diff --git a/dist/images/Dockerfile.base b/dist/images/Dockerfile.base
index 1e43563bc02..b11c52bac25 100644
--- a/dist/images/Dockerfile.base
+++ b/dist/images/Dockerfile.base
@@ -46,7 +46,7 @@ RUN cd /usr/src/ && git clone -b branch-22.12 --depth=1 https://github.com/ovn-o
     # fix lr-lb dnat with multiple distributed gateway ports
     curl -s https://github.com/kubeovn/ovn/commit/80f37c2debbf9f5230403691f791d11cc2b2e277.patch | git apply && \
     # lflow: do not send direct traffic between lports to conntrack
-    curl -s https://github.com/kubeovn/ovn/commit/6f1af045845deeabf06fdc7c90073e0a6874ab2f.patch | git apply && \
+    curl -s https://github.com/kubeovn/ovn/commit/54cbe0d1ba2051e640dd3e53498f373362547691.patch | git apply && \
     # northd: add nb option version_compatibility
     curl -s https://github.com/kubeovn/ovn/commit/174561abd707239f134501c4320cbf9b29af0305.patch | git apply
 
diff --git a/mocks/pkg/ovs/interface.go b/mocks/pkg/ovs/interface.go
index 51ba262f8dd..4b80ee61354 100644
--- a/mocks/pkg/ovs/interface.go
+++ b/mocks/pkg/ovs/interface.go
@@ -796,17 +796,17 @@ func (mr *MockLogicalSwitchPortMockRecorder) CreateBareLogicalSwitchPort(lsName,
 }
 
 // CreateLocalnetLogicalSwitchPort mocks base method.
-func (m *MockLogicalSwitchPort) CreateLocalnetLogicalSwitchPort(lsName, lspName, provider string, vlanID int) error {
+func (m *MockLogicalSwitchPort) CreateLocalnetLogicalSwitchPort(lsName, lspName, provider, cidrBlock string, vlanID int) error {
 	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "CreateLocalnetLogicalSwitchPort", lsName, lspName, provider, vlanID)
+	ret := m.ctrl.Call(m, "CreateLocalnetLogicalSwitchPort", lsName, lspName, provider, cidrBlock, vlanID)
 	ret0, _ := ret[0].(error)
 	return ret0
 }
 
 // CreateLocalnetLogicalSwitchPort indicates an expected call of CreateLocalnetLogicalSwitchPort.
-func (mr *MockLogicalSwitchPortMockRecorder) CreateLocalnetLogicalSwitchPort(lsName, lspName, provider, vlanID any) *gomock.Call {
+func (mr *MockLogicalSwitchPortMockRecorder) CreateLocalnetLogicalSwitchPort(lsName, lspName, provider, cidrBlock, vlanID any) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateLocalnetLogicalSwitchPort", reflect.TypeOf((*MockLogicalSwitchPort)(nil).CreateLocalnetLogicalSwitchPort), lsName, lspName, provider, vlanID)
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateLocalnetLogicalSwitchPort", reflect.TypeOf((*MockLogicalSwitchPort)(nil).CreateLocalnetLogicalSwitchPort), lsName, lspName, provider, cidrBlock, vlanID)
 }
 
 // CreateLogicalSwitchPort mocks base method.
@@ -2652,17 +2652,17 @@ func (mr *MockNbClientMockRecorder) CreateLoadBalancerHealthCheck(lbName, vip, l
 }
 
 // CreateLocalnetLogicalSwitchPort mocks base method.
-func (m *MockNbClient) CreateLocalnetLogicalSwitchPort(lsName, lspName, provider string, vlanID int) error {
+func (m *MockNbClient) CreateLocalnetLogicalSwitchPort(lsName, lspName, provider, cidrBlock string, vlanID int) error {
 	m.ctrl.T.Helper()
-	ret := m.ctrl.Call(m, "CreateLocalnetLogicalSwitchPort", lsName, lspName, provider, vlanID)
+	ret := m.ctrl.Call(m, "CreateLocalnetLogicalSwitchPort", lsName, lspName, provider, cidrBlock, vlanID)
 	ret0, _ := ret[0].(error)
 	return ret0
 }
 
 // CreateLocalnetLogicalSwitchPort indicates an expected call of CreateLocalnetLogicalSwitchPort.
-func (mr *MockNbClientMockRecorder) CreateLocalnetLogicalSwitchPort(lsName, lspName, provider, vlanID any) *gomock.Call {
+func (mr *MockNbClientMockRecorder) CreateLocalnetLogicalSwitchPort(lsName, lspName, provider, cidrBlock, vlanID any) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateLocalnetLogicalSwitchPort", reflect.TypeOf((*MockNbClient)(nil).CreateLocalnetLogicalSwitchPort), lsName, lspName, provider, vlanID)
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateLocalnetLogicalSwitchPort", reflect.TypeOf((*MockNbClient)(nil).CreateLocalnetLogicalSwitchPort), lsName, lspName, provider, cidrBlock, vlanID)
 }
 
 // CreateLogicalPatchPort mocks base method.
diff --git a/pkg/controller/subnet.go b/pkg/controller/subnet.go
index b0c555dd344..65799988466 100644
--- a/pkg/controller/subnet.go
+++ b/pkg/controller/subnet.go
@@ -1873,7 +1873,7 @@ func (c *Controller) reconcileVlan(subnet *kubeovnv1.Subnet) error {
 	}
 
 	localnetPort := ovs.GetLocalnetName(subnet.Name)
-	if err := c.OVNNbClient.CreateLocalnetLogicalSwitchPort(subnet.Name, localnetPort, vlan.Spec.Provider, vlan.Spec.ID); err != nil {
+	if err := c.OVNNbClient.CreateLocalnetLogicalSwitchPort(subnet.Name, localnetPort, vlan.Spec.Provider, subnet.Spec.CIDRBlock, vlan.Spec.ID); err != nil {
 		klog.Errorf("create localnet port for subnet %s: %v", subnet.Name, err)
 		return err
 	}
diff --git a/pkg/ovs/interface.go b/pkg/ovs/interface.go
index eeb53adeca1..d4258ee9d18 100644
--- a/pkg/ovs/interface.go
+++ b/pkg/ovs/interface.go
@@ -71,7 +71,7 @@ type LogicalSwitch interface {
 type LogicalSwitchPort interface {
 	CreateLogicalSwitchPort(lsName, lspName, ip, mac, podName, namespace string, portSecurity bool, securityGroups, vips string, enableDHCP bool, dhcpOptions *DHCPOptionsUUIDs, vpc string) error
 	CreateBareLogicalSwitchPort(lsName, lspName, ip, mac string) error
-	CreateLocalnetLogicalSwitchPort(lsName, lspName, provider string, vlanID int) error
+	CreateLocalnetLogicalSwitchPort(lsName, lspName, provider, cidrBlock string, vlanID int) error
 	CreateVirtualLogicalSwitchPorts(lsName string, ips ...string) error
 	// create virtual type logical switch port for allowed-address-pair
 	CreateVirtualLogicalSwitchPort(lspName, lsName, ip string) error
diff --git a/pkg/ovs/ovn-nb-logical_switch_port.go b/pkg/ovs/ovn-nb-logical_switch_port.go
index dc468d5f5d1..66ad24ef207 100644
--- a/pkg/ovs/ovn-nb-logical_switch_port.go
+++ b/pkg/ovs/ovn-nb-logical_switch_port.go
@@ -3,6 +3,7 @@ package ovs
 import (
 	"context"
 	"fmt"
+	"reflect"
 	"slices"
 	"strconv"
 	"strings"
@@ -117,20 +118,37 @@ func (c *OVNNbClient) CreateLogicalSwitchPort(lsName, lspName, ip, mac, podName,
 }
 
 // CreateLocalnetLogicalSwitchPort create localnet type logical switch port
-func (c *OVNNbClient) CreateLocalnetLogicalSwitchPort(lsName, lspName, provider string, vlanID int) error {
-	exist, err := c.LogicalSwitchPortExists(lspName)
+func (c *OVNNbClient) CreateLocalnetLogicalSwitchPort(lsName, lspName, provider, cidrBlock string, vlanID int) error {
+	lsp, err := c.GetLogicalSwitchPort(lspName, true)
 	if err != nil {
 		klog.Error(err)
 		return err
 	}
 
-	// ignore
-	if exist {
+	ipv4CIDR, ipv6CIDR := util.SplitStringIP(cidrBlock)
+	externalIDs := make(map[string]string)
+	if ipv4CIDR != "" {
+		externalIDs["ipv4_network"] = ipv4CIDR
+	}
+	if ipv6CIDR != "" {
+		externalIDs["ipv6_network"] = ipv6CIDR
+	}
+
+	if lsp != nil {
+		externalIDs[logicalSwitchKey] = lsName
+		externalIDs["vendor"] = util.CniTypeName
+		if !reflect.DeepEqual(lsp.ExternalIDs, externalIDs) {
+			lsp.ExternalIDs = externalIDs
+			if err = c.UpdateLogicalSwitchPort(lsp, &lsp.ExternalIDs); err != nil {
+				return fmt.Errorf("failed to update external-ids of logical switch port %s: %v", lspName, err)
+			}
+		}
+
 		return nil
 	}
 
 	/* create logical switch port */
-	lsp := &ovnnb.LogicalSwitchPort{
+	lsp = &ovnnb.LogicalSwitchPort{
 		UUID:      ovsclient.NamedUUID(),
 		Name:      lspName,
 		Type:      "localnet",
@@ -138,6 +156,7 @@ func (c *OVNNbClient) CreateLocalnetLogicalSwitchPort(lsName, lspName, provider
 		Options: map[string]string{
 			"network_name": provider,
 		},
+		ExternalIDs: externalIDs,
 	}
 
 	if vlanID > 0 && vlanID < 4096 {
diff --git a/pkg/ovs/ovn-nb-logical_switch_port_test.go b/pkg/ovs/ovn-nb-logical_switch_port_test.go
index 68b1efa7bdd..4d15482e206 100644
--- a/pkg/ovs/ovn-nb-logical_switch_port_test.go
+++ b/pkg/ovs/ovn-nb-logical_switch_port_test.go
@@ -210,7 +210,7 @@ func (suite *OvnClientTestSuite) testCreateLocalnetLogicalSwitchPort() {
 	require.NoError(t, err)
 
 	t.Run("create localnet logical switch port with vlan id", func(t *testing.T) {
-		err = ovnClient.CreateLocalnetLogicalSwitchPort(lsName, lspName, provider, 200)
+		err = ovnClient.CreateLocalnetLogicalSwitchPort(lsName, lspName, provider, "192.168.0.0/24,fd00::/120", 200)
 		require.NoError(t, err)
 
 		lsp, err := ovnClient.GetLogicalSwitchPort(lspName, false)
@@ -221,13 +221,15 @@ func (suite *OvnClientTestSuite) testCreateLocalnetLogicalSwitchPort() {
 		require.Equal(t, map[string]string{
 			"network_name": provider,
 		}, lsp.Options)
-
+		require.Equal(t, "192.168.0.0/24", lsp.ExternalIDs["ipv4_network"])
+		require.Equal(t, "fd00::/120", lsp.ExternalIDs["ipv6_network"])
+		require.NotNil(t, lsp.Tag)
 		require.Equal(t, 200, *lsp.Tag)
 	})
 
 	t.Run("create localnet logical switch port without vlan id", func(t *testing.T) {
 		lspName := "test-create-localnet-port-lsp-no-vlan-id"
-		err = ovnClient.CreateLocalnetLogicalSwitchPort(lsName, lspName, provider, 0)
+		err = ovnClient.CreateLocalnetLogicalSwitchPort(lsName, lspName, provider, "192.168.1.0/24,fd01::/120", 0)
 		require.NoError(t, err)
 
 		lsp, err := ovnClient.GetLogicalSwitchPort(lspName, false)
@@ -238,11 +240,13 @@ func (suite *OvnClientTestSuite) testCreateLocalnetLogicalSwitchPort() {
 		require.Equal(t, map[string]string{
 			"network_name": provider,
 		}, lsp.Options)
-		require.Empty(t, lsp.Tag)
+		require.Equal(t, "192.168.1.0/24", lsp.ExternalIDs["ipv4_network"])
+		require.Equal(t, "fd01::/120", lsp.ExternalIDs["ipv6_network"])
+		require.Nil(t, lsp.Tag)
 	})
 
 	t.Run("should no err when create logical switch port repeatedly", func(t *testing.T) {
-		err = ovnClient.CreateLocalnetLogicalSwitchPort(lsName, lspName, "external", 0)
+		err = ovnClient.CreateLocalnetLogicalSwitchPort(lsName, lspName, "external", "192.168.2.0/24,fd02::/120", 0)
 		require.NoError(t, err)
 	})
 }
@@ -914,7 +918,7 @@ func (suite *OvnClientTestSuite) testSetLogicalSwitchPortVlanTag() {
 	err := ovnClient.CreateBareLogicalSwitch(lsName)
 	require.NoError(t, err)
 
-	err = ovnClient.CreateLocalnetLogicalSwitchPort(lsName, lspName, "provider", vlanID)
+	err = ovnClient.CreateLocalnetLogicalSwitchPort(lsName, lspName, "provider", "192.168.3.0/24,fd03::/120", vlanID)
 	require.NoError(t, err)
 
 	lsp, err := ovnClient.GetLogicalSwitchPort(lspName, false)
@@ -924,6 +928,8 @@ func (suite *OvnClientTestSuite) testSetLogicalSwitchPortVlanTag() {
 	require.Equal(t, vlanID, *lsp.Tag)
 	require.NotEmpty(t, lsp.ExternalIDs)
 	require.Equal(t, util.CniTypeName, lsp.ExternalIDs["vendor"])
+	require.Equal(t, "192.168.3.0/24", lsp.ExternalIDs["ipv4_network"])
+	require.Equal(t, "fd03::/120", lsp.ExternalIDs["ipv6_network"])
 
 	t.Run("clear logical switch port vlan id", func(t *testing.T) {
 		err = ovnClient.SetLogicalSwitchPortVlanTag(lspName, 0)
diff --git a/pkg/ovs/ovn-nb.go b/pkg/ovs/ovn-nb.go
index 4e8fe93d470..0eade0a348b 100644
--- a/pkg/ovs/ovn-nb.go
+++ b/pkg/ovs/ovn-nb.go
@@ -38,7 +38,7 @@ func (c *OVNNbClient) CreateGatewayLogicalSwitch(lsName, lrName, provider, ip, m
 		return fmt.Errorf("create logical switch %s: %v", lsName, err)
 	}
 
-	if err := c.CreateLocalnetLogicalSwitchPort(lsName, localnetLspName, provider, vlanID); err != nil {
+	if err := c.CreateLocalnetLogicalSwitchPort(lsName, localnetLspName, provider, "", vlanID); err != nil {
 		return fmt.Errorf("create localnet logical switch port %s: %v", localnetLspName, err)
 	}