Fix the following error reported in build_lb_vip_actions() if the CMS configure a load balancer with no backends:
2025-01-21T18:18:26.668Z|04152|lflow|WARN|error parsing actions "flags.force_snat_for_lb = 1; drop;": Syntax error at `drop' expecting action. The issue can be triggered with the following reproducer in ovn-sandbox: $ovn-nbctl create load_balancer name=lb-empty vips:\"172.168.10.30\"=\"\" protocol=tcp options:skip_snat=true $ovn-nbctl lr-lb-add lr0 lb-empty $grep Syntax ./sandbox/ovn-controller.log 2025-01-22T17:13:49.709Z|00047|lflow|WARN|error parsing actions "flags.skip_snat_for_lb = 1; drop;": Syntax error at `drop' expecting action. Reported-at: https://issues.redhat.com/browse/FDP-1095 Signed-off-by: Lorenzo Bianconi <lorenzo.bianc...@redhat.com> --- northd/northd.c | 8 ++++++-- tests/ovn-northd.at | 4 ++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/northd/northd.c b/northd/northd.c index a91e48ac2..b0086c337 100644 --- a/northd/northd.c +++ b/northd/northd.c @@ -3792,10 +3792,14 @@ build_lb_vip_actions(const struct ovn_northd_lb *lb, const char *enclose = is_lb_action ? ");" : ""; if (!ls_dp) { - ds_put_format(skip_snat_action, "flags.skip_snat_for_lb = 1; %s%s", + if (!drop) { + ds_put_cstr(skip_snat_action, "flags.skip_snat_for_lb = 1; "); + ds_put_cstr(force_snat_action, "flags.force_snat_for_lb = 1; "); + } + ds_put_format(skip_snat_action, "%s%s", ds_cstr(action), is_lb_action ? "; skip_snat);" : enclose); - ds_put_format(force_snat_action, "flags.force_snat_for_lb = 1; %s%s", + ds_put_format(force_snat_action, "%s%s", ds_cstr(action), is_lb_action ? "; force_snat);" : enclose); } diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at index c74d57f7e..fd491c5b6 100644 --- a/tests/ovn-northd.at +++ b/tests/ovn-northd.at @@ -6566,7 +6566,7 @@ check ovn-nbctl --wait=sb set load_balancer lb6 options:skip_snat=true AT_CHECK([ovn-sbctl dump-flows lr0 | grep "lr_in_dnat" | ovn_strip_lflows], [0], [dnl table=??(lr_in_dnat ), priority=0 , match=(1), action=(next;) - table=??(lr_in_dnat ), priority=110 , match=(ct.new && !ct.rel && ip4 && ip4.dst == 172.168.10.30), action=(flags.skip_snat_for_lb = 1; drop;) + table=??(lr_in_dnat ), priority=110 , match=(ct.new && !ct.rel && ip4 && ip4.dst == 172.168.10.30), action=(drop;) table=??(lr_in_dnat ), priority=50 , match=(ct.est && !ct.rel && !ct.new && !ct.rpl && ct_mark.natted), action=(next;) table=??(lr_in_dnat ), priority=50 , match=(ct.rel && !ct.est && !ct.new && !ct.rpl), action=(ct_commit_nat;) table=??(lr_in_dnat ), priority=70 , match=(ct.est && !ct.rel && !ct.new && !ct.rpl && ct_mark.natted && ct_mark.force_snat == 1), action=(flags.force_snat_for_lb = 1; next;) @@ -6582,7 +6582,7 @@ check ovn-nbctl --wait=sb set logical_router lr0 options:lb_force_snat_ip="route AT_CHECK([ovn-sbctl dump-flows lr0 | grep "lr_in_dnat" | ovn_strip_lflows], [0], [dnl table=??(lr_in_dnat ), priority=0 , match=(1), action=(next;) - table=??(lr_in_dnat ), priority=110 , match=(ct.new && !ct.rel && ip4 && ip4.dst == 172.168.10.30), action=(flags.force_snat_for_lb = 1; drop;) + table=??(lr_in_dnat ), priority=110 , match=(ct.new && !ct.rel && ip4 && ip4.dst == 172.168.10.30), action=(drop;) table=??(lr_in_dnat ), priority=50 , match=(ct.est && !ct.rel && !ct.new && !ct.rpl && ct_mark.natted), action=(next;) table=??(lr_in_dnat ), priority=50 , match=(ct.rel && !ct.est && !ct.new && !ct.rpl), action=(ct_commit_nat;) table=??(lr_in_dnat ), priority=70 , match=(ct.est && !ct.rel && !ct.new && !ct.rpl && ct_mark.natted && ct_mark.force_snat == 1), action=(flags.force_snat_for_lb = 1; next;) -- 2.48.1 _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
