On Wed, Jul 17, 2024 at 2:59 PM Ilya Maximets <[email protected]> wrote: > > On 7/16/24 23:16, [email protected] wrote: > > From: Numan Siddique <[email protected]> > > > > When there are ECMP symmetric static routes configured, OVN selects > > one of the next hop for the traffic originated from within the > > cluster. For the subsequent packets to the same destination, > > OVN may select a different next hop (which is fine). But there can > > be certain usecases, where the next hop entity can be stateful and > > selecting the same next hop is desirable. > > > > This patch address this usecase in the following way > > > > 1. For the first packet originating from the OVN logical port > > VIF, OVN selects a next hop 'A' and forwards the traffic to > > it. > > > > 2. When the reply traffic is received (either from next hop 'A' > > or any other next hop), it commits the connection in the > > DNAT zone of the logical router and saves the state in > > ct_label.ecmp_reply_eth and ct_label.ecmp_reply_port. > > Note that we already support this for the traffic > > originating from an ECMP route [1]. We are now extending > > the same for the traffic originating from the cluster towards > > the ECMP route. > > > > 3. For the subsequent packets from the cluster, we select the > > next hop eth address and the port from the saved conntrack > > state. This is straightforward as we anyway send the packet > > to the DNAT zone of the logical router. > > Hi, Numan. Thanks for the change! > > It seems like you missed the update for system tests. A few ECMP > system tests are failing in CI.
Thanks for the review and pointing this out. I'll fix it in v2. > > Also, not sure how big of a problem that is, but we may still spray > out uni-directional traffic. For example, any UDP tunnels may still > be re-shuffled. Do we need a solution for those? I think that's ok. If OVN doesn't see the reply, then its fine for the traffic from pod to external is load balanced between the ecmp routes. Once the reply is seen, this patch would save the state in conntrack and going forward, the same route will be used to forward the traffic for that connection. Numan > > Best regards, Ilya Maximets. > _______________________________________________ > dev mailing list > [email protected] > https://mail.openvswitch.org/mailman/listinfo/ovs-dev > _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
