diff --git a/go-controller/pkg/ovn/base_network_controller_secondary.go b/go-controller/pkg/ovn/base_network_controller_secondary.go index 8a77a87209f..793ac3ae447 100644 --- a/go-controller/pkg/ovn/base_network_controller_secondary.go +++ b/go-controller/pkg/ovn/base_network_controller_secondary.go @@ -327,10 +327,13 @@ func (bsnc *BaseSecondaryNetworkController) addLogicalPortToNetworkForNAD(pod *k return err } } - - if bsnc.doesNetworkRequireIPAM() && util.IsMultiNetworkPoliciesSupportEnabled() { + if bsnc.doesNetworkRequireIPAM() && (util.IsMultiNetworkPoliciesSupportEnabled() || bsnc.multicastSupport) { // Ensure the namespace/nsInfo exists - addOps, err := bsnc.addPodToNamespaceForSecondaryNetwork(pod.Namespace, podAnnotation.IPs) + portUUID := "" + if lsp != nil { + portUUID = lsp.UUID + } + addOps, err := bsnc.addPodToNamespaceForSecondaryNetwork(pod.Namespace, podAnnotation.IPs, portUUID) if err != nil { return err } @@ -556,7 +559,7 @@ func (bsnc *BaseSecondaryNetworkController) syncPodsForSecondaryNetwork(pods []i } // addPodToNamespaceForSecondaryNetwork returns the ops needed to add pod's IP to the namespace's address set. -func (bsnc *BaseSecondaryNetworkController) addPodToNamespaceForSecondaryNetwork(ns string, ips []*net.IPNet) ([]ovsdb.Operation, error) { +func (bsnc *BaseSecondaryNetworkController) addPodToNamespaceForSecondaryNetwork(ns string, ips []*net.IPNet, portUUID string) ([]ovsdb.Operation, error) { var ops []ovsdb.Operation var err error nsInfo, nsUnlock, err := bsnc.ensureNamespaceLockedForSecondaryNetwork(ns, true, nil) @@ -570,6 +573,12 @@ func (bsnc *BaseSecondaryNetworkController) addPodToNamespaceForSecondaryNetwork return nil, err } + if portUUID != "" && nsInfo.portGroupName != "" { + if ops, err = libovsdbops.AddPortsToPortGroupOps(bsnc.nbClient, ops, nsInfo.portGroupName, portUUID); err != nil { + return nil, err + } + } + return ops, nil }