** Also affects: linux-bluefield (Ubuntu Focal)
Importance: Undecided
Status: New
** Changed in: linux-bluefield (Ubuntu Focal)
Importance: Undecided => Medium
** Changed in: linux-bluefield (Ubuntu Focal)
Status: New => In Progress
** Changed in: linux-bluefield (Ubuntu Focal)
Assignee: (unassigned) => Bodong Wang (bodong-wang)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-bluefield in Ubuntu.
https://bugs.launchpad.net/bugs/1944390
Title:
Fix ignoring ct state match of OVS offload to TC/HW
Status in linux-bluefield package in Ubuntu:
New
Status in linux-bluefield source package in Focal:
In Progress
Bug description:
* Explain the bug
When using OVS with tc to offload connection tracking flows, if user matches
on ct_state other then trk and est, such as ct_state +rpl, it will be silently
ignored by TC/HW and might result in wrong actions being executed.
* How to test
Create OVS bridge with 2 devices $dev1, $dev2 (can be any devices)
Enable HW offload and configure connection tracking OpenFlow rules which match
on ct_state +rpl and do different actions based on that match.
e.g:
ovs-ofctl del-flows br-ovs
ovs-ofctl add-flow br-ovs arp,actions=normal
ovs-ofctl add-flow br-ovs "table=0, ip,ct_state=-trk actions=ct(table=1)"
ovs-ofctl add-flow br-ovs "table=1, ip,ct_state=+trk+new
actions=ct(commit),normal"
ovs-ofctl add-flow br-ovs "table=1, ip,ct_state=+trk+est-rpl,
actions=$dev1"
ovs-ofctl add-flow br-ovs "table=1, ip,ct_state=+trk+est+rpl,
actions=$dev2"
With commits, ovs dump-flows (or tc show on devs) will have ct_state +rpl
match, and without they don't have,
meaning the match is ignored.
* What it could break.
NA
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-bluefield/+bug/1944390/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
