Bug 1828933

Summary: RFE: support packet marking for packets with logical router policies applied.
Product: Red Hat Enterprise Linux Fast Datapath Reporter: Alexander Constantinescu <aconstan>
Component: ovn2.13Assignee: Numan Siddique <nusiddiq>
Status: CLOSED ERRATA QA Contact: Jianlin Shi <jishi>
Severity: high Docs Contact:
Priority: high    
Version: RHEL 8.0CC: ctrautma, jishi, nusiddiq, ralongi
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ovn2.13-20.06.1-1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-08-18 11:23:51 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Alexander Constantinescu 2020-04-28 15:32:02 UTC 
Description of problem:

This is an RFE related to adding packet marking for traffic originating from a logical switch port. The reasons for this request are:

- As a user of OVN I would like to distinguish traffic originating from a specific logical switch port / set of logical switch ports. I would like to do so even though all logical switch ports on a logical switch might be using the same logical router in OVN. 

In ovn-kubernetes we today have the following programmed OVS flows for one logical switch port in OVN, in this example with IP 10.128.0.17:

table=9,priority=90,ip,reg14=0x19,metadata=0x2,dl_src=ba:69:0e:80:00:12,nw_src=10.128.0.17 actions=resubmit(,10)
table=10,priority=90,arp,reg14=0x19,metadata=0x2,dl_src=ba:69:0e:80:00:12,arp_spa=10.128.0.17,arp_sha=ba:69:0e:80:00:12 actions=resubmit(,11)
 cookie=0x3632e5be, duration=4508.781s, table=21, n_packets=0, n_bytes=0, priority=100,arp,reg14=0x19,metadata=0x2,arp_tpa=10.128.0.17,arp_op=1 actions=resubmit(,22)
table=21,priority=50,arp,metadata=0x2,arp_tpa=10.128.0.17,arp_op=1 actions=move:NXM_OF_ETH_SRC[]->NXM_OF_ETH_DST[],set_field:ba:69:0e:80:00:12->eth_src,set_field:2->arp_op,move:NXM_NX_ARP_SHA[]->NXM_NX_ARP_THA[],set_field:ba:69:0e:80:00:12->arp_sha,move:NXM_OF_ARP_SPA[]->NXM_OF_ARP_TPA[],set_field:10.128.0.17->arp_spa,move:NXM_NX_REG14[]->NXM_NX_REG15[],load:0x1->NXM_NX_REG10[0],resubmit(,32)
table=48,priority=90,ip,reg15=0x19,metadata=0x2,dl_dst=ba:69:0e:80:00:12,nw_dst=10.128.0.17 actions=resubmit(,49)

Packet marking would, as an example, entail having OVN program the table=9 (egress) flow as follows:

table=9,priority=90,ip,reg14=0x19,metadata=0x2,dl_src=ba:69:0e:80:00:12,nw_src=10.128.0.17 actions=set_field:$HEXADECIMAL_VALUE->pkt_mark,resubmit(,10)

The solution could be: adding a field "mark" on the logical switch port object, allowing the user of OVN to set this field to a hexadecimal value of his/hers choosing.

FYI: I have discussed this with Numan, so he might understand our requirements the best.
Comment 1 Numan Siddique 2020-05-03 07:24:19 UTC 
Submitted the patch for review - https://patchwork.ozlabs.org/project/openvswitch/patch/20200501184810.1082602-1-numans@ovn.org/
Comment 2 Numan Siddique 2020-06-17 18:17:20 UTC 
This RFE is now changed to marking the packet for packets which hit the logical router policies.
CMS (in this case OpenShift) has to set the packer mark value for each logical router policy it sets.
Comment 6 Jianlin Shi 2020-07-15 07:18:23 UTC 
Verified on ovn2.13-20.06.1-2.el8fdp.x86_64:

+ systemctl start openvswitch                                                                                                                                                                              
+ systemctl start ovn-northd                                                                                        
+ ovn-nbctl set-connection ptcp:6641                                                                                  
+ ovn-sbctl set-connection ptcp:6642                                                                                  
+ ovs-vsctl set open . external_ids:system-id=hv1 external_ids:ovn-remote=tcp:20.0.111.25:6642 external_ids:ovn-encap-type=geneve external_ids:ovn-encap-ip=20.0.111.25
+ systemctl restart ovn-controller                       
+ ip netns add server0                                                                                  
+ ip link add veth0_s0 netns server0 type veth peer name veth0_s0_p                                    
+ ip netns exec server0 ip link set lo up                                                     
+ ip netns exec server0 ip link set veth0_s0 up                                                                                                                             
+ ip netns exec server0 ip link set veth0_s0 address 00:00:00:01:01:02                                                                                                   
+ ip netns exec server0 ip addr add 192.168.1.1/24 dev veth0_s0                                                                                                                                            
+ ip netns exec server0 ip -6 addr add 3001::1/64 dev veth0_s0                                                                                                                                             
+ ip netns exec server0 ip route add default via 192.168.1.254 dev veth0_s0                                                                                                                                
+ ip netns exec server0 ip -6 route add default via 3001::a dev veth0_s0                                                                                                                                   
+ ovs-vsctl add-port br-int veth0_s0_p                                                                                                                                                                     
+ ip link set veth0_s0_p up                                                                                                                                                                                
+ ovs-vsctl set interface veth0_s0_p external_ids:iface-id=ls1p1                                                                                                           
+ ovn-nbctl ls-add ls1                                                                                                                                                                                     
+ ovn-nbctl lsp-add ls1 ls1p1                                                                                         
+ ovn-nbctl lsp-set-addresses ls1p1 00:00:00:01:01:02                                                                 
+ ovn-nbctl lr-add lr1                                                                                                
+ ovn-nbctl lrp-add lr1 lr1-ls1 00:00:00:00:00:01 192.168.1.254/24 3001::a/64
+ ovn-nbctl lsp-add ls1 ls1-lr1                                                                         
+ ovn-nbctl lsp-set-type ls1-lr1 router                                                                
+ ovn-nbctl lsp-set-options ls1-lr1 router-port=lr1-ls1                                                                                                                    
+ ovn-nbctl lsp-set-addresses ls1-lr1 '00:00:00:00:00:01 192.168.1.254/24 3001::a/64'                                                        
+ ovn-nbctl ls-add ls2                                                                                               
+ ovn-nbctl lsp-add ls2 ls2-lr1                                                                                       
+ ovn-nbctl lsp-set-type ls2-lr1 router                                                                                                                                     
+ ovn-nbctl lsp-set-options ls2-lr1 router-port=lr1-ls2                                                                                                                    
+ ovn-nbctl lsp-set-addresses ls2-lr1 '00:00:00:00:00:02 192.168.0.254/24 3000::a/64'                                                                                                                      
+ ovn-nbctl lrp-add lr1 lr1-ls2 00:00:00:00:00:02 192.168.0.254/24 3000::a/64                                                                                                                              
+ ovn-nbctl lsp-add ls2 ls2p1                                                                                                                                                                              
+ ovn-nbctl lsp-set-addresses ls2p1 00:00:00:02:01:01                                                                                                                                                      
+ ip netns add server1                                                                                                                                                                                     
+ ip link add veth0_s1 netns server1 type veth peer name veth0_s1_p                                                                                                                                        
+ ip netns exec server1 ip link set lo up                                                              
+ ip netns exec server1 ip link set veth0_s1 up                                                                                                                                                            
+ ip netns exec server1 ip link set veth0_s1 address 00:00:00:02:01:01                               
+ ip netns exec server1 ip addr add 192.168.0.1/24 dev veth0_s1                              
+ ip netns exec server1 ip -6 addr add 3000::1/64 dev veth0_s1                                                                                                               
+ ip netns exec server1 ip route add default via 192.168.0.254 dev veth0_s1                                                                   
+ ip netns exec server1 ip -6 route add default via 3000::a dev veth0_s1                                              
+ ovs-vsctl add-port br-int veth0_s1_p                                                                                   
+ ip link set veth0_s1_p up                                                                                            
+ ovs-vsctl set interface veth0_s1_p external_ids:iface-id=ls2p1                                                                                                            
+ ovs-vsctl add-br br-phys                                                                                                                                                 
+ ovs-vsctl set open . external-ids:ovn-bridge-mappings=public:br-phys                                                                                                                                     
+ ovn-nbctl ls-add public                                                                                                                                                                                  
+ ovn-nbctl lrp-add lr1 lr1_p 00:00:20:20:12:13 172.168.0.100/24 1111::100/64                                                                                                                              
+ ovn-nbctl lsp-add public p_lr1                                                                                                                                                                           
+ ovn-nbctl lsp-set-type p_lr1 router                                                                                                                                                                      
+ ovn-nbctl lsp-set-addresses p_lr1 router                                                                                                                                                                 
+ ovn-nbctl lsp-set-options p_lr1 router-port=lr1_p                                                    
+ ovn-nbctl lsp-add public ln_public                                                                                                                                                                       
+ ovn-nbctl lsp-set-type ln_public localnet                                                                                                                                                                
+ ovn-nbctl lsp-set-addresses ln_public unknown
+ ovn-nbctl lsp-set-options ln_public network_name=public                                                             
+ ip netns add ext
+ ip link add veth0_e netns ext type veth peer name veth0_e_p
+ ovs-vsctl add-port br-phys veth0_e_p
+ ip link set veth0_e_p up
+ ip netns exec ext ip link set veth0_e up
+ ip netns exec ext ip addr add 172.168.0.1/24 dev veth0_e
+ ip netns exec ext ip -6 addr add 1111::1/64 dev veth0_e
+ ip netns exec ext ip route add default via 172.168.0.100 dev veth0_e
+ ip netns exec ext ip -6 route add default via 1111::100 dev veth0_e
+ ovn-nbctl lr-policy-add lr1 2000 ip4.src==192.168.0.1 allow 
+ ovn-nbctl lr-policy-add lr1 1000 ip6.src==3001::1 allow
++ ovn-nbctl --bare --columns _uuid find logical_router_policy priority=2000
+ pol1=28a3d88a-6d28-4d8d-af17-beeba72b463e
++ ovn-nbctl --bare --columns _uuid find logical_router_policy priority=1000
+ pol2=16cf38cf-8fba-47ea-9991-2cf5833a6e52
+ ovn-nbctl set logical_router_policy 28a3d88a-6d28-4d8d-af17-beeba72b463e options:pkt_mark=100
+ ovs-ofctl --protocols=OpenFlow13 add-flow br-phys 'table=0, priority=100, pkt_mark=0x64 actions=drop'
+ ovn-nbctl --wait=hv sync
+ ip netns exec server1 ping 172.168.0.1 -c 1
PING 172.168.0.1 (172.168.0.1) 56(84) bytes of data.
64 bytes from 172.168.0.1: icmp_seq=1 ttl=63 time=4.92 ms

--- 172.168.0.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 4.915/4.915/4.915/0.000 ms
+ ovs-ofctl dump-flows br-int table=19
 cookie=0x4d648ee2, duration=0.114s, table=19, n_packets=1, n_bytes=98, priority=2000,ip,metadata=0x2,nw_src=192.168.0.1 actions=load:0x64->NXM_NX_PKT_MARK[],resubmit(,20)
 cookie=0x4cf0e735, duration=0.147s, table=19, n_packets=0, n_bytes=0, priority=1000,ipv6,metadata=0x2,ipv6_src=3001::1 actions=resubmit(,20)
 cookie=0x6e12013e, duration=0.846s, table=19, n_packets=1, n_bytes=98, priority=0,metadata=0x2 actions=resubmit(,20)
 cookie=0x2562052e, duration=0.843s, table=19, n_packets=7, n_bytes=494, priority=0,metadata=0x3 actions=resubmit(,20)
 cookie=0x7d636781, duration=0.842s, table=19, n_packets=1, n_bytes=86, priority=0,metadata=0x1 actions=resubmit(,20)
 cookie=0x3b96cdee, duration=0.471s, table=19, n_packets=7, n_bytes=570, priority=0,metadata=0x4 actions=resubmit(,20)
+ ovs-ofctl dump-flows br-phys table=0
 cookie=0x0, duration=0.080s, table=0, n_packets=0, n_bytes=0, priority=100,pkt_mark=0x64 actions=drop

 cookie=0x0, duration=0.584s, table=0, n_packets=7, n_bytes=570, priority=0 actions=NORMAL
+ ip netns exec server1 ping 172.168.0.1 -c 1
PING 172.168.0.1 (172.168.0.1) 56(84) bytes of data.

--- 172.168.0.1 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms

+ ovs-ofctl dump-flows br-int table=19
 cookie=0x4d648ee2, duration=10.161s, table=19, n_packets=2, n_bytes=196, priority=2000,ip,metadata=0x2,nw_src=192.168.0.1 actions=load:0x64->NXM_NX_PKT_MARK[],resubmit(,20)
 cookie=0x4cf0e735, duration=10.194s, table=19, n_packets=0, n_bytes=0, priority=1000,ipv6,metadata=0x2,ipv6_src=3001::1 actions=resubmit(,20)
 cookie=0x6e12013e, duration=10.893s, table=19, n_packets=1, n_bytes=98, priority=0,metadata=0x2 actions=resubmit(,20)
 cookie=0x2562052e, duration=10.890s, table=19, n_packets=13, n_bytes=1062, priority=0,metadata=0x3 actions=resubmit(,20)
 cookie=0x7d636781, duration=10.889s, table=19, n_packets=5, n_bytes=446, priority=0,metadata=0x1 actions=resubmit(,20)
 cookie=0x3b96cdee, duration=10.518s, table=19, n_packets=17, n_bytes=1394, priority=0,metadata=0x4 actions=resubmit(,20)
+ ovs-ofctl dump-flows br-phys table=0
 cookie=0x0, duration=10.126s, table=0, n_packets=1, n_bytes=98, priority=100,pkt_mark=0x64 actions=drop


 cookie=0x0, duration=10.630s, table=0, n_packets=16, n_bytes=1296, priority=0 actions=NORMAL
+ ovn-nbctl set logical_router_policy 16cf38cf-8fba-47ea-9991-2cf5833a6e52 options:pkt_mark=5
+ ovs-ofctl --protocols=OpenFlow13 add-flow br-phys 'table=0, priority=100, pkt_mark=0x5 actions=drop'
+ ovn-nbctl --wait=hv sync
+ ip netns exec server0 ping6 1111::1 -c 1
PING 1111::1(1111::1) 56 data bytes
64 bytes from 1111::1: icmp_seq=1 ttl=63 time=7.50 ms

--- 1111::1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 7.500/7.500/7.500/0.000 ms
+ ovs-ofctl dump-flows br-int table=19
 cookie=0x4d648ee2, duration=10.301s, table=19, n_packets=2, n_bytes=196, priority=2000,ip,metadata=0x2,nw_src=192.168.0.1 actions=load:0x64->NXM_NX_PKT_MARK[],resubmit(,20)
 cookie=0xf6f121d1, duration=0.112s, table=19, n_packets=1, n_bytes=118, priority=1000,ipv6,metadata=0x2,ipv6_src=3001::1 actions=load:0x5->NXM_NX_PKT_MARK[],resubmit(,20)
 cookie=0x6e12013e, duration=11.033s, table=19, n_packets=2, n_bytes=216, priority=0,metadata=0x2 actions=resubmit(,20)
 cookie=0x2562052e, duration=11.030s, table=19, n_packets=13, n_bytes=1062, priority=0,metadata=0x3 actions=resubmit(,20)
 cookie=0x7d636781, duration=11.030s, table=19, n_packets=11, n_bytes=1026, priority=0,metadata=0x1 actions=resubmit(,20)
 cookie=0x3b96cdee, duration=10.659s, table=19, n_packets=25, n_bytes=2146, priority=0,metadata=0x4 actions=resubmit(,20)
+ ovs-ofctl dump-flows br-phys table=0
 cookie=0x0, duration=10.266s, table=0, n_packets=1, n_bytes=98, priority=100,pkt_mark=0x64 actions=drop
 cookie=0x0, duration=0.077s, table=0, n_packets=0, n_bytes=0, priority=100,pkt_mark=0x5 actions=drop

 cookie=0x0, duration=10.770s, table=0, n_packets=24, n_bytes=2048, priority=0 actions=NORMAL
+ ip netns exec server0 ping6 1111::1 -c 1
PING 1111::1(1111::1) 56 data bytes

--- 1111::1 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms

+ ovs-ofctl dump-flows br-int table=19
 cookie=0x4d648ee2, duration=20.348s, table=19, n_packets=2, n_bytes=196, priority=2000,ip,metadata=0x2,nw_src=192.168.0.1 actions=load:0x64->NXM_NX_PKT_MARK[],resubmit(,20)
 cookie=0xf6f121d1, duration=10.159s, table=19, n_packets=2, n_bytes=236, priority=1000,ipv6,metadata=0x2,ipv6_src=3001::1 actions=load:0x5->NXM_NX_PKT_MARK[],resubmit(,20)
 cookie=0x6e12013e, duration=21.080s, table=19, n_packets=2, n_bytes=216, priority=0,metadata=0x2 actions=resubmit(,20)
 cookie=0x2562052e, duration=21.077s, table=19, n_packets=14, n_bytes=1132, priority=0,metadata=0x3 actions=resubmit(,20)
 cookie=0x7d636781, duration=21.076s, table=19, n_packets=15, n_bytes=1386, priority=0,metadata=0x1 actions=resubmit(,20)
 cookie=0x3b96cdee, duration=20.705s, table=19, n_packets=29, n_bytes=2506, priority=0,metadata=0x4 actions=resubmit(,20)
+ ovs-ofctl dump-flows br-phys table=0
 cookie=0x0, duration=20.313s, table=0, n_packets=1, n_bytes=98, priority=100,pkt_mark=0x64 actions=drop
 cookie=0x0, duration=10.124s, table=0, n_packets=1, n_bytes=118, priority=100,pkt_mark=0x5 actions=drop

 cookie=0x0, duration=20.817s, table=0, n_packets=27, n_bytes=2290, priority=0 actions=NORMAL

[root@hp-dl380pg8-12 bz1828933]# rpm -qa | grep -E "openvswitch|ovn"
openvswitch2.13-2.13.0-41.el8fdb.x86_64
ovn2.13-central-20.06.1-2.el8fdp.x86_64
openvswitch-selinux-extra-policy-1.0-23.el8fdp.noarch
ovn2.13-host-20.06.1-2.el8fdp.x86_64
ovn2.13-20.06.1-2.el8fdp.x86_64

Add bz1857106 to track the issue for first ping packet
Comment 7 Jianlin Shi 2020-07-15 07:20:52 UTC 
Verified on ovn2.13-20.06.1-2.el7fdp.x86_64:

+ ip netns exec server1 ping 172.168.0.1 -c 1
PING 172.168.0.1 (172.168.0.1) 56(84) bytes of data.                                                                                                                                                       
64 bytes from 172.168.0.1: icmp_seq=1 ttl=63 time=4.79 ms                                    
                                                                                             
--- 172.168.0.1 ping statistics ---                                                                   
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 4.795/4.795/4.795/0.000 ms
+ ovs-ofctl dump-flows br-int table=19             
 cookie=0x1e3e6d1, duration=0.099s, table=19, n_packets=1, n_bytes=98, priority=2000,ip,metadata=0x2,nw_src=192.168.0.1 actions=load:0x64->NXM_NX_PKT_MARK[],resubmit(,20)
 cookie=0x71413126, duration=0.129s, table=19, n_packets=0, n_bytes=0, priority=1000,ipv6,metadata=0x2,ipv6_src=3001::1 actions=resubmit(,20)
 cookie=0x40f312ff, duration=0.141s, table=19, n_packets=1, n_bytes=98, priority=0,metadata=0x2 actions=resubmit(,20)
 cookie=0xca1fe92b, duration=0.139s, table=19, n_packets=5, n_bytes=390, priority=0,metadata=0x4 actions=resubmit(,20)
 cookie=0xa8c0fc1e, duration=0.132s, table=19, n_packets=5, n_bytes=322, priority=0,metadata=0x3 actions=resubmit(,20)
 cookie=0xa374cb22, duration=0.131s, table=19, n_packets=3, n_bytes=282, priority=0,metadata=0x1 actions=resubmit(,20)
+ ovs-ofctl dump-flows br-phys table=0                                                                                                                                                                     
 cookie=0x0, duration=0.068s, table=0, n_packets=0, n_bytes=0, priority=100,pkt_mark=0x64 actions=drop                                                                                                     
 cookie=0x0, duration=0.454s, table=0, n_packets=9, n_bytes=762, priority=0 actions=NORMAL                                                                                                                 
+ ip netns exec server1 ping 172.168.0.1 -c 1                                                                                                                                                              
PING 172.168.0.1 (172.168.0.1) 56(84) bytes of data.                                                                                                                                                       
                                                                                                                                                                                                           
--- 172.168.0.1 ping statistics ---                                  
1 packets transmitted, 0 received, 100% packet loss, time 0ms                                                                                                                                              
                                                                                                     
+ ovs-ofctl dump-flows br-int table=19                                                       
 cookie=0x1e3e6d1, duration=10.138s, table=19, n_packets=2, n_bytes=196, priority=2000,ip,metadata=0x2,nw_src=192.168.0.1 actions=load:0x64->NXM_NX_PKT_MARK[],resubmit(,20)
 cookie=0x71413126, duration=10.168s, table=19, n_packets=0, n_bytes=0, priority=1000,ipv6,metadata=0x2,ipv6_src=3001::1 actions=resubmit(,20)
 cookie=0x40f312ff, duration=10.180s, table=19, n_packets=1, n_bytes=98, priority=0,metadata=0x2 actions=resubmit(,20)
 cookie=0xca1fe92b, duration=10.178s, table=19, n_packets=13, n_bytes=1002, priority=0,metadata=0x4 actions=resubmit(,20)
 cookie=0xa8c0fc1e, duration=10.171s, table=19, n_packets=14, n_bytes=1132, priority=0,metadata=0x3 actions=resubmit(,20)
 cookie=0xa374cb22, duration=10.170s, table=19, n_packets=8, n_bytes=712, priority=0,metadata=0x1 actions=resubmit(,20)
+ ovs-ofctl dump-flows br-phys table=0       
 cookie=0x0, duration=10.108s, table=0, n_packets=1, n_bytes=98, priority=100,pkt_mark=0x64 actions=drop                                                                                                   
 cookie=0x0, duration=10.494s, table=0, n_packets=16, n_bytes=1276, priority=0 actions=NORMAL                                                                                                              
+ ovn-nbctl set logical_router_policy c59082cf-685a-4ace-bc4c-e78f745f9447 options:pkt_mark=5                                                                                                              
+ ovs-ofctl --protocols=OpenFlow13 add-flow br-phys 'table=0, priority=100, pkt_mark=0x5 actions=drop'                                                                                                     
+ ovn-nbctl --wait=hv sync                                                                                                                                                                                 
+ ip netns exec server0 ping6 1111::1 -c 1                                                                                                                                                                 
PING 1111::1(1111::1) 56 data bytes   
64 bytes from 1111::1: icmp_seq=1 ttl=63 time=7.05 ms                                                                                                                                                      
                                                                                                                                                                                                           
--- 1111::1 ping statistics ---                                                                                      
1 packets transmitted, 1 received, 0% packet loss, time 0ms                                                           
rtt min/avg/max/mdev = 7.058/7.058/7.058/0.000 ms

+ ovs-ofctl dump-flows br-int table=19                                                                                
 cookie=0x1e3e6d1, duration=10.254s, table=19, n_packets=2, n_bytes=196, priority=2000,ip,metadata=0x2,nw_src=192.168.0.1 actions=load:0x64->NXM_NX_PKT_MARK[],resubmit(,20)
 cookie=0xc2dcea2a, duration=0.098s, table=19, n_packets=1, n_bytes=118, priority=1000,ipv6,metadata=0x2,ipv6_src=3001::1 actions=load:0x5->NXM_NX_PKT_MARK[],resubmit(,20)
 cookie=0x40f312ff, duration=10.296s, table=19, n_packets=2, n_bytes=216, priority=0,metadata=0x2 actions=resubmit(,20)
 cookie=0xca1fe92b, duration=10.294s, table=19, n_packets=21, n_bytes=1754, priority=0,metadata=0x4 actions=resubmit(,20)
 cookie=0xa8c0fc1e, duration=10.287s, table=19, n_packets=14, n_bytes=1132, priority=0,metadata=0x3 actions=resubmit(,20)
 cookie=0xa374cb22, duration=10.286s, table=19, n_packets=14, n_bytes=1292, priority=0,metadata=0x1 actions=resubmit(,20)
+ ovs-ofctl dump-flows br-phys table=0
 cookie=0x0, duration=10.223s, table=0, n_packets=1, n_bytes=98, priority=100,pkt_mark=0x64 actions=drop
 cookie=0x0, duration=0.066s, table=0, n_packets=0, n_bytes=0, priority=100,pkt_mark=0x5 actions=drop
 cookie=0x0, duration=10.609s, table=0, n_packets=24, n_bytes=2028, priority=0 actions=NORMAL
+ ip netns exec server0 ping6 1111::1 -c 1
PING 1111::1(1111::1) 56 data bytes

--- 1111::1 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms

+ ovs-ofctl dump-flows br-int table=19
 cookie=0x1e3e6d1, duration=20.305s, table=19, n_packets=2, n_bytes=196, priority=2000,ip,metadata=0x2,nw_src=192.168.0.1 actions=load:0x64->NXM_NX_PKT_MARK[],resubmit(,20)
 cookie=0xc2dcea2a, duration=10.149s, table=19, n_packets=2, n_bytes=236, priority=1000,ipv6,metadata=0x2,ipv6_src=3001::1 actions=load:0x5->NXM_NX_PKT_MARK[],resubmit(,20)
 cookie=0x40f312ff, duration=20.347s, table=19, n_packets=2, n_bytes=216, priority=0,metadata=0x2 actions=resubmit(,20)
 cookie=0xca1fe92b, duration=20.345s, table=19, n_packets=24, n_bytes=2044, priority=0,metadata=0x4 actions=resubmit(,20)
 cookie=0xa8c0fc1e, duration=20.338s, table=19, n_packets=14, n_bytes=1132, priority=0,metadata=0x3 actions=resubmit(,20)
 cookie=0xa374cb22, duration=20.337s, table=19, n_packets=17, n_bytes=1582, priority=0,metadata=0x1 actions=resubmit(,20)
+ ovs-ofctl dump-flows br-phys table=0
 cookie=0x0, duration=20.275s, table=0, n_packets=1, n_bytes=98, priority=100,pkt_mark=0x64 actions=drop
 cookie=0x0, duration=10.118s, table=0, n_packets=1, n_bytes=118, priority=100,pkt_mark=0x5 actions=drop
 cookie=0x0, duration=20.661s, table=0, n_packets=26, n_bytes=2200, priority=0 actions=NORMAL
Comment 9 errata-xmlrpc 2020-08-18 11:23:51 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (ovn2.13 bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:3488