On Tue, Sep 6, 2022 at 6:02 AM Ales Musil <[email protected]> wrote:
>
> The current behavior is that load balancers
> default to tcp protocol if it is not specified.
> However, this is not propagated to lflows which
> specify proto only when port is specified as part
> of the protocol e.g. udp.port == X. Always include
> the protocol in the lb flow even if the port is not
> specified.
>
> Signed-off-by: Ales Musil <[email protected]>
Hi Ales,
Sorry that I don't understand the problem. The ovn-nb.xml defines:
<column name="protocol">
<p>
Valid protocols are <code>tcp</code>, <code>udp</code>, or
<code>sctp</code>. This column is useful when a port number is
provided as part of the <code>vips</code> column. If this column is
empty and a port number is provided as part of <code>vips</code>
column, OVN assumes the protocol to be <code>tcp</code>.
</p>
</column>
So it defaults to TCP only if a port number is provided. Your patch seems
to change this definition and is trying to default to TCP even if a port
number is NOT provided? Did I misunderstand?
Thanks,
Han
> ---
> northd/northd.c | 7 +++--
> tests/ovn-northd.at | 56 +++++++++++++++++++--------------------
> tests/ovn.at | 6 ++---
> utilities/ovn-nbctl.8.xml | 5 ++--
> 4 files changed, 36 insertions(+), 38 deletions(-)
>
> diff --git a/northd/northd.c b/northd/northd.c
> index 7e2681865..3ab335fec 100644
> --- a/northd/northd.c
> +++ b/northd/northd.c
> @@ -6870,9 +6870,8 @@ build_lb_rules(struct hmap *lflows, struct
ovn_northd_lb *lb, bool ct_lb_mark,
> lb_vip->vip_str);
> }
>
> - const char *proto = NULL;
> + const char *proto = "tcp";
> if (lb_vip->vip_port) {
> - proto = "tcp";
> if (lb->nlb->protocol) {
> if (!strcmp(lb->nlb->protocol, "udp")) {
> proto = "udp";
> @@ -6894,8 +6893,8 @@ build_lb_rules(struct hmap *lflows, struct
ovn_northd_lb *lb, bool ct_lb_mark,
> lb->selection_fields, true,
> ct_lb_mark);
>
> - ds_put_format(match, "ct.new && %s.dst == %s", ip_match,
> - lb_vip->vip_str);
> + ds_put_format(match, "ct.new && %s.dst == %s && %s", ip_match,
> + lb_vip->vip_str, proto);
> int priority = 110;
> if (lb_vip->vip_port) {
> ds_put_format(match, " && %s.dst == %d", proto,
lb_vip->vip_port);
> diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at
> index 157f9f60c..6559a6ade 100644
> --- a/tests/ovn-northd.at
> +++ b/tests/ovn-northd.at
> @@ -1227,7 +1227,7 @@ check ovn-nbctl --wait=sb ls-lb-add sw0 lb1
> AT_CAPTURE_FILE([sbflows])
> OVS_WAIT_FOR_OUTPUT(
> [ovn-sbctl dump-flows sw0 | tee sbflows | grep
'priority=120.*backends' | sed 's/table=..//'], 0, [dnl
> - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10;
reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);)
> + (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 =
10.0.0.10; reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);)
> ])
>
> AS_BOX([Delete the Load_Balancer_Health_Check])
> @@ -1237,7 +1237,7 @@ wait_row_count Service_Monitor 0
> AT_CAPTURE_FILE([sbflows2])
> OVS_WAIT_FOR_OUTPUT(
> [ovn-sbctl dump-flows sw0 | tee sbflows2 | grep
'priority=120.*backends' | sed 's/table=..//'], [0],
> -[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10;
reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);)
> +[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 =
10.0.0.10; reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);)
> ])
>
> AS_BOX([Create the Load_Balancer_Health_Check again.])
> @@ -1249,7 +1249,7 @@ check ovn-nbctl --wait=sb sync
>
> ovn-sbctl dump-flows sw0 | grep backends | grep priority=120 > lflows.txt
> AT_CHECK([cat lflows.txt | sed 's/table=..//'], [0], [dnl
> - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10;
reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);)
> + (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 =
10.0.0.10; reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);)
> ])
>
> AS_BOX([Get the uuid of both the service_monitor])
> @@ -1259,7 +1259,7 @@ sm_sw1_p1=$(fetch_column Service_Monitor _uuid
logical_port=sw1-p1)
> AT_CAPTURE_FILE([sbflows3])
> OVS_WAIT_FOR_OUTPUT(
> [ovn-sbctl dump-flows sw0 | tee sbflows 3 | grep
'priority=120.*backends' | sed 's/table=..//'], [0],
> -[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10;
reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);)
> +[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 =
10.0.0.10; reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);)
> ])
>
> AS_BOX([Set the service monitor for sw1-p1 to offline])
> @@ -1270,7 +1270,7 @@ check ovn-nbctl --wait=sb sync
> AT_CAPTURE_FILE([sbflows4])
> OVS_WAIT_FOR_OUTPUT(
> [ovn-sbctl dump-flows sw0 | tee sbflows4 | grep
'priority=120.*backends' | sed 's/table=..//'], [0],
> -[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10;
reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80);)
> +[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 =
10.0.0.10; reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80);)
> ])
>
> AS_BOX([Set the service monitor for sw0-p1 to offline])
> @@ -1285,8 +1285,8 @@ OVS_WAIT_FOR_OUTPUT(
>
> AT_CAPTURE_FILE([sbflows6])
> OVS_WAIT_FOR_OUTPUT(
> - [ovn-sbctl dump-flows sw0 | tee sbflows6 | grep "ip4.dst == 10.0.0.10
&& tcp.dst == 80" | grep priority=120 | sed 's/table=..//'], [0], [dnl
> - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp.dst == 80), action=(drop;)
> + [ovn-sbctl dump-flows sw0 | tee sbflows6 | grep "ip4.dst == 10.0.0.10
&& tcp && tcp.dst == 80" | grep priority=120 | sed 's/table=..//'], [0],
[dnl
> + (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp && tcp.dst == 80), action=(drop;)
> ])
>
> AS_BOX([Set the service monitor for sw0-p1 and sw1-p1 to online])
> @@ -1299,7 +1299,7 @@ check ovn-nbctl --wait=sb sync
> AT_CAPTURE_FILE([sbflows7])
> OVS_WAIT_FOR_OUTPUT(
> [ovn-sbctl dump-flows sw0 | tee sbflows7 | grep backends | grep
priority=120 | sed 's/table=..//'], 0,
> -[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10;
reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);)
> +[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 =
10.0.0.10; reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);)
> ])
>
> AS_BOX([Set the service monitor for sw1-p1 to error])
> @@ -1307,10 +1307,10 @@ ovn-sbctl set service_monitor $sm_sw1_p1
status=error
> wait_row_count Service_Monitor 1 logical_port=sw1-p1 status=error
> check ovn-nbctl --wait=sb sync
>
> -ovn-sbctl dump-flows sw0 | grep "ip4.dst == 10.0.0.10 && tcp.dst == 80" \
> +ovn-sbctl dump-flows sw0 | grep "ip4.dst == 10.0.0.10 && tcp && tcp.dst
== 80" \
> | grep priority=120 > lflows.txt
> AT_CHECK([cat lflows.txt | sed 's/table=..//'], [0], [dnl
> - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10;
reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80);)
> + (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 =
10.0.0.10; reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80);)
> ])
>
> AS_BOX([Add one more vip to lb1])
> @@ -1336,8 +1336,8 @@ AT_CAPTURE_FILE([sbflows9])
> OVS_WAIT_FOR_OUTPUT(
> [ovn-sbctl dump-flows sw0 | tee sbflows9 | grep backends | grep
priority=120 | sed 's/table=..//' | sort],
> 0,
> -[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10;
reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80);)
> - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.40 && tcp.dst == 1000), action=(reg0[[1]] = 0; reg1 = 10.0.0.40;
reg2[[0..15]] = 1000; ct_lb(backends=10.0.0.3:1000);)
> +[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 =
10.0.0.10; reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80);)
> + (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.40 && tcp && tcp.dst == 1000), action=(reg0[[1]] = 0; reg1 =
10.0.0.40; reg2[[0..15]] = 1000; ct_lb(backends=10.0.0.3:1000);)
> ])
>
> AS_BOX([Set the service monitor for sw1-p1 to online])
> @@ -1350,8 +1350,8 @@ AT_CAPTURE_FILE([sbflows10])
> OVS_WAIT_FOR_OUTPUT(
> [ovn-sbctl dump-flows sw0 | tee sbflows10 | grep backends | grep
priority=120 | sed 's/table=..//' | sort],
> 0,
> -[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10;
reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);)
> - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.40 && tcp.dst == 1000), action=(reg0[[1]] = 0; reg1 = 10.0.0.40;
reg2[[0..15]] = 1000; ct_lb(backends=10.0.0.3:1000,20.0.0.3:80);)
> +[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 =
10.0.0.10; reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);)
> + (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.40 && tcp && tcp.dst == 1000), action=(reg0[[1]] = 0; reg1 =
10.0.0.40; reg2[[0..15]] = 1000; ct_lb(backends=10.0.0.3:1000,20.0.0.3:80);)
> ])
>
> AS_BOX([Associate lb1 to sw1])
> @@ -1360,8 +1360,8 @@ AT_CAPTURE_FILE([sbflows11])
> OVS_WAIT_FOR_OUTPUT(
> [ovn-sbctl dump-flows sw1 | tee sbflows11 | grep backends | grep
priority=120 | sed 's/table=..//' | sort],
> 0, [dnl
> - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10;
reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);)
> - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.40 && tcp.dst == 1000), action=(reg0[[1]] = 0; reg1 = 10.0.0.40;
reg2[[0..15]] = 1000; ct_lb(backends=10.0.0.3:1000,20.0.0.3:80);)
> + (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 =
10.0.0.10; reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);)
> + (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.40 && tcp && tcp.dst == 1000), action=(reg0[[1]] = 0; reg1 =
10.0.0.40; reg2[[0..15]] = 1000; ct_lb(backends=10.0.0.3:1000,20.0.0.3:80);)
> ])
>
> AS_BOX([Now create lb2 same as lb1 but udp protocol.])
> @@ -1417,8 +1417,8 @@ ovn-sbctl set service_monitor $sm_sw1_p1
status=offline
>
> AT_CAPTURE_FILE([sbflows12])
> OVS_WAIT_FOR_OUTPUT(
> - [ovn-sbctl dump-flows sw0 | tee sbflows12 | grep "ip4.dst == 10.0.0.10
&& tcp.dst == 80" | grep priority=120 | sed 's/table=..//'], [0], [dnl
> - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp.dst == 80), action=(reg0 = 0; reject { outport <-> inport;
next(pipeline=egress,table=5);};)
> + [ovn-sbctl dump-flows sw0 | tee sbflows12 | grep "ip4.dst == 10.0.0.10
&& tcp && tcp.dst == 80" | grep priority=120 | sed 's/table=..//'], [0],
[dnl
> + (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp && tcp.dst == 80), action=(reg0 = 0; reject { outport <->
inport; next(pipeline=egress,table=5);};)
> ])
>
> AT_CLEANUP
> @@ -3899,8 +3899,8 @@ check_stateful_flows() {
>
> AT_CHECK([grep "ls_in_lb" sw0flows | sort | sed
's/table=../table=??/'], [0], [dnl
> table=??(ls_in_lb ), priority=0 , match=(1),
action=(next;)
> - table=??(ls_in_lb ), priority=120 , match=(ct.new &&
ip4.dst == 10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 =
10.0.0.10; reg2[[0..15]] = 80; ct_lb_mark(backends=10.0.0.4:8080);)
> - table=??(ls_in_lb ), priority=120 , match=(ct.new &&
ip4.dst == 10.0.0.20 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 =
10.0.0.20; reg2[[0..15]] = 80; ct_lb_mark(backends=10.0.0.40:8080);)
> + table=??(ls_in_lb ), priority=120 , match=(ct.new &&
ip4.dst == 10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1
= 10.0.0.10; reg2[[0..15]] = 80; ct_lb_mark(backends=10.0.0.4:8080);)
> + table=??(ls_in_lb ), priority=120 , match=(ct.new &&
ip4.dst == 10.0.0.20 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1
= 10.0.0.20; reg2[[0..15]] = 80; ct_lb_mark(backends=10.0.0.40:8080);)
> ])
>
> AT_CHECK([grep "ls_in_stateful" sw0flows | sort | sed
's/table=../table=??/'], [0], [dnl
> @@ -6415,7 +6415,7 @@ AT_CHECK([grep -e "ls_in_acl" lsflows | sed
's/table=../table=??/' | sort], [0],
>
> AT_CHECK([grep -e "ls_in_lb" lsflows | sed 's/table=../table=??/' |
sort], [0], [dnl
> table=??(ls_in_lb ), priority=0 , match=(1),
action=(next;)
> - table=??(ls_in_lb ), priority=110 , match=(ct.new &&
ip4.dst == 10.0.0.2), action=(reg0[[1]] = 0; reg1 = 10.0.0.2;
ct_lb_mark(backends=10.0.0.10);)
> + table=??(ls_in_lb ), priority=110 , match=(ct.new &&
ip4.dst == 10.0.0.2 && tcp), action=(reg0[[1]] = 0; reg1 = 10.0.0.2;
ct_lb_mark(backends=10.0.0.10);)
> ])
>
> AT_CHECK([grep -e "ls_in_stateful" lsflows | sed 's/table=../table=??/'
| sort], [0], [dnl
> @@ -6468,7 +6468,7 @@ AT_CHECK([grep -e "ls_in_acl" lsflows | sed
's/table=../table=??/' | sort], [0],
>
> AT_CHECK([grep -e "ls_in_lb" lsflows | sed 's/table=../table=??/' |
sort], [0], [dnl
> table=??(ls_in_lb ), priority=0 , match=(1),
action=(next;)
> - table=??(ls_in_lb ), priority=110 , match=(ct.new &&
ip4.dst == 10.0.0.2), action=(reg0[[1]] = 0; reg1 = 10.0.0.2;
ct_lb_mark(backends=10.0.0.10);)
> + table=??(ls_in_lb ), priority=110 , match=(ct.new &&
ip4.dst == 10.0.0.2 && tcp), action=(reg0[[1]] = 0; reg1 = 10.0.0.2;
ct_lb_mark(backends=10.0.0.10);)
> ])
>
> AT_CHECK([grep -e "ls_in_stateful" lsflows | sed 's/table=../table=??/'
| sort], [0], [dnl
> @@ -6521,7 +6521,7 @@ AT_CHECK([grep -e "ls_in_acl" lsflows | sed
's/table=../table=??/' | sort], [0],
>
> AT_CHECK([grep -e "ls_in_lb" lsflows | sed 's/table=../table=??/' |
sort], [0], [dnl
> table=??(ls_in_lb ), priority=0 , match=(1),
action=(next;)
> - table=??(ls_in_lb ), priority=110 , match=(ct.new &&
ip4.dst == 10.0.0.2), action=(reg0[[1]] = 0; reg1 = 10.0.0.2;
ct_lb_mark(backends=10.0.0.10);)
> + table=??(ls_in_lb ), priority=110 , match=(ct.new &&
ip4.dst == 10.0.0.2 && tcp), action=(reg0[[1]] = 0; reg1 = 10.0.0.2;
ct_lb_mark(backends=10.0.0.10);)
> ])
>
> AT_CHECK([grep -e "ls_in_stateful" lsflows | sed 's/table=../table=??/'
| sort], [0], [dnl
> @@ -7487,7 +7487,7 @@ AT_CHECK([ovn-sbctl lflow-list | grep -e natted -e
ct_lb], [0], [dnl
> table=6 (ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] == 1
&& ip6 && tcp), action=(xxreg1 = ip6.dst; reg2[[0..15]] = tcp.dst;
ct_lb_mark;)
> table=6 (ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] == 1
&& ip6 && udp), action=(xxreg1 = ip6.dst; reg2[[0..15]] = udp.dst;
ct_lb_mark;)
> table=6 (ls_in_pre_stateful ), priority=110 , match=(reg0[[2]] == 1),
action=(ct_lb_mark;)
> - table=11(ls_in_lb ), priority=110 , match=(ct.new &&
ip4.dst == 66.66.66.66), action=(reg0[[1]] = 0; reg1 = 66.66.66.66;
ct_lb_mark(backends=42.42.42.2);)
> + table=11(ls_in_lb ), priority=110 , match=(ct.new &&
ip4.dst == 66.66.66.66 && tcp), action=(reg0[[1]] = 0; reg1 = 66.66.66.66;
ct_lb_mark(backends=42.42.42.2);)
> table=2 (ls_out_pre_stateful), priority=110 , match=(reg0[[2]] == 1),
action=(ct_lb_mark;)
> ])
>
> @@ -7504,7 +7504,7 @@ AT_CHECK([ovn-sbctl lflow-list | grep -e natted -e
ct_lb], [0], [dnl
> table=6 (ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] == 1
&& ip6 && tcp), action=(xxreg1 = ip6.dst; reg2[[0..15]] = tcp.dst; ct_lb;)
> table=6 (ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] == 1
&& ip6 && udp), action=(xxreg1 = ip6.dst; reg2[[0..15]] = udp.dst; ct_lb;)
> table=6 (ls_in_pre_stateful ), priority=110 , match=(reg0[[2]] == 1),
action=(ct_lb;)
> - table=11(ls_in_lb ), priority=110 , match=(ct.new &&
ip4.dst == 66.66.66.66), action=(reg0[[1]] = 0; reg1 = 66.66.66.66;
ct_lb(backends=42.42.42.2);)
> + table=11(ls_in_lb ), priority=110 , match=(ct.new &&
ip4.dst == 66.66.66.66 && tcp), action=(reg0[[1]] = 0; reg1 = 66.66.66.66;
ct_lb(backends=42.42.42.2);)
> table=2 (ls_out_pre_stateful), priority=110 , match=(reg0[[2]] == 1),
action=(ct_lb;)
> ])
>
> @@ -7521,7 +7521,7 @@ AT_CHECK([ovn-sbctl lflow-list | grep -e natted -e
ct_lb], [0], [dnl
> table=6 (ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] == 1
&& ip6 && tcp), action=(xxreg1 = ip6.dst; reg2[[0..15]] = tcp.dst;
ct_lb_mark;)
> table=6 (ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] == 1
&& ip6 && udp), action=(xxreg1 = ip6.dst; reg2[[0..15]] = udp.dst;
ct_lb_mark;)
> table=6 (ls_in_pre_stateful ), priority=110 , match=(reg0[[2]] == 1),
action=(ct_lb_mark;)
> - table=11(ls_in_lb ), priority=110 , match=(ct.new &&
ip4.dst == 66.66.66.66), action=(reg0[[1]] = 0; reg1 = 66.66.66.66;
ct_lb_mark(backends=42.42.42.2);)
> + table=11(ls_in_lb ), priority=110 , match=(ct.new &&
ip4.dst == 66.66.66.66 && tcp), action=(reg0[[1]] = 0; reg1 = 66.66.66.66;
ct_lb_mark(backends=42.42.42.2);)
> table=2 (ls_out_pre_stateful), priority=110 , match=(reg0[[2]] == 1),
action=(ct_lb_mark;)
> ])
>
> @@ -7692,11 +7692,11 @@ AT_CAPTURE_FILE([S1flows])
>
> AT_CHECK([grep "ls_in_lb" S0flows | sort], [0], [dnl
> table=11(ls_in_lb ), priority=0 , match=(1),
action=(next;)
> - table=11(ls_in_lb ), priority=120 , match=(ct.new &&
ip4.dst == 172.16.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 =
172.16.0.10; reg2[[0..15]] = 80; ct_lb_mark(backends=10.0.0.2:80);)
> + table=11(ls_in_lb ), priority=120 , match=(ct.new &&
ip4.dst == 172.16.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0;
reg1 = 172.16.0.10; reg2[[0..15]] = 80; ct_lb_mark(backends=10.0.0.2:80);)
> ])
> AT_CHECK([grep "ls_in_lb" S1flows | sort], [0], [dnl
> table=11(ls_in_lb ), priority=0 , match=(1),
action=(next;)
> - table=11(ls_in_lb ), priority=120 , match=(ct.new &&
ip4.dst == 172.16.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 =
172.16.0.10; reg2[[0..15]] = 80; ct_lb_mark(backends=10.0.0.2:80);)
> + table=11(ls_in_lb ), priority=120 , match=(ct.new &&
ip4.dst == 172.16.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0;
reg1 = 172.16.0.10; reg2[[0..15]] = 80; ct_lb_mark(backends=10.0.0.2:80);)
> ])
>
> ovn-sbctl get datapath S0 _uuid > dp_uuids
> diff --git a/tests/ovn.at b/tests/ovn.at
> index c2bcb721a..6dbb88a5e 100644
> --- a/tests/ovn.at
> +++ b/tests/ovn.at
> @@ -23606,7 +23606,7 @@ OVS_WAIT_FOR_OUTPUT(
> (ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] == 1 && ip6 &&
sctp), action=(xxreg1 = ip6.dst; reg2[[0..15]] = sctp.dst; ct_lb_mark;)
> (ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] == 1 && ip6 &&
tcp), action=(xxreg1 = ip6.dst; reg2[[0..15]] = tcp.dst; ct_lb_mark;)
> (ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] == 1 && ip6 &&
udp), action=(xxreg1 = ip6.dst; reg2[[0..15]] = udp.dst; ct_lb_mark;)
> - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10;
reg2[[0..15]] = 80; ct_lb_mark(backends=10.0.0.3:80,20.0.0.3:80;
hash_fields="ip_dst,ip_src,tcp_dst,tcp_src");)
> + (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 =
10.0.0.10; reg2[[0..15]] = 80; ct_lb_mark(backends=10.0.0.3:80,20.0.0.3:80;
hash_fields="ip_dst,ip_src,tcp_dst,tcp_src");)
> ])
>
> AT_CAPTURE_FILE([sbflows2])
> @@ -23646,9 +23646,9 @@ grep "405400000003${svc_mon_src_mac}" | wc -l`]
> AT_CAPTURE_FILE([sbflows3])
> ovn-sbctl dump-flows sw0 > sbflows3
> AT_CHECK(
> - [grep "ip4.dst == 10.0.0.10 && tcp.dst == 80" sbflows3 | grep
priority=120 |\
> + [grep "ip4.dst == 10.0.0.10 && tcp && tcp.dst == 80" sbflows3 | grep
priority=120 |\
> sed 's/table=../table=??/'], [0],
> - [ table=??(ls_in_lb ), priority=120 , match=(ct.new &&
ip4.dst == 10.0.0.10 && tcp.dst == 80), action=(drop;)
> + [ table=??(ls_in_lb ), priority=120 , match=(ct.new &&
ip4.dst == 10.0.0.10 && tcp && tcp.dst == 80), action=(drop;)
> ])
>
> AT_CAPTURE_FILE([sbflows4])
> diff --git a/utilities/ovn-nbctl.8.xml b/utilities/ovn-nbctl.8.xml
> index 040d05227..a127c5b34 100644
> --- a/utilities/ovn-nbctl.8.xml
> +++ b/utilities/ovn-nbctl.8.xml
> @@ -1276,9 +1276,8 @@
> The optional argument <var>protocol</var> must be either
> <code>tcp</code>, <code>udp</code> or <code>sctp</code>. This
argument
> is useful when a port number is provided as part of the
<var>vip</var>.
> - If the <var>protocol</var> is unspecified and a port number is
provided
> - as part of the <var>vip</var>, OVN assumes the
<var>protocol</var> to
> - be <code>tcp</code>.
> + If the <var>protocol</var> is unspecified OVN assumes the
> + <var>protocol</var> to be <code>tcp</code>.
> </p>
>
> <p>
> --
> 2.37.2
>
> _______________________________________________
> dev mailing list
> [email protected]
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
