oxidecomputer · zeeshanlakhani · Nov 29, 2025 · Dec 1, 2025 · Nov 30, 2025 · Dec 2, 2025
diff --git a/nexus/db-model/src/multicast_group.rs b/nexus/db-model/src/multicast_group.rs
@@ -178,28 +178,6 @@ pub struct ExternalMulticastGroup {
     pub ip_pool_range_id: Uuid,
     /// Primary multicast IP address (overlay/external).
     pub multicast_ip: IpNetwork,
-    /// Multicast VLAN (MVLAN) for egress multicast traffic to upstream networks.
-    ///
-    /// When specified, this VLAN ID is passed to switches (via DPD) as part of
-    /// the `ExternalForwarding` configuration to tag multicast packets leaving
-    /// the rack. This enables multicast traffic to traverse VLAN-segmented
-    /// upstream networks (e.g., peering with external multicast sources/receivers
-    /// on specific VLANs).
-    ///
-    /// The MVLAN value is sent to switches during group creation/updates and
-    /// controls VLAN tagging for egress traffic only; it does not affect ingress
-    /// multicast traffic received by the rack. Switch port selection for egress
-    /// traffic remains pending (see TODOs in `nexus/src/app/multicast/dataplane.rs`).
-    ///
-    /// Valid range when specified: 2-4094 (IEEE 802.1Q; Dendrite requires >= 2).
-    ///
-    /// Database Type: i16 (INT2) - this field uses `i16` (INT2) for storage
-    /// efficiency, unlike other VLAN columns in the schema which use `SqlU16`
-    /// (forcing INT4). Direct `i16` is appropriate here since VLANs fit in
-    /// INT2's range.
-    ///
-    /// TODO(multicast): Remove mvlan field - being deprecated from multicast groups
-    pub mvlan: Option<i16>,
     /// Associated underlay group for NAT.
     /// Initially None in ["Creating"](MulticastGroupState::Creating) state,
     /// populated by reconciler when group becomes ["Active"](MulticastGroupState::Active).
@@ -248,11 +226,11 @@ pub struct MulticastGroupMemberValues {
     pub parent_id: Uuid,
     pub sled_id: Option<DbTypedUuid<SledKind>>,
     pub state: MulticastGroupMemberState,
-    // version_added and version_removed are omitted - database assigns these
-    // via DEFAULT nextval()
     pub multicast_ip: IpNetwork,
     /// Source IPs for source-filtered multicast (optional for ASM, required for SSM).
     pub source_ips: Vec<IpNetwork>,
+    // version_added and version_removed are omitted - database assigns these
+    // via DEFAULT nextval()
 }
 
 /// A member of a multicast group (instance that receives multicast traffic).
@@ -329,9 +307,7 @@ impl TryFrom<MulticastGroupMember> for views::MulticastGroupMember {
 
 /// An incomplete external multicast group, used to store state required for
 /// issuing the database query that selects an available multicast IP and stores
-/// the resulting record.
-///
-/// Note: tag is computed in SQL as `{uuid}:{multicast_ip}`.
+/// the resulting record. Tag is computed in SQL as `{uuid}:{multicast_ip}`.
 #[derive(Clone, Debug, PartialEq, Eq)]
 pub struct IncompleteExternalMulticastGroup {
     pub id: Uuid,
@@ -341,7 +317,6 @@ pub struct IncompleteExternalMulticastGroup {
     pub ip_pool_id: Uuid,
     /// Optional address requesting a specific multicast IP be allocated.
     pub explicit_address: Option<IpNetwork>,
-    pub mvlan: Option<i16>,
     pub vni: Vni,
 }
 
@@ -353,7 +328,6 @@ pub struct IncompleteExternalMulticastGroupParams {
     pub description: String,
     pub ip_pool_id: Uuid,
     pub explicit_address: Option<IpAddr>,
-    pub mvlan: Option<i16>,
     pub vni: Vni,
 }
 
@@ -367,7 +341,6 @@ impl IncompleteExternalMulticastGroup {
             time_created: Utc::now(),
             ip_pool_id: params.ip_pool_id,
             explicit_address: params.explicit_address.map(|ip| ip.into()),
-            mvlan: params.mvlan,
             vni: params.vni,
         }
     }

diff --git a/nexus/db-model/src/schema_versions.rs b/nexus/db-model/src/schema_versions.rs
@@ -16,7 +16,7 @@ use std::{collections::BTreeMap, sync::LazyLock};
 ///
 /// This must be updated when you change the database schema.  Refer to
 /// schema/crdb/README.adoc in the root of this repository for details.
-pub const SCHEMA_VERSION: Version = Version::new(220, 0, 0);
+pub const SCHEMA_VERSION: Version = Version::new(221, 0, 0);
 
 /// List of all past database schema versions, in *reverse* order
 ///
@@ -28,6 +28,7 @@ static KNOWN_VERSIONS: LazyLock<Vec<KnownVersion>> = LazyLock::new(|| {
         // |  leaving the first copy as an example for the next person.
         // v
         // KnownVersion::new(next_int, "unique-dirname-with-the-sql-files"),
+        KnownVersion::new(221, "multicast-drop-mvlan"),
         KnownVersion::new(220, "multicast-implicit-lifecycle"),
         KnownVersion::new(219, "blueprint-sled-last-used-ip"),
         KnownVersion::new(218, "measurements"),

diff --git a/nexus/db-queries/src/db/datastore/multicast/groups.rs b/nexus/db-queries/src/db/datastore/multicast/groups.rs
@@ -38,7 +38,6 @@ use omicron_common::api::external::{
     IdentityMetadataCreateParams, IpVersion, ListResultVec, LookupResult,
     LookupType, ResourceType, UpdateResult,
 };
-use omicron_common::vlan::VlanID;
 use omicron_uuid_kinds::{GenericUuid, MulticastGroupUuid};
 
 use super::EnsureUnderlayResult;
@@ -57,41 +56,22 @@ use crate::db::update_and_check::{UpdateAndCheck, UpdateStatus};
 /// External multicast group with computed source IPs from members.
 ///
 /// The `source_ips` field contains the union of all member source IPs,
-/// computed via a separate query. This struct enables a clean `TryFrom`
-/// conversion to the API view.
-///
-// TODO(multicast): Remove mvlan field, being deprecated from multicast groups
+/// computed via a separate query.
 #[derive(Clone, Debug)]
 pub struct ExternalMulticastGroupWithSources {
     pub group: ExternalMulticastGroup,
     pub source_ips: Vec<IpAddr>,
 }
 
-impl TryFrom<ExternalMulticastGroupWithSources> for views::MulticastGroup {
-    type Error = external::Error;
-
-    fn try_from(
-        value: ExternalMulticastGroupWithSources,
-    ) -> Result<Self, Self::Error> {
-        let mvlan = value
-            .group
-            .mvlan
-            .map(|vlan| VlanID::new(vlan as u16))
-            .transpose()
-            .map_err(|e| {
-                external::Error::internal_error(&format!(
-                    "invalid VLAN ID: {e:#}"
-                ))
-            })?;
-
-        Ok(views::MulticastGroup {
+impl From<ExternalMulticastGroupWithSources> for views::MulticastGroup {
+    fn from(value: ExternalMulticastGroupWithSources) -> Self {
+        views::MulticastGroup {
             identity: value.group.identity(),
             multicast_ip: value.group.multicast_ip.ip(),
             source_ips: value.source_ips,
-            mvlan,
             ip_pool_id: value.group.ip_pool_id,
             state: value.group.state.to_string(),
-        })
+        }
     }
 }
 
@@ -104,7 +84,6 @@ pub(crate) struct MulticastGroupAllocationParams {
     pub identity: IdentityMetadataCreateParams,
     pub ip: Option<IpAddr>,
     pub pool: Option<authz::IpPool>,
-    pub mvlan: Option<VlanID>,
     /// Derived for whether the joining member has source IPs.
     /// Used for default pool selection -> if true, prefer SSM pool first.
     pub has_sources: bool,
@@ -257,7 +236,6 @@ impl DataStore {
                 identity: params.identity.clone(),
                 ip: params.multicast_ip,
                 pool: authz_pool,
-                mvlan: params.mvlan,
                 has_sources: params.has_sources,
                 ip_version: params.ip_version,
             },
@@ -608,7 +586,6 @@ impl DataStore {
                 description: params.identity.description.clone(),
                 ip_pool_id: authz_pool.id(),
                 explicit_address: params.ip,
-                mvlan: params.mvlan.map(|vlan_id| u16::from(vlan_id) as i16),
                 vni,
             },
         );
@@ -986,7 +963,6 @@ mod tests {
                 description: "First group".to_string(),
             },
             multicast_ip: None,
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -1002,7 +978,6 @@ mod tests {
                 description: "Second group".to_string(),
             },
             multicast_ip: None,
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -1018,7 +993,6 @@ mod tests {
                 description: "Should fail".to_string(),
             },
             multicast_ip: None,
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -1092,7 +1066,6 @@ mod tests {
                 description: "Group using default pool".to_string(),
             },
             multicast_ip: None,
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -1118,7 +1091,6 @@ mod tests {
                 description: "Group with explicit pool".to_string(),
             },
             multicast_ip: None,
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -1246,7 +1218,6 @@ mod tests {
                 description: "Comprehensive test group".to_string(),
             },
             multicast_ip: Some("224.1.3.3".parse().unwrap()),
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -1348,7 +1319,6 @@ mod tests {
                     .to_string(),
             },
             multicast_ip: None, // Let it allocate from pool
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -1562,7 +1532,6 @@ mod tests {
                 description: "Group for IP reuse test".to_string(),
             },
             multicast_ip: Some(target_ip),
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -1590,7 +1559,6 @@ mod tests {
                 description: "Second group reusing same IP".to_string(),
             },
             multicast_ip: Some(target_ip),
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -1676,7 +1644,6 @@ mod tests {
                 description: "First group to exhaust pool".to_string(),
             },
             multicast_ip: None,
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -1694,7 +1661,6 @@ mod tests {
                 description: "Second group should fail".to_string(),
             },
             multicast_ip: None,
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -1725,7 +1691,6 @@ mod tests {
                     .to_string(),
             },
             multicast_ip: None,
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -1812,7 +1777,6 @@ mod tests {
                 description: "Group for deallocation testing".to_string(),
             },
             multicast_ip: None,
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -1937,7 +1901,6 @@ mod tests {
                 description: "Test group for fetch operations".to_string(),
             },
             multicast_ip: Some("224.100.10.5".parse().unwrap()),
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -2044,7 +2007,6 @@ mod tests {
                 description: "Fleet-wide group 1".to_string(),
             },
             multicast_ip: Some("224.100.20.10".parse().unwrap()),
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -2055,7 +2017,6 @@ mod tests {
                 description: "Fleet-wide group 2".to_string(),
             },
             multicast_ip: Some("224.100.20.11".parse().unwrap()),
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -2066,7 +2027,6 @@ mod tests {
                 description: "Fleet-wide group 3".to_string(),
             },
             multicast_ip: Some("224.100.20.12".parse().unwrap()),
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -2175,7 +2135,6 @@ mod tests {
                 description: "Test group for state transitions".to_string(),
             },
             multicast_ip: Some("224.100.30.5".parse().unwrap()),
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -2515,7 +2474,6 @@ mod tests {
                 description: "Group using ASM pool".to_string(),
             },
             multicast_ip: None, // No explicit IP -> triggers pool auto-selection
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -2606,7 +2564,6 @@ mod tests {
                 description: "Should fall back to ASM when no SSM".to_string(),
             },
             multicast_ip: None,
-            mvlan: None,
             has_sources: true,
             ip_version: None,
         };
@@ -2679,7 +2636,6 @@ mod tests {
                 description: "Should prefer SSM over ASM".to_string(),
             },
             multicast_ip: None,
-            mvlan: None,
             has_sources: true,
             ip_version: None,
         };
@@ -2703,7 +2659,6 @@ mod tests {
                 description: "has_sources=false should use ASM".to_string(),
             },
             multicast_ip: None,
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -2838,7 +2793,6 @@ mod tests {
                     .to_string(),
             },
             multicast_ip: None,
-            mvlan: None,
             has_sources: true,
             ip_version: None,
         };
@@ -2919,7 +2873,6 @@ mod tests {
                 description: "First group for collision test".to_string(),
             },
             multicast_ip: Some("224.10.1.1".parse().unwrap()),
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -2935,7 +2888,6 @@ mod tests {
                 description: "Second group for collision test".to_string(),
             },
             multicast_ip: Some("224.10.1.2".parse().unwrap()),
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };
@@ -3059,7 +3011,6 @@ mod tests {
                 description: "Group for salt testing".to_string(),
             },
             multicast_ip: Some("224.20.1.1".parse().unwrap()),
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };

diff --git a/nexus/db-queries/src/db/datastore/multicast/members.rs b/nexus/db-queries/src/db/datastore/multicast/members.rs
@@ -932,7 +932,6 @@ mod tests {
             },
             multicast_ip: Some("224.10.1.6".parse().unwrap()),
             // Pool resolved via authz_pool argument to datastore call
-            mvlan: None,
             has_sources: false,
             ip_version: None,
         };

diff --git a/nexus/db-queries/src/db/pub_test_utils/multicast.rs b/nexus/db-queries/src/db/pub_test_utils/multicast.rs
@@ -199,7 +199,6 @@ pub async fn create_test_group_with_state(
             description: format!("Test group: {group_name}"),
         },
         multicast_ip: Some(multicast_ip.parse().unwrap()),
-        mvlan: None,
         has_sources: false,
         ip_version: None,
     };