On Fri, May 31, 2019 at 05:37:14AM +0000, Van Bemmel, Jeroen (Nokia - US) wrote: > Hello all, > > Back in 2015 I submitted some code to improve ECMP hashing algorithms used in > OVS, see https://mail.openvswitch.org/pipermail/ovs-dev/2015-July/300748.html > > We have now found an issue with the hashing of fragmented UDP packets: The > first packet contains the UDP ports, but the rest of the fragments do not - > so subsequent packets may hash to a different destination. This causes IMS > SIP calls using UDP to fail ( for example ) > > To fix this, we need a 1-line patch at > https://github.com/openvswitch/ovs/blob/master/lib/flow.c#L2374: > Old: (inc_udp_ports && flow->nw_proto == IPPROTO_UDP)) { > New: (inc_udp_ports && flow->nw_proto == IPPROTO_UDP && !(flow->nw_frag & > FLOW_NW_FRAG_MASK)) { > > And something similar at > https://github.com/openvswitch/ovs/blob/master/lib/flow.c#L2489 > Old: if (is_ip_any(flow) && flow->nw_proto == IPPROTO_UDP) { > New: if (is_ip_any(flow) && flow->nw_proto == IPPROTO_UDP && !(flow->nw_frag > & FLOW_NW_FRAG_MASK)) { > > In other words: Don't include the ports for the first fragment > > Comments or objections?
It sounds correct. However, I don't know why you're limiting this to UDP. Doesn't the same issue arise for fragmented TCP or SCTP packets (even those though are rare)? Will you submit a patch formally? _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
