On Fri, Jul 21, 2023 at 12:16 PM Ilya Maximets <[email protected]> wrote: > > On 7/20/23 16:46, Aaron Conole wrote: > > Mike Pattrick <[email protected]> writes: > > > >> Currently OVS keeps track of which mirrors that each packet has been > >> sent to for the purpose of deduplication. However, this doesn't consider > >> that openflow rules can make significant changes to packets after > >> ingress. > >> > >> For example, OVN can create OpenFlow rules that turn an echo request > >> into an echo response by flipping source/destination addresses and > >> setting the ICMP type to Reply. When a mirror is configured, only the > >> request gets mirrored even though a response is received. > >> > >> This can cause a false impression of the actual traffic on wire if > >> someone inspects the mirror and doesn't see an echo reply even though > >> one has been sent. > >> > >> This patch resets the mirrors every time a packet is modified, so > >> mirrors will receive every copy of a packet that is sent for output. > >> > >> Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=2155579 > >> Signed-off-by: Mike Pattrick <[email protected]> > >> > >> --- > > > > Acked-by: Aaron Conole <[email protected]> > > Thanks, Mike, Eelco and Aaron! > > Applied and backported down to 2.17.
Hello Ilya, Thank you for backporting this, is it possible to apply it back to 2.13 for OSP 16.1? > > Best regards, Ilya Maximets. > _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
