CRE-2024-0018
Neutron Open Virtual Network (OVN) high CPU usageMediumImpact: 4/10Mitigation: 5/10
CRE-2024-0018View on GitHub
Description
OVN daemons (e.g., ovn-controller) are stuck in a tight poll loop, driving CPU to 100 %. Logs show “Dropped … due to excessive rate” or
“Unreasonably long … poll interval,” slowing port-binding and network traffic.
Cause
- Probe interval too low leads to constant keep-alives
- Burst of logical-flow updates (security-groups, LB changes)
- Poll-loop bug in OVN ≤ 20.2.0
- CPU contention with GPU workloads; no offload/D PDK
Mitigation
Increase the OVN remote probe interval to 30 seconds:
ovs-vsctl set open . external_ids:ovn-remote-probe-interval=30000