On 4/25/25 11:06 AM, Eelco Chaudron wrote:
>
>
> On 25 Apr 2025, at 0:06, Ilya Maximets wrote:
>
>> The regex for loaded connections is matching on \d as a first symbol,
>> expecting an IP address. But that doesn't work for IPv6 addresses
>> as there are likely hex symbols and not just digits. This is causing
>> ovs-monitor-ipsec daemon to periodically remove established IPv6
>> connections thinking they are not properly loaded:
>>
>> 851 | INFO | ovn-e629de-0-in-1 is half-loaded, removing
>> 853 | INFO | ovn-e629de-0-out-1 is half-loaded, removing
>> 855 | INFO | Adding ipsec connection ovn-e629de-0-in-1
>> 857 | INFO | Starting ipsec connection ovn-e629de-0-out-1
>>
>> Fix the regex to include all the hex characters. This is still not
>> great that we rely on string parsing for this, but there is currently
>> no better interface.
>>
>> Fixes: 25a301822e0d ("ipsec: libreswan: Reconcile missing connections
>> periodically.")
>> Reported-at: https://issues.redhat.com/browse/FDP-1328
>> Signed-off-by: Ilya Maximets <i.maxim...@ovn.org>
>
> Thank Ilya, did some local testing on my setup, and it all works fine.
>
> Acked-by: Eelco Chaudron <echau...@redhat.com>
>
Thanks, Eelco! Applied and backported to all affected branches down to 3.2.
Best regards, Ilya Maximets.
_______________________________________________
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
