Bug 1988189

Summary: Host -> service - host endpoint on same node traffic is not offloaded with OVN Kubernetes: combination of CT/CT(nat) in the datapath
Product: OpenShift Container Platform Reporter: zenghui.shi <zshi>
Component: NetworkingAssignee: Mohamed Mahmoud <mmahmoud>
Networking sub component: ovn-kubernetes QA Contact: Anurag saxena <anusaxen>
Status: CLOSED DUPLICATE Docs Contact:
Severity: high    
Priority: high CC: astoycos, mleitner
Version: 4.9   
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-08-09 02:40:01 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1955160    

Description zenghui.shi 2021-07-30 02:32:37 UTC 
Description of problem:


One issue identified during debugging bz1983894 is the combined use of CT/CT(nat) for original traffic causing CT actions not to be offloaded, see https://bugzilla.redhat.com/show_bug.cgi?id=1983894#c15

This bug is created to track the combined use of CT/CT(nat) issue.

Version-Release number of selected component (if applicable):

Details about the ovs/ovn/kernel/ovn-k8s versions and ovs datapath flows analysis for asymmetric issue can be found at https://bugzilla.redhat.com/show_bug.cgi?id=1983894#c0

Additional info:

There is a similar asymmetric path issue that was found for pod to external traffic: https://bugzilla.redhat.com/show_bug.cgi?id=1953278
which has a fix proposed in ovn project
Comment 1 Marcelo Ricardo Leitner 2021-07-30 19:10:59 UTC 
This bug potentially affects other use cases as well and will cause issues with CT HWOL, as Zenghui indicated.
Comment 3 zenghui.shi 2021-08-09 02:38:44 UTC 
This issue (combination of CT/CT(nat)) was fixed by updating ovn version to 21.09-host-21.09.0-8.el8fdp

Detailed test result can be found at: https://bugzilla.redhat.com/show_bug.cgi?id=1986662#c9
Comment 4 zenghui.shi 2021-08-09 02:40:01 UTC 

*** This bug has been marked as a duplicate of bug 1953278 ***