On Wed, Feb 22, 2023 at 10:35:24PM -0800, Han Zhou wrote:
> The check_virtual_offlows_not_present() function in the case "virtual
> ports" has the wrong table id 45, which should be 44. However,
> correcting the table id makes the case failing, because the two ACLs
> added by the case were in fact overlapping:
>
> check ovn-nbctl acl-add sw0 to-lport 1000 'is_chassis_resident("sw0-vir") &&
> ip' allow
> check ovn-nbctl acl-add sw0 to-lport 1000 'is_chassis_resident("sw0-vir6") &&
> ip' allow
>
> Because ip4 v.s. ip6 is not specified, both ACLs would generate OVS
> flows for both ip4 and ip6 when the virtual ports are resisdent on the
> chassis, and the OVS flows would remain on the chassis if one of the
> ports are released but the other is remaining. This is why the
> check_virtual_offlows_not_present() would always fail.
>
> This patch corrects the table id and fixes the ACLs with proper IP
> protocol, and updates the check_virtual_offlows_xxx() functions so that
> only ipv4 flows are dumpped and checked which is what those functions
> are used for.
>
> Signed-off-by: Han Zhou <[email protected]>
Reviewed-by: Simon Horman <[email protected]>
Tested-by: Simon Horman <[email protected]>
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
