Viacheslav Galaktionov via dev <[email protected]> writes: > The current protocol detection logic relies on two pieces of metadata > passed as arguments: tp_src and tp_dst, which represent the L4 source > and destination port numbers from the flow that triggered the current > flow rule first, and was responsible for creating the current DP flow. > > Since multiple network flows of many different kinds, potentially using > different protocols on all layers, can be processed by one flow rule, > using the metadata of some unrelated flow might lead to unexpected > results. For example, ICMP type and code can be interpreted as TCP > source and destination ports. This can confuse the code responsible for > the helper selection, leading to errors in traffic handling and > incorrect detection of related flows. > > One of the easiest ways to fix this problem is to simply remove the > tp_src and tp_dst parameters from the picture. The current code base has > no good use for them. > > The helper selection logic was based on these values and therefore needs > to be changed. Ensure that the helper specified in a flow rule is used, > given it is compatible with the L4 protocol of the packet. When a flow > rule does not specify a helper, one can still be picked using the given > packet's metadata like TCP/UDP ports. > > Signed-off-by: Viacheslav Galaktionov <[email protected]> > ---
Thanks, applied. _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
