+++ This bug was initially created as a clone of Bug #1744991 +++ Description of problem: When DNS is configured in OVN for a Logical Switch ovn-controller crashes when certain DNS packets are received. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. Configure a Logical Switch and a VIF 2. Configure a DNS entry for the Logical Switch. 3. Inject a specific DNS packet from the VIF. For example, with Scapy: >>> p = IP(dst='10.0.0.2',src='10.0.0.3')/UDP(dport=53)/('a'*364) >>> send(p) Actual results: ovn-controller stays stuck in an infinite loop and keeps allocating memory until it aborts. Expected results: The packet should be processed without issues. Additional info:
Verified on 13.0-RHEL-7/2019-10-23.1 with openvswitch-2.9.0-117.bz1733374.1.el7ost.x86_64 Scenario: Created external network, subnet, router, connected router to the external network. Created internal network with a DNS entry, connected to the router. Created security group with rules allowing ssh, icmp and dns. Spawned 2 VMs connected to the the internal network and assigned FIPs. From one VM sent a malformed DNS packet (see description) with src set to the VM FIP and dst set to the FIP of the second VM. Verified that ovn-controller remains stable, no stuck, no high memory consumption or CPU usage.