On Fri, Sep 9, 2022 at 2:40 PM Numan Siddique <[email protected]> wrote:
> On Fri, Sep 9, 2022 at 2:11 AM Ales Musil <[email protected]> wrote: > > > > On Fri, Sep 9, 2022 at 7:43 AM Han Zhou <[email protected]> wrote: > > > > > > > > > > > On Tue, Sep 6, 2022 at 6:02 AM Ales Musil <[email protected]> wrote: > > > > > > > > The current behavior is that load balancers > > > > default to tcp protocol if it is not specified. > > > > However, this is not propagated to lflows which > > > > specify proto only when port is specified as part > > > > of the protocol e.g. udp.port == X. Always include > > > > the protocol in the lb flow even if the port is not > > > > specified. > > > > > > > > Signed-off-by: Ales Musil <[email protected]> > > > > > > Hi Ales, > > > > > > > Hi Han, > > > > > > > Sorry that I don't understand the problem. The ovn-nb.xml defines: > > > > > > <column name="protocol"> > > > <p> > > > Valid protocols are <code>tcp</code>, <code>udp</code>, or > > > <code>sctp</code>. This column is useful when a port number is > > > provided as part of the <code>vips</code> column. If this > column > > > is > > > empty and a port number is provided as part of > <code>vips</code> > > > column, OVN assumes the protocol to be <code>tcp</code>. > > > </p> > > > </column> > > > > > > So it defaults to TCP only if a port number is provided. Your patch > seems > > > to change this definition and is trying to default to TCP even if a > port > > > number is NOT provided? Did I misunderstand? > > > > > > > right, but everything is presented as tcp being default even if we don't > > specify proto e.g. lb-list. Also ovn-northd.8.xml specifies: > > > > For all the configured load balancing rules for a switch in > > <code>OVN_Northbound</code> database that includes a L4 port > > <var>PORT</var> of protocol <var>P</var> and IP address > > <var>VIP</var>, a priority-120 flow is added. For IPv4 <var>VIPs > > </var>, the flow matches <code>ct.new && ip && > > ip4.dst == <var>VIP</var> && <var>P</var> && > > <var>P</var>.dst == <var>PORT</var></code>. For IPv6 <var>VIPs</var>, > > the flow matches <code>ct.new && ip && ip6.dst == <var> > > VIP </var>&& <var>P</var> && <var>P</var>.dst == <var> > > PORT</var></code>. > > > > Suggesting that the protocol should be present which was not the case for > > even if the port was specified. > > > > This patch tries to make it consistent. So that we include the protocol > > always in the rule and it default to tcp. > > I think Han is correct. AFAIK we do support L3 load balancers i.e if > no protocol specified, then its an > L3 load balancer. If the documentation is not accurate, we should fix > that. > If that's the case we also need to fix lb-list output because it outputs tcp even if the port is not specified. This was the conclusion after discussion with Dumitru, let's wait for his input. Thanks, Ales > > Thanks > Numan > > > > > Thanks, > > Ales > > > > > > > Thanks, > > > Han > > > > > > > --- > > > > northd/northd.c | 7 +++-- > > > > tests/ovn-northd.at | 56 > +++++++++++++++++++-------------------- > > > > tests/ovn.at | 6 ++--- > > > > utilities/ovn-nbctl.8.xml | 5 ++-- > > > > 4 files changed, 36 insertions(+), 38 deletions(-) > > > > > > > > diff --git a/northd/northd.c b/northd/northd.c > > > > index 7e2681865..3ab335fec 100644 > > > > --- a/northd/northd.c > > > > +++ b/northd/northd.c > > > > @@ -6870,9 +6870,8 @@ build_lb_rules(struct hmap *lflows, struct > > > ovn_northd_lb *lb, bool ct_lb_mark, > > > > lb_vip->vip_str); > > > > } > > > > > > > > - const char *proto = NULL; > > > > + const char *proto = "tcp"; > > > > if (lb_vip->vip_port) { > > > > - proto = "tcp"; > > > > if (lb->nlb->protocol) { > > > > if (!strcmp(lb->nlb->protocol, "udp")) { > > > > proto = "udp"; > > > > @@ -6894,8 +6893,8 @@ build_lb_rules(struct hmap *lflows, struct > > > ovn_northd_lb *lb, bool ct_lb_mark, > > > > lb->selection_fields, > true, > > > > ct_lb_mark); > > > > > > > > - ds_put_format(match, "ct.new && %s.dst == %s", ip_match, > > > > - lb_vip->vip_str); > > > > + ds_put_format(match, "ct.new && %s.dst == %s && %s", > ip_match, > > > > + lb_vip->vip_str, proto); > > > > int priority = 110; > > > > if (lb_vip->vip_port) { > > > > ds_put_format(match, " && %s.dst == %d", proto, > > > lb_vip->vip_port); > > > > diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at > > > > index 157f9f60c..6559a6ade 100644 > > > > --- a/tests/ovn-northd.at > > > > +++ b/tests/ovn-northd.at > > > > @@ -1227,7 +1227,7 @@ check ovn-nbctl --wait=sb ls-lb-add sw0 lb1 > > > > AT_CAPTURE_FILE([sbflows]) > > > > OVS_WAIT_FOR_OUTPUT( > > > > [ovn-sbctl dump-flows sw0 | tee sbflows | grep > > > 'priority=120.*backends' | sed 's/table=..//'], 0, [dnl > > > > - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst == > > > 10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10; > > > reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);) > > > > + (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst == > > > 10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = > > > 10.0.0.10; reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80 > );) > > > > ]) > > > > > > > > AS_BOX([Delete the Load_Balancer_Health_Check]) > > > > @@ -1237,7 +1237,7 @@ wait_row_count Service_Monitor 0 > > > > AT_CAPTURE_FILE([sbflows2]) > > > > OVS_WAIT_FOR_OUTPUT( > > > > [ovn-sbctl dump-flows sw0 | tee sbflows2 | grep > > > 'priority=120.*backends' | sed 's/table=..//'], [0], > > > > -[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst > == > > > 10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10; > > > reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);) > > > > +[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst > == > > > 10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = > > > 10.0.0.10; reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80 > );) > > > > ]) > > > > > > > > AS_BOX([Create the Load_Balancer_Health_Check again.]) > > > > @@ -1249,7 +1249,7 @@ check ovn-nbctl --wait=sb sync > > > > > > > > ovn-sbctl dump-flows sw0 | grep backends | grep priority=120 > > > > lflows.txt > > > > AT_CHECK([cat lflows.txt | sed 's/table=..//'], [0], [dnl > > > > - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst == > > > 10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10; > > > reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);) > > > > + (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst == > > > 10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = > > > 10.0.0.10; reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80 > );) > > > > ]) > > > > > > > > AS_BOX([Get the uuid of both the service_monitor]) > > > > @@ -1259,7 +1259,7 @@ sm_sw1_p1=$(fetch_column Service_Monitor _uuid > > > logical_port=sw1-p1) > > > > AT_CAPTURE_FILE([sbflows3]) > > > > OVS_WAIT_FOR_OUTPUT( > > > > [ovn-sbctl dump-flows sw0 | tee sbflows 3 | grep > > > 'priority=120.*backends' | sed 's/table=..//'], [0], > > > > -[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst > == > > > 10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10; > > > reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);) > > > > +[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst > == > > > 10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = > > > 10.0.0.10; reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80 > );) > > > > ]) > > > > > > > > AS_BOX([Set the service monitor for sw1-p1 to offline]) > > > > @@ -1270,7 +1270,7 @@ check ovn-nbctl --wait=sb sync > > > > AT_CAPTURE_FILE([sbflows4]) > > > > OVS_WAIT_FOR_OUTPUT( > > > > [ovn-sbctl dump-flows sw0 | tee sbflows4 | grep > > > 'priority=120.*backends' | sed 's/table=..//'], [0], > > > > -[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst > == > > > 10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10; > > > reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80);) > > > > +[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst > == > > > 10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = > > > 10.0.0.10; reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80);) > > > > ]) > > > > > > > > AS_BOX([Set the service monitor for sw0-p1 to offline]) > > > > @@ -1285,8 +1285,8 @@ OVS_WAIT_FOR_OUTPUT( > > > > > > > > AT_CAPTURE_FILE([sbflows6]) > > > > OVS_WAIT_FOR_OUTPUT( > > > > - [ovn-sbctl dump-flows sw0 | tee sbflows6 | grep "ip4.dst == > 10.0.0.10 > > > && tcp.dst == 80" | grep priority=120 | sed 's/table=..//'], [0], [dnl > > > > - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst == > > > 10.0.0.10 && tcp.dst == 80), action=(drop;) > > > > + [ovn-sbctl dump-flows sw0 | tee sbflows6 | grep "ip4.dst == > 10.0.0.10 > > > && tcp && tcp.dst == 80" | grep priority=120 | sed 's/table=..//'], > [0], > > > [dnl > > > > + (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst == > > > 10.0.0.10 && tcp && tcp.dst == 80), action=(drop;) > > > > ]) > > > > > > > > AS_BOX([Set the service monitor for sw0-p1 and sw1-p1 to online]) > > > > @@ -1299,7 +1299,7 @@ check ovn-nbctl --wait=sb sync > > > > AT_CAPTURE_FILE([sbflows7]) > > > > OVS_WAIT_FOR_OUTPUT( > > > > [ovn-sbctl dump-flows sw0 | tee sbflows7 | grep backends | grep > > > priority=120 | sed 's/table=..//'], 0, > > > > -[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst > == > > > 10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10; > > > reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);) > > > > +[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst > == > > > 10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = > > > 10.0.0.10; reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80 > );) > > > > ]) > > > > > > > > AS_BOX([Set the service monitor for sw1-p1 to error]) > > > > @@ -1307,10 +1307,10 @@ ovn-sbctl set service_monitor $sm_sw1_p1 > > > status=error > > > > wait_row_count Service_Monitor 1 logical_port=sw1-p1 status=error > > > > check ovn-nbctl --wait=sb sync > > > > > > > > -ovn-sbctl dump-flows sw0 | grep "ip4.dst == 10.0.0.10 && tcp.dst == > 80" > > > \ > > > > +ovn-sbctl dump-flows sw0 | grep "ip4.dst == 10.0.0.10 && tcp && > tcp.dst > > > == 80" \ > > > > | grep priority=120 > lflows.txt > > > > AT_CHECK([cat lflows.txt | sed 's/table=..//'], [0], [dnl > > > > - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst == > > > 10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10; > > > reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80);) > > > > + (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst == > > > 10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = > > > 10.0.0.10; reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80);) > > > > ]) > > > > > > > > AS_BOX([Add one more vip to lb1]) > > > > @@ -1336,8 +1336,8 @@ AT_CAPTURE_FILE([sbflows9]) > > > > OVS_WAIT_FOR_OUTPUT( > > > > [ovn-sbctl dump-flows sw0 | tee sbflows9 | grep backends | grep > > > priority=120 | sed 's/table=..//' | sort], > > > > 0, > > > > -[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst > == > > > 10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10; > > > reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80);) > > > > - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst == > > > 10.0.0.40 && tcp.dst == 1000), action=(reg0[[1]] = 0; reg1 = 10.0.0.40; > > > reg2[[0..15]] = 1000; ct_lb(backends=10.0.0.3:1000);) > > > > +[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst > == > > > 10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = > > > 10.0.0.10; reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80);) > > > > + (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst == > > > 10.0.0.40 && tcp && tcp.dst == 1000), action=(reg0[[1]] = 0; reg1 = > > > 10.0.0.40; reg2[[0..15]] = 1000; ct_lb(backends=10.0.0.3:1000);) > > > > ]) > > > > > > > > AS_BOX([Set the service monitor for sw1-p1 to online]) > > > > @@ -1350,8 +1350,8 @@ AT_CAPTURE_FILE([sbflows10]) > > > > OVS_WAIT_FOR_OUTPUT( > > > > [ovn-sbctl dump-flows sw0 | tee sbflows10 | grep backends | grep > > > priority=120 | sed 's/table=..//' | sort], > > > > 0, > > > > -[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst > == > > > 10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10; > > > reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);) > > > > - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst == > > > 10.0.0.40 && tcp.dst == 1000), action=(reg0[[1]] = 0; reg1 = 10.0.0.40; > > > reg2[[0..15]] = 1000; ct_lb(backends=10.0.0.3:1000,20.0.0.3:80);) > > > > +[ (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst > == > > > 10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = > > > 10.0.0.10; reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80 > );) > > > > + (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst == > > > 10.0.0.40 && tcp && tcp.dst == 1000), action=(reg0[[1]] = 0; reg1 = > > > 10.0.0.40; reg2[[0..15]] = 1000; ct_lb(backends=10.0.0.3:1000, > 20.0.0.3:80 > > > );) > > > > ]) > > > > > > > > AS_BOX([Associate lb1 to sw1]) > > > > @@ -1360,8 +1360,8 @@ AT_CAPTURE_FILE([sbflows11]) > > > > OVS_WAIT_FOR_OUTPUT( > > > > [ovn-sbctl dump-flows sw1 | tee sbflows11 | grep backends | grep > > > priority=120 | sed 's/table=..//' | sort], > > > > 0, [dnl > > > > - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst == > > > 10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10; > > > reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80);) > > > > - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst == > > > 10.0.0.40 && tcp.dst == 1000), action=(reg0[[1]] = 0; reg1 = 10.0.0.40; > > > reg2[[0..15]] = 1000; ct_lb(backends=10.0.0.3:1000,20.0.0.3:80);) > > > > + (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst == > > > 10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = > > > 10.0.0.10; reg2[[0..15]] = 80; ct_lb(backends=10.0.0.3:80,20.0.0.3:80 > );) > > > > + (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst == > > > 10.0.0.40 && tcp && tcp.dst == 1000), action=(reg0[[1]] = 0; reg1 = > > > 10.0.0.40; reg2[[0..15]] = 1000; ct_lb(backends=10.0.0.3:1000, > 20.0.0.3:80 > > > );) > > > > ]) > > > > > > > > AS_BOX([Now create lb2 same as lb1 but udp protocol.]) > > > > @@ -1417,8 +1417,8 @@ ovn-sbctl set service_monitor $sm_sw1_p1 > > > status=offline > > > > > > > > AT_CAPTURE_FILE([sbflows12]) > > > > OVS_WAIT_FOR_OUTPUT( > > > > - [ovn-sbctl dump-flows sw0 | tee sbflows12 | grep "ip4.dst == > > > 10.0.0.10 && tcp.dst == 80" | grep priority=120 | sed 's/table=..//'], > [0], > > > [dnl > > > > - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst == > > > 10.0.0.10 && tcp.dst == 80), action=(reg0 = 0; reject { outport <-> > inport; > > > next(pipeline=egress,table=5);};) > > > > + [ovn-sbctl dump-flows sw0 | tee sbflows12 | grep "ip4.dst == > > > 10.0.0.10 && tcp && tcp.dst == 80" | grep priority=120 | sed > > > 's/table=..//'], [0], [dnl > > > > + (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst == > > > 10.0.0.10 && tcp && tcp.dst == 80), action=(reg0 = 0; reject { outport > <-> > > > inport; next(pipeline=egress,table=5);};) > > > > ]) > > > > > > > > AT_CLEANUP > > > > @@ -3899,8 +3899,8 @@ check_stateful_flows() { > > > > > > > > AT_CHECK([grep "ls_in_lb" sw0flows | sort | sed > > > 's/table=../table=??/'], [0], [dnl > > > > table=??(ls_in_lb ), priority=0 , match=(1), > > > action=(next;) > > > > - table=??(ls_in_lb ), priority=120 , match=(ct.new && > > > ip4.dst == 10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = > > > 10.0.0.10; reg2[[0..15]] = 80; ct_lb_mark(backends=10.0.0.4:8080);) > > > > - table=??(ls_in_lb ), priority=120 , match=(ct.new && > > > ip4.dst == 10.0.0.20 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = > > > 10.0.0.20; reg2[[0..15]] = 80; ct_lb_mark(backends=10.0.0.40:8080);) > > > > + table=??(ls_in_lb ), priority=120 , match=(ct.new && > > > ip4.dst == 10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; > reg1 > > > = 10.0.0.10; reg2[[0..15]] = 80; ct_lb_mark(backends=10.0.0.4:8080);) > > > > + table=??(ls_in_lb ), priority=120 , match=(ct.new && > > > ip4.dst == 10.0.0.20 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; > reg1 > > > = 10.0.0.20; reg2[[0..15]] = 80; ct_lb_mark(backends=10.0.0.40:8080);) > > > > ]) > > > > > > > > AT_CHECK([grep "ls_in_stateful" sw0flows | sort | sed > > > 's/table=../table=??/'], [0], [dnl > > > > @@ -6415,7 +6415,7 @@ AT_CHECK([grep -e "ls_in_acl" lsflows | sed > > > 's/table=../table=??/' | sort], [0], > > > > > > > > AT_CHECK([grep -e "ls_in_lb" lsflows | sed 's/table=../table=??/' | > > > sort], [0], [dnl > > > > table=??(ls_in_lb ), priority=0 , match=(1), > > > action=(next;) > > > > - table=??(ls_in_lb ), priority=110 , match=(ct.new && > > > ip4.dst == 10.0.0.2), action=(reg0[[1]] = 0; reg1 = 10.0.0.2; > > > ct_lb_mark(backends=10.0.0.10);) > > > > + table=??(ls_in_lb ), priority=110 , match=(ct.new && > > > ip4.dst == 10.0.0.2 && tcp), action=(reg0[[1]] = 0; reg1 = 10.0.0.2; > > > ct_lb_mark(backends=10.0.0.10);) > > > > ]) > > > > > > > > AT_CHECK([grep -e "ls_in_stateful" lsflows | sed > 's/table=../table=??/' > > > | sort], [0], [dnl > > > > @@ -6468,7 +6468,7 @@ AT_CHECK([grep -e "ls_in_acl" lsflows | sed > > > 's/table=../table=??/' | sort], [0], > > > > > > > > AT_CHECK([grep -e "ls_in_lb" lsflows | sed 's/table=../table=??/' | > > > sort], [0], [dnl > > > > table=??(ls_in_lb ), priority=0 , match=(1), > > > action=(next;) > > > > - table=??(ls_in_lb ), priority=110 , match=(ct.new && > > > ip4.dst == 10.0.0.2), action=(reg0[[1]] = 0; reg1 = 10.0.0.2; > > > ct_lb_mark(backends=10.0.0.10);) > > > > + table=??(ls_in_lb ), priority=110 , match=(ct.new && > > > ip4.dst == 10.0.0.2 && tcp), action=(reg0[[1]] = 0; reg1 = 10.0.0.2; > > > ct_lb_mark(backends=10.0.0.10);) > > > > ]) > > > > > > > > AT_CHECK([grep -e "ls_in_stateful" lsflows | sed > 's/table=../table=??/' > > > | sort], [0], [dnl > > > > @@ -6521,7 +6521,7 @@ AT_CHECK([grep -e "ls_in_acl" lsflows | sed > > > 's/table=../table=??/' | sort], [0], > > > > > > > > AT_CHECK([grep -e "ls_in_lb" lsflows | sed 's/table=../table=??/' | > > > sort], [0], [dnl > > > > table=??(ls_in_lb ), priority=0 , match=(1), > > > action=(next;) > > > > - table=??(ls_in_lb ), priority=110 , match=(ct.new && > > > ip4.dst == 10.0.0.2), action=(reg0[[1]] = 0; reg1 = 10.0.0.2; > > > ct_lb_mark(backends=10.0.0.10);) > > > > + table=??(ls_in_lb ), priority=110 , match=(ct.new && > > > ip4.dst == 10.0.0.2 && tcp), action=(reg0[[1]] = 0; reg1 = 10.0.0.2; > > > ct_lb_mark(backends=10.0.0.10);) > > > > ]) > > > > > > > > AT_CHECK([grep -e "ls_in_stateful" lsflows | sed > 's/table=../table=??/' > > > | sort], [0], [dnl > > > > @@ -7487,7 +7487,7 @@ AT_CHECK([ovn-sbctl lflow-list | grep -e > natted -e > > > ct_lb], [0], [dnl > > > > table=6 (ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] > == 1 > > > && ip6 && tcp), action=(xxreg1 = ip6.dst; reg2[[0..15]] = tcp.dst; > > > ct_lb_mark;) > > > > table=6 (ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] > == 1 > > > && ip6 && udp), action=(xxreg1 = ip6.dst; reg2[[0..15]] = udp.dst; > > > ct_lb_mark;) > > > > table=6 (ls_in_pre_stateful ), priority=110 , match=(reg0[[2]] == > > > 1), action=(ct_lb_mark;) > > > > - table=11(ls_in_lb ), priority=110 , match=(ct.new && > > > ip4.dst == 66.66.66.66), action=(reg0[[1]] = 0; reg1 = 66.66.66.66; > > > ct_lb_mark(backends=42.42.42.2);) > > > > + table=11(ls_in_lb ), priority=110 , match=(ct.new && > > > ip4.dst == 66.66.66.66 && tcp), action=(reg0[[1]] = 0; reg1 = > 66.66.66.66; > > > ct_lb_mark(backends=42.42.42.2);) > > > > table=2 (ls_out_pre_stateful), priority=110 , match=(reg0[[2]] == > > > 1), action=(ct_lb_mark;) > > > > ]) > > > > > > > > @@ -7504,7 +7504,7 @@ AT_CHECK([ovn-sbctl lflow-list | grep -e > natted -e > > > ct_lb], [0], [dnl > > > > table=6 (ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] > == 1 > > > && ip6 && tcp), action=(xxreg1 = ip6.dst; reg2[[0..15]] = tcp.dst; > ct_lb;) > > > > table=6 (ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] > == 1 > > > && ip6 && udp), action=(xxreg1 = ip6.dst; reg2[[0..15]] = udp.dst; > ct_lb;) > > > > table=6 (ls_in_pre_stateful ), priority=110 , match=(reg0[[2]] == > > > 1), action=(ct_lb;) > > > > - table=11(ls_in_lb ), priority=110 , match=(ct.new && > > > ip4.dst == 66.66.66.66), action=(reg0[[1]] = 0; reg1 = 66.66.66.66; > > > ct_lb(backends=42.42.42.2);) > > > > + table=11(ls_in_lb ), priority=110 , match=(ct.new && > > > ip4.dst == 66.66.66.66 && tcp), action=(reg0[[1]] = 0; reg1 = > 66.66.66.66; > > > ct_lb(backends=42.42.42.2);) > > > > table=2 (ls_out_pre_stateful), priority=110 , match=(reg0[[2]] == > > > 1), action=(ct_lb;) > > > > ]) > > > > > > > > @@ -7521,7 +7521,7 @@ AT_CHECK([ovn-sbctl lflow-list | grep -e > natted -e > > > ct_lb], [0], [dnl > > > > table=6 (ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] > == 1 > > > && ip6 && tcp), action=(xxreg1 = ip6.dst; reg2[[0..15]] = tcp.dst; > > > ct_lb_mark;) > > > > table=6 (ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] > == 1 > > > && ip6 && udp), action=(xxreg1 = ip6.dst; reg2[[0..15]] = udp.dst; > > > ct_lb_mark;) > > > > table=6 (ls_in_pre_stateful ), priority=110 , match=(reg0[[2]] == > > > 1), action=(ct_lb_mark;) > > > > - table=11(ls_in_lb ), priority=110 , match=(ct.new && > > > ip4.dst == 66.66.66.66), action=(reg0[[1]] = 0; reg1 = 66.66.66.66; > > > ct_lb_mark(backends=42.42.42.2);) > > > > + table=11(ls_in_lb ), priority=110 , match=(ct.new && > > > ip4.dst == 66.66.66.66 && tcp), action=(reg0[[1]] = 0; reg1 = > 66.66.66.66; > > > ct_lb_mark(backends=42.42.42.2);) > > > > table=2 (ls_out_pre_stateful), priority=110 , match=(reg0[[2]] == > > > 1), action=(ct_lb_mark;) > > > > ]) > > > > > > > > @@ -7692,11 +7692,11 @@ AT_CAPTURE_FILE([S1flows]) > > > > > > > > AT_CHECK([grep "ls_in_lb" S0flows | sort], [0], [dnl > > > > table=11(ls_in_lb ), priority=0 , match=(1), > > > action=(next;) > > > > - table=11(ls_in_lb ), priority=120 , match=(ct.new && > > > ip4.dst == 172.16.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = > > > 172.16.0.10; reg2[[0..15]] = 80; ct_lb_mark(backends=10.0.0.2:80);) > > > > + table=11(ls_in_lb ), priority=120 , match=(ct.new && > > > ip4.dst == 172.16.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; > > > reg1 = 172.16.0.10; reg2[[0..15]] = 80; ct_lb_mark(backends=10.0.0.2 > :80);) > > > > ]) > > > > AT_CHECK([grep "ls_in_lb" S1flows | sort], [0], [dnl > > > > table=11(ls_in_lb ), priority=0 , match=(1), > > > action=(next;) > > > > - table=11(ls_in_lb ), priority=120 , match=(ct.new && > > > ip4.dst == 172.16.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = > > > 172.16.0.10; reg2[[0..15]] = 80; ct_lb_mark(backends=10.0.0.2:80);) > > > > + table=11(ls_in_lb ), priority=120 , match=(ct.new && > > > ip4.dst == 172.16.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; > > > reg1 = 172.16.0.10; reg2[[0..15]] = 80; ct_lb_mark(backends=10.0.0.2 > :80);) > > > > ]) > > > > > > > > ovn-sbctl get datapath S0 _uuid > dp_uuids > > > > diff --git a/tests/ovn.at b/tests/ovn.at > > > > index c2bcb721a..6dbb88a5e 100644 > > > > --- a/tests/ovn.at > > > > +++ b/tests/ovn.at > > > > @@ -23606,7 +23606,7 @@ OVS_WAIT_FOR_OUTPUT( > > > > (ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] == 1 && > ip6 > > > && sctp), action=(xxreg1 = ip6.dst; reg2[[0..15]] = sctp.dst; > ct_lb_mark;) > > > > (ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] == 1 && > ip6 > > > && tcp), action=(xxreg1 = ip6.dst; reg2[[0..15]] = tcp.dst; > ct_lb_mark;) > > > > (ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] == 1 && > ip6 > > > && udp), action=(xxreg1 = ip6.dst; reg2[[0..15]] = udp.dst; > ct_lb_mark;) > > > > - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst == > > > 10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = 10.0.0.10; > > > reg2[[0..15]] = 80; ct_lb_mark(backends=10.0.0.3:80,20.0.0.3:80; > > > hash_fields="ip_dst,ip_src,tcp_dst,tcp_src");) > > > > + (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst == > > > 10.0.0.10 && tcp && tcp.dst == 80), action=(reg0[[1]] = 0; reg1 = > > > 10.0.0.10; reg2[[0..15]] = 80; ct_lb_mark(backends=10.0.0.3:80, > 20.0.0.3:80; > > > hash_fields="ip_dst,ip_src,tcp_dst,tcp_src");) > > > > ]) > > > > > > > > AT_CAPTURE_FILE([sbflows2]) > > > > @@ -23646,9 +23646,9 @@ grep "405400000003${svc_mon_src_mac}" | wc > -l`] > > > > AT_CAPTURE_FILE([sbflows3]) > > > > ovn-sbctl dump-flows sw0 > sbflows3 > > > > AT_CHECK( > > > > - [grep "ip4.dst == 10.0.0.10 && tcp.dst == 80" sbflows3 | grep > > > priority=120 |\ > > > > + [grep "ip4.dst == 10.0.0.10 && tcp && tcp.dst == 80" sbflows3 | > grep > > > priority=120 |\ > > > > sed 's/table=../table=??/'], [0], > > > > - [ table=??(ls_in_lb ), priority=120 , match=(ct.new && > > > ip4.dst == 10.0.0.10 && tcp.dst == 80), action=(drop;) > > > > + [ table=??(ls_in_lb ), priority=120 , match=(ct.new && > > > ip4.dst == 10.0.0.10 && tcp && tcp.dst == 80), action=(drop;) > > > > ]) > > > > > > > > AT_CAPTURE_FILE([sbflows4]) > > > > diff --git a/utilities/ovn-nbctl.8.xml b/utilities/ovn-nbctl.8.xml > > > > index 040d05227..a127c5b34 100644 > > > > --- a/utilities/ovn-nbctl.8.xml > > > > +++ b/utilities/ovn-nbctl.8.xml > > > > @@ -1276,9 +1276,8 @@ > > > > The optional argument <var>protocol</var> must be either > > > > <code>tcp</code>, <code>udp</code> or <code>sctp</code>. > This > > > argument > > > > is useful when a port number is provided as part of the > > > <var>vip</var>. > > > > - If the <var>protocol</var> is unspecified and a port > number is > > > provided > > > > - as part of the <var>vip</var>, OVN assumes the > > > <var>protocol</var> to > > > > - be <code>tcp</code>. > > > > + If the <var>protocol</var> is unspecified OVN assumes the > > > > + <var>protocol</var> to be <code>tcp</code>. > > > > </p> > > > > > > > > <p> > > > > -- > > > > 2.37.2 > > > > > > > > _______________________________________________ > > > > dev mailing list > > > > [email protected] > > > > https://mail.openvswitch.org/mailman/listinfo/ovs-dev > > > > > > > > > -- > > > > Ales Musil > > > > Senior Software Engineer - OVN Core > > > > Red Hat EMEA <https://www.redhat.com> > > > > [email protected] IM: amusil > > <https://red.ht/sig> > > _______________________________________________ > > dev mailing list > > [email protected] > > https://mail.openvswitch.org/mailman/listinfo/ovs-dev > > > > -- Ales Musil Senior Software Engineer - OVN Core Red Hat EMEA <https://www.redhat.com> [email protected] IM: amusil <https://red.ht/sig> _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
