# k ko nbctl show ovn-default
switch 887cf610-d30d-45e1-9b12-ae1369e0fd45 (ovn-default)
    port ovn-default-ovn-cluster
        type: router
        router-port: ovn-cluster-ovn-default
    port coredns-787d4945fb-55zgx.kube-system
        addresses: ["00:00:00:65:79:8D 10.16.0.5"]
    port ovn-default-vip
        type: virtual
        addresses: ["00:00:00:93:04:11 10.16.0.10"]



**(vv) root@wk:~/dev/tests/kube-ovn/ovn-vip-slr# k ko nbctl lb-list
UUID                                    LB                  PROTO      VIP                     IPs
4703a0a4-c4df-4f70-869b-8f63cf6f102f    cluster-tcp-sess    tcp        1.1.1.1:8888            10.16.0.8:80,10.16.0.9:80
                                                            tcp        10.16.0.10:8888         10.16.0.8:80,10.16.0.9:80
                                                            
                                                 

nginx-netshoot-64c44bfcf6-2qzwv:~# curl 10.16.0.10:8888
curl: (7) Failed to connect to 10.16.0.10 port 8888 after 3067 ms: Couldn't connect to server
nginx-netshoot-64c44bfcf6-2qzwv:~#
nginx-netshoot-64c44bfcf6-2qzwv:~#
nginx-netshoot-64c44bfcf6-2qzwv:~#
nginx-netshoot-64c44bfcf6-2qzwv:~#
nginx-netshoot-64c44bfcf6-2qzwv:~# curl 1.1.1.1:8888
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

考虑基于arp_proxy 解决arp响应的问题，看是否之后会发出tcp包

> > +# 3 hypervisors, one logical switch, 3 logical ports per hypervisor, ARP proxy
> > +AT_SETUP([ovn -- 3 HVs, 1 LS, 3 lports/HV, ARP proxy]) > > +AT_KEYWORDS([ovnarpproxy]) > > +AT_SKIP_IF([test $HAVE_PYTHON = no]) > > +ovn_start > > + > > +# Create hypervisors hv[123]. > > +# Add vif1[123] to hv1, vif2[123] to hv2, vif3[123] to hv3. > > +# Add all of the vifs to a single logical switch lsw0. > > +# Set logical switch port lp11 as arp proxy. > > +ovn-nbctl ls-add lsw0 > > +net_add n1 > > +for i in 1 2 3; do > > +    sim_add hv$i > > +    as hv$i > > +    ovs-vsctl add-br br-phys > > +    ovn_attach n1 br-phys 192.168.0.$i > > + > > +    for j in 1 2 3; do > > +        ovs-vsctl add-port br-int vif$i$j -- set Interface vif$i$j external-ids:iface-id=lp$i$j options:tx_pcap=hv$i/vif$i$j-tx.pcap
options:rxq_pcap=hv$i/vif$i$j-rx.pcap ofport-request=$i$j
> > +        ovn-nbctl lsp-add lsw0 lp$i$j > > +        ovn-nbctl lsp-set-addresses lp$i$j "f0:00:00:00:00:$i$j 192.168.0.$i$j"
> > +    done > > +done > > +ovn-nbctl set Logical_Switch_Port lp11 options:arp_proxy=true

目前已确认可以基于lsp arp_proxy=true 实现switch lb rule vip 和 后端pod ip 为同一子网ip，目前该功能在vip crd 中已支持。

参考: www.mail-archive.com/ovs-dev@ope… mail.openvswitch.org/pipermail/o… patchwork.ozlabs.org/project/ope…