This bug was initially created as a copy of Bug #1842876 I am copying this bug because: Description of problem: Etcd leader change is happening more constantly causing the Network Policy tests to fail. The tests failed in different points, but with the following errors: should enforce multiple, stacked policies with overlapping podSelectors [Feature:NetworkPolicy-10] [BeforeEach] /home/stack/kubernetes/_output/local/go/src/k8s.io/kubernetes/test/e2e/network/network_policy.go:488 Jun 1 22:12:08.856: Pod did not finish as expected. Unexpected error: <*errors.StatusError | 0xc0013c4c80>: { ErrStatus: { TypeMeta: {Kind: "", APIVersion: ""}, ListMeta: { SelfLink: "", ResourceVersion: "", Continue: "", RemainingItemCount: nil, }, Status: "Failure", Message: "rpc error: code = Unavailable desc = etcdserver: leader changed", Reason: "", Details: nil, Code: 500, }, } rpc error: code = Unavailable desc = etcdserver: leader changed occurred should enforce policy to allow traffic only from a pod in a different namespace based on PodSelector and NamespaceSelector [Feature:NetworkPolicy-08] [BeforeEach] /home/stack/kubernetes/_output/local/go/src/k8s.io/kubernetes/test/e2e/network/network_policy.go:382 Jun 1 22:16:30.619: Pod did not finish as expected. Unexpected error: <*url.Error | 0xc002f52360>: { Op: "Get", URL: "https://api.ostest.shiftstack.com:6443/api/v1/namespaces/network-policy-7642/pods/client-can-connect-80-4gp4f", Err: {s: "EOF"}, } Get https://api.ostest.shiftstack.com:6443/api/v1/namespaces/network-policy-7642/pods/client-can-connect-80-4gp4f: EOF occurred The list of failed tests is: [Fail] [sig-network] NetworkPolicy [LinuxOnly] NetworkPolicy between server and client [BeforeEach] should allow ingress access on one named port [Feature:NetworkPolicy-12] /home/stack/kubernetes/_output/local/go/src/k8s.io/kubernetes/test/e2e/network/network_policy.go:62 [Fail] [sig-network] NetworkPolicy [LinuxOnly] NetworkPolicy between server and client [BeforeEach] should enforce policy based on NamespaceSelector with MatchExpressions[Feature:NetworkPolicy-05] /home/stack/kubernetes/_output/local/go/src/k8s.io/kubernetes/test/e2e/network/network_policy.go:62 [Fail] [sig-network] NetworkPolicy [LinuxOnly] NetworkPolicy between server and client [BeforeEach] should support a 'default-deny' policy [Feature:NetworkPolicy-01] /home/stack/kubernetes/_output/local/go/src/k8s.io/kubernetes/test/e2e/network/network_policy.go:62 [Fail] [sig-network] NetworkPolicy [LinuxOnly] [BeforeEach] NetworkPolicy between server and client should allow egress access to server in CIDR block [Feature:NetworkPolicy-22] /home/stack/kubernetes/_output/local/go/src/k8s.io/kubernetes/test/e2e/framework/framework.go:210 [Fail] [sig-network] NetworkPolicy [LinuxOnly] NetworkPolicy between server and client [BeforeEach] should enforce policy to allow traffic from pods within server namespace based on PodSelector [Feature:NetworkPolicy-02] /home/stack/kubernetes/_output/local/go/src/k8s.io/kubernetes/test/e2e/network/network_policy.go:62 [Fail] [sig-network] NetworkPolicy [LinuxOnly] NetworkPolicy between server and client [It] should allow ingress access from updated pod [Feature:NetworkPolicy-17] /home/stack/kubernetes/_output/local/go/src/k8s.io/kubernetes/test/e2e/network/network_policy.go:1427 [Fail] [sig-network] NetworkPolicy [LinuxOnly] NetworkPolicy between server and client [BeforeEach] should enforce multiple, stacked policies with overlapping podSelectors [Feature:NetworkPolicy-10] /home/stack/kubernetes/_output/local/go/src/k8s.io/kubernetes/test/e2e/network/network_policy.go:1427 [Fail] [sig-network] NetworkPolicy [LinuxOnly] NetworkPolicy between server and client [BeforeEach] should enforce egress policy allowing traffic to a server in a different namespace based on PodSelector and NamespaceSelector [Feature:Net workPolicy-18] /home/stack/kubernetes/_output/local/go/src/k8s.io/kubernetes/test/e2e/network/network_policy.go:62 [Fail] [sig-network] NetworkPolicy [LinuxOnly] NetworkPolicy between server and client [BeforeEach] should enforce policy to allow traffic only from a pod in a different namespace based on PodSelector and NamespaceSelector [Feature:Networ kPolicy-08] /home/stack/kubernetes/_output/local/go/src/k8s.io/kubernetes/test/e2e/network/network_policy.go:1427 [Fail] [sig-network] NetworkPolicy [LinuxOnly] NetworkPolicy between server and client [BeforeEach] should support allow-all policy [Feature:NetworkPolicy-11] /home/stack/kubernetes/_output/local/go/src/k8s.io/kubernetes/test/e2e/network/network_policy.go:62 Ran 23 of 4843 Specs in 8205.748 seconds FAIL! -- 13 Passed | 10 Failed | 0 Pending | 4820 Skipped Version-Release number of selected component (if applicable): Red Hat OpenStack Platform release 16.0.2 (Train) 4.3.0-0.nightly-2020-06-01-043839 Octavia Amphoras + Ceph + OVN are used. How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Submitted the patch for review - https://patchwork.ozlabs.org/project/openvswitch/patch/20200820083912.3240721-1-numans@ovn.org/
The etcd issue reported here didn't happen when using the patch attached in this BZ combine with this patch https://patchwork.ozlabs.org/project/openvswitch/patch/20200826114143.2696189-1-numans@ovn.org/. It was tested with OpenShift 4.5 and 4.6 on Red Hat OpenStack Platform release 16.1.1 GA (Train) with the custom ovn build.
test with following script: systemctl start openvswitch systemctl start ovn-northd ovn-nbctl set-connection ptcp:6641 ovn-sbctl set-connection ptcp:6642 ovs-vsctl set open . external_ids:system-id=hv1 external_ids:ovn-remote=tcp:1.1.1.19:6642 external_ids:ovn-encap-type=geneve external_ids:ovn-encap-ip=1.1.1.19 systemctl restart ovn-controller ovn-nbctl ls-add sw0 ovn-nbctl lsp-add sw0 sw0-p1 ovn-nbctl lsp-set-addresses sw0-p1 "10:14:00:00:00:03 10.0.0.3" ovn-nbctl lsp-set-port-security sw0-p1 "10:14:00:00:00:03 10.0.0.3" ovn-nbctl lsp-add sw0 sw0-p2 ovn-nbctl lsp-set-addresses sw0-p2 "10:14:00:00:00:04 10.0.0.4" ovn-nbctl lsp-set-port-security sw0-p2 "10:14:00:00:00:04 10.0.0.4" ovn-nbctl lsp-add sw0 sw0-p3 ovn-nbctl lsp-set-addresses sw0-p3 "10:14:00:00:00:05 10.0.0.5" ovn-nbctl lsp-set-port-security sw0-p3 "10:14:00:00:00:05 10.0.0.5" ovn-nbctl lsp-add sw0 sw0-p4 ovn-nbctl lsp-set-addresses sw0-p4 "10:14:00:00:00:06 10.0.0.6" ovn-nbctl lsp-set-port-security sw0-p4 "10:14:00:00:00:06 10.0.0.6" ovs-vsctl add-port br-int sw0-p1 -- set interface sw0-p1 type=internal ovs-vsctl set interface sw0-p1 external_ids:iface-id=sw0-p1 ovs-vsctl add-port br-int sw0-p2 -- set interface sw0-p2 type=internal ovs-vsctl set interface sw0-p2 external_ids:iface-id=sw0-p2 ovs-vsctl add-port br-int sw0-p3 -- set interface sw0-p3 type=internal ovs-vsctl set interface sw0-p3 external_ids:iface-id=sw0-p3 ovs-vsctl add-port br-int sw0-p4 -- set interface sw0-p4 type=internal ovs-vsctl set interface sw0-p4 external_ids:iface-id=sw0-p4 ip netns add sw0-p1 ip link set sw0-p1 netns sw0-p1 ip netns exec sw0-p1 ip link set sw0-p1 address 10:14:00:00:00:03 ip netns exec sw0-p1 ip link set sw0-p1 up ip netns exec sw0-p1 ip addr add 10.0.0.3/24 dev sw0-p1 ip netns add sw0-p2 ip link set sw0-p2 netns sw0-p2 ip netns exec sw0-p2 ip link set sw0-p2 address 10:14:00:00:00:04 ip netns exec sw0-p2 ip link set sw0-p2 up ip netns exec sw0-p2 ip addr add 10.0.0.4/24 dev sw0-p2 ip netns add sw0-p3 ip link set sw0-p3 netns sw0-p3 ip netns exec sw0-p3 ip link set sw0-p3 address 10:14:00:00:00:05 ip netns exec sw0-p3 ip link set sw0-p3 up ip netns exec sw0-p3 ip addr add 10.0.0.5/24 dev sw0-p3 ip netns add sw0-p4 ip link set sw0-p4 netns sw0-p4 ip netns exec sw0-p4 ip link set sw0-p4 address 10:14:00:00:00:06 ip netns exec sw0-p4 ip link set sw0-p4 up ip netns exec sw0-p4 ip addr add 10.0.0.6/24 dev sw0-p4 ovn-sbctl show ovn-nbctl create Address_Set name=set1 addresses="\"10.0.0.3\",\"10.0.0.4\",\"10.0.0.5\",\"10.0.0.6\"" ovn-nbctl pg-add pg0 sw0-p1 sw0-p2 #ovn-nbctl acl-add pg0 to-lport 1002 "outport == @pg0 && ip4 && tcp.dst >= 80 && tcp.dst <= 82" allow ovn-nbctl acl-add pg0 to-lport 1001 "ip4" drop ovn-nbctl acl-add pg0 to-lport 1002 "outport == @pg0 && ip4 && ip4.src==\$set1" allow ovn-nbctl --wait=hv sync ip netns exec sw0-p1 ping 10.0.0.4 &> ping.log & sleep 5 ovs-ofctl dump-flows br-int table=44 ovn-nbctl pg-set-ports pg0 sw0-p1 sw0-p2 sw0-p3 ovn-nbctl --wait=hv sync ovs-ofctl dump-flows br-int table=44 ovs-vsctl set open . external_ids:ovn-enable-lflow-cache=false ovn-nbctl pg-set-ports pg0 sw0-p1 sw0-p2 sw0-p3 sw0-p4 ovn-nbctl --wait=hv sync ovs-ofctl dump-flows br-int table=44 pkill -2 ping reproduced on ovn20.06.2-4: [root@wsfd-advnetlab19 bz1858878]# rpm -qa | grep -E "openvswitch|ovn" ovn2.13-host-20.06.2-4.el7fdp.x86_64 openvswitch-selinux-extra-policy-1.0-15.el7fdp.noarch kernel-kernel-networking-openvswitch-ovn-common-1.0-8.noarch ovn2.13-central-20.06.2-4.el7fdp.x86_64 openvswitch2.13-2.13.0-48.el7fdp.x86_64 ovn2.13-20.06.2-4.el7fdp.x86_64 + ovs-ofctl dump-flows br-int table=44 cookie=0x4a1d5450, duration=5.020s, table=44, n_packets=0, n_bytes=0, priority=34000,metadata=0x1,dl_src=f2:15:96:8a:64:0d actions=resubmit(,45) cookie=0x0, duration=5.020s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.3 actions=conjunction(2,1/2) cookie=0x0, duration=5.020s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.4 actions=conjunction(2,1/2) cookie=0x0, duration=5.019s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.6 actions=conjunction(2,1/2) cookie=0x0, duration=5.019s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.5 actions=conjunction(2,1/2) cookie=0x0, duration=5.019s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x1,metadata=0x1 actions=conjunction(2,2/2) cookie=0x0, duration=5.019s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x2,metadata=0x1 actions=conjunction(2,2/2) cookie=0x56e29bc1, duration=5.019s, table=44, n_packets=10, n_bytes=980, priority=2002,conj_id=2,ip,metadata=0x1 actions=resubmit(,45) cookie=0x65d5b7, duration=5.020s, table=44, n_packets=0, n_bytes=0, priority=2001,ip,metadata=0x1 actions=drop cookie=0xab4e24f7, duration=5.019s, table=44, n_packets=2, n_bytes=84, priority=0,metadata=0x1 actions=resubmit(,45) + ovn-nbctl pg-set-ports pg0 sw0-p1 sw0-p2 sw0-p3 + ovn-nbctl --wait=hv sync + ovs-ofctl dump-flows br-int table=44 cookie=0x4a1d5450, duration=5.063s, table=44, n_packets=0, n_bytes=0, priority=34000,metadata=0x1,dl_src=f2:15:96:8a:64:0d actions=resubmit(,45) cookie=0x0, duration=5.063s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.3 actions=conjunction(3,1/2) cookie=0x0, duration=5.063s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.4 actions=conjunction(3,1/2) cookie=0x0, duration=5.062s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.6 actions=conjunction(3,1/2) cookie=0x0, duration=5.062s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.5 actions=conjunction(3,1/2) cookie=0x0, duration=5.062s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x1,metadata=0x1 actions=conjunction(3,2/2) cookie=0x0, duration=5.062s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x2,metadata=0x1 actions=conjunction(3,2/2) cookie=0x0, duration=0.026s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x3,metadata=0x1 actions=conjunction(3,2/2) <==== conjunction changed cookie=0x56e29bc1, duration=0.026s, table=44, n_packets=2, n_bytes=196, priority=2002,conj_id=3,ip,metadata=0x1 actions=resubmit(,45) cookie=0x65d5b7, duration=5.063s, table=44, n_packets=0, n_bytes=0, priority=2001,ip,metadata=0x1 actions=drop cookie=0xab4e24f7, duration=5.062s, table=44, n_packets=2, n_bytes=84, priority=0,metadata=0x1 actions=resubmit(,45) + ovs-vsctl set open . external_ids:ovn-enable-lflow-cache=false + ovn-nbctl pg-set-ports pg0 sw0-p1 sw0-p2 sw0-p3 sw0-p4 + ovn-nbctl --wait=hv sync + ovs-ofctl dump-flows br-int table=44 cookie=0x4a1d5450, duration=5.118s, table=44, n_packets=0, n_bytes=0, priority=34000,metadata=0x1,dl_src=f2:15:96:8a:64:0d actions=resubmit(,45) cookie=0x0, duration=5.118s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.3 actions=conjunction(4,1/2) cookie=0x0, duration=5.118s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.4 actions=conjunction(4,1/2) cookie=0x0, duration=5.117s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.6 actions=conjunction(4,1/2) cookie=0x0, duration=5.117s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.5 actions=conjunction(4,1/2) cookie=0x0, duration=0.081s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x3,metadata=0x1 actions=conjunction(4,2/2) cookie=0x0, duration=5.117s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x1,metadata=0x1 actions=conjunction(4,2/2) cookie=0x0, duration=5.117s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x2,metadata=0x1 actions=conjunction(4,2/2) cookie=0x0, duration=0.026s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x4,metadata=0x1 actions=conjunction(4,2/2) cookie=0x56e29bc1, duration=0.026s, table=44, n_packets=0, n_bytes=0, priority=2002,conj_id=4,ip,metadata=0x1 actions=resubmit(,45) cookie=0x65d5b7, duration=5.118s, table=44, n_packets=0, n_bytes=0, priority=2001,ip,metadata=0x1 actions=drop cookie=0xab4e24f7, duration=5.117s, table=44, n_packets=2, n_bytes=84, priority=0,metadata=0x1 actions=resubmit(,45) + pkill -2 ping Verified on ovn20.06.2-11: [root@wsfd-advnetlab19 bz1858878]# rpm -qa | grep -E "openvswitch|ovn" openvswitch-selinux-extra-policy-1.0-15.el7fdp.noarch kernel-kernel-networking-openvswitch-ovn-common-1.0-8.noarch ovn2.13-20.06.2-11.el7fdp.x86_64 ovn2.13-host-20.06.2-11.el7fdp.x86_64 openvswitch2.13-2.13.0-48.el7fdp.x86_64 ovn2.13-central-20.06.2-11.el7fdp.x86_64 + ovs-ofctl dump-flows br-int table=44 cookie=0x49a6562b, duration=5.021s, table=44, n_packets=0, n_bytes=0, priority=34000,metadata=0x1,dl_src=0e:ff:46:6f:bf:cc actions=resubmit(,45) cookie=0x0, duration=5.021s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.3 actions=conjunction(2,1/2) cookie=0x0, duration=5.021s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.4 actions=conjunction(2,1/2) cookie=0x0, duration=5.020s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.6 actions=conjunction(2,1/2) cookie=0x0, duration=5.019s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.5 actions=conjunction(2,1/2) cookie=0x0, duration=5.020s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x1,metadata=0x1 actions=conjunction(2,2/2) cookie=0x0, duration=5.020s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x2,metadata=0x1 actions=conjunction(2,2/2) cookie=0xc53873df, duration=5.020s, table=44, n_packets=10, n_bytes=980, priority=2002,conj_id=2,ip,metadata=0x1 actions=resubmit(,45) cookie=0x2bb912e6, duration=5.021s, table=44, n_packets=0, n_bytes=0, priority=2001,ip,metadata=0x1 actions=drop cookie=0x7e3b6e84, duration=5.020s, table=44, n_packets=2, n_bytes=84, priority=0,metadata=0x1 actions=resubmit(,45) + ovn-nbctl pg-set-ports pg0 sw0-p1 sw0-p2 sw0-p3 + ovn-nbctl --wait=hv sync + ovs-ofctl dump-flows br-int table=44 cookie=0x49a6562b, duration=5.065s, table=44, n_packets=0, n_bytes=0, priority=34000,metadata=0x1,dl_src=0e:ff:46:6f:bf:cc actions=resubmit(,45) cookie=0x0, duration=5.065s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.3 actions=conjunction(2,1/2) cookie=0x0, duration=5.065s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.4 actions=conjunction(2,1/2) cookie=0x0, duration=5.064s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.6 actions=conjunction(2,1/2) cookie=0x0, duration=5.063s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.5 actions=conjunction(2,1/2) cookie=0x0, duration=5.064s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x1,metadata=0x1 actions=conjunction(2,2/2) cookie=0x0, duration=5.064s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x2,metadata=0x1 actions=conjunction(2,2/2) cookie=0x0, duration=0.026s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x3,metadata=0x1 actions=conjunction(2,2/2) <==== conjunction not change cookie=0xc53873df, duration=5.064s, table=44, n_packets=12, n_bytes=1176, priority=2002,conj_id=2,ip,metadata=0x1 actions=resubmit(,45) cookie=0x2bb912e6, duration=5.065s, table=44, n_packets=0, n_bytes=0, priority=2001,ip,metadata=0x1 actions=drop cookie=0x7e3b6e84, duration=5.064s, table=44, n_packets=2, n_bytes=84, priority=0,metadata=0x1 actions=resubmit(,45) + ovs-vsctl set open . external_ids:ovn-enable-lflow-cache=false + ovn-nbctl pg-set-ports pg0 sw0-p1 sw0-p2 sw0-p3 sw0-p4 + ovn-nbctl --wait=hv sync + ovs-ofctl dump-flows br-int table=44 cookie=0x49a6562b, duration=5.119s, table=44, n_packets=0, n_bytes=0, priority=34000,metadata=0x1,dl_src=0e:ff:46:6f:bf:cc actions=resubmit(,45) cookie=0x0, duration=5.119s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.3 actions=conjunction(3,1/2) cookie=0x0, duration=5.119s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.4 actions=conjunction(3,1/2) cookie=0x0, duration=5.118s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.6 actions=conjunction(3,1/2) cookie=0x0, duration=5.117s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.5 actions=conjunction(3,1/2) cookie=0x0, duration=0.080s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x3,metadata=0x1 actions=conjunction(3,2/2) cookie=0x0, duration=5.118s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x1,metadata=0x1 actions=conjunction(3,2/2) cookie=0x0, duration=5.118s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x2,metadata=0x1 actions=conjunction(3,2/2) cookie=0x0, duration=0.023s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x4,metadata=0x1 actions=conjunction(3,2/2) <=== conjunction changed if ovn-enable-lflow-cache is false cookie=0xc53873df, duration=0.023s, table=44, n_packets=0, n_bytes=0, priority=2002,conj_id=3,ip,metadata=0x1 actions=resubmit(,45) cookie=0x2bb912e6, duration=5.119s, table=44, n_packets=0, n_bytes=0, priority=2001,ip,metadata=0x1 actions=drop cookie=0x7e3b6e84, duration=5.118s, table=44, n_packets=2, n_bytes=84, priority=0,metadata=0x1 actions=resubmit(,45) + pkill -2 ping
Verified on fdp8: + ip netns exec sw0-p1 ping 10.0.0.4 + ovs-ofctl dump-flows br-int table=44 cookie=0xc5b26af6, duration=5.022s, table=44, n_packets=0, n_bytes=0, priority=34000,metadata=0x1,dl_src=7e:54:14:b7:91:9c actions=resubmit(,45) cookie=0x0, duration=5.023s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.3 actions=conjunction(2,1/2) cookie=0x0, duration=5.023s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.4 actions=conjunction(2,1/2) cookie=0x0, duration=5.022s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.6 actions=conjunction(2,1/2) cookie=0x0, duration=5.021s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.5 actions=conjunction(2,1/2) cookie=0x0, duration=5.022s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x1,metadata=0x1 actions=conjunction(2,2/2) cookie=0x0, duration=5.022s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x2,metadata=0x1 actions=conjunction(2,2/2) cookie=0xe3d3851a, duration=5.022s, table=44, n_packets=10, n_bytes=980, priority=2002,conj_id=2,ip,metadata=0x1 actions=resubmit(,45) cookie=0xf7f8782f, duration=5.023s, table=44, n_packets=0, n_bytes=0, priority=2001,ip,metadata=0x1 actions=drop cookie=0x916db10a, duration=5.022s, table=44, n_packets=2, n_bytes=84, priority=0,metadata=0x1 actions=resubmit(,45) + ovn-nbctl pg-set-ports pg0 sw0-p1 sw0-p2 sw0-p3 + ovn-nbctl --wait=hv sync + ovs-ofctl dump-flows br-int table=44 cookie=0xc5b26af6, duration=5.058s, table=44, n_packets=0, n_bytes=0, priority=34000,metadata=0x1,dl_src=7e:54:14:b7:91:9c actions=resubmit(,45) cookie=0x0, duration=5.059s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.3 actions=conjunction(2,1/2) cookie=0x0, duration=5.059s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.4 actions=conjunction(2,1/2) cookie=0x0, duration=5.058s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.6 actions=conjunction(2,1/2) cookie=0x0, duration=5.057s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.5 actions=conjunction(2,1/2) cookie=0x0, duration=5.058s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x1,metadata=0x1 actions=conjunction(2,2/2) cookie=0x0, duration=5.058s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x2,metadata=0x1 actions=conjunction(2,2/2) cookie=0x0, duration=0.021s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x3,metadata=0x1 actions=conjunction(2,2/2) cookie=0xe3d3851a, duration=5.058s, table=44, n_packets=10, n_bytes=980, priority=2002,conj_id=2,ip,metadata=0x1 actions=resubmit(,45) cookie=0xf7f8782f, duration=5.059s, table=44, n_packets=0, n_bytes=0, priority=2001,ip,metadata=0x1 actions=drop cookie=0x916db10a, duration=5.058s, table=44, n_packets=2, n_bytes=84, priority=0,metadata=0x1 actions=resubmit(,45) + ovs-vsctl set open . external_ids:ovn-enable-lflow-cache=false + ovn-nbctl pg-set-ports pg0 sw0-p1 sw0-p2 sw0-p3 sw0-p4 + ovn-nbctl --wait=hv sync + ovs-ofctl dump-flows br-int table=44 cookie=0xc5b26af6, duration=5.112s, table=44, n_packets=0, n_bytes=0, priority=34000,metadata=0x1,dl_src=7e:54:14:b7:91:9c actions=resubmit(,45) cookie=0x0, duration=5.113s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.3 actions=conjunction(3,1/2) cookie=0x0, duration=5.113s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.4 actions=conjunction(3,1/2) cookie=0x0, duration=5.112s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.6 actions=conjunction(3,1/2) cookie=0x0, duration=5.111s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,metadata=0x1,nw_src=10.0.0.5 actions=conjunction(3,1/2) cookie=0x0, duration=0.075s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x3,metadata=0x1 actions=conjunction(3,2/2) cookie=0x0, duration=5.112s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x1,metadata=0x1 actions=conjunction(3,2/2) cookie=0x0, duration=5.112s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x2,metadata=0x1 actions=conjunction(3,2/2) cookie=0x0, duration=0.023s, table=44, n_packets=0, n_bytes=0, priority=2002,ip,reg15=0x4,metadata=0x1 actions=conjunction(3,2/2) cookie=0xe3d3851a, duration=0.023s, table=44, n_packets=0, n_bytes=0, priority=2002,conj_id=3,ip,metadata=0x1 actions=resubmit(,45) cookie=0xf7f8782f, duration=5.113s, table=44, n_packets=0, n_bytes=0, priority=2001,ip,metadata=0x1 actions=drop cookie=0x916db10a, duration=5.112s, table=44, n_packets=2, n_bytes=84, priority=0,metadata=0x1 actions=resubmit(,45) + pkill -2 ping [root@wsfd-advnetlab16 bz1858878]# rpm -qa | grep -E "openvswitch|ovn" kernel-kernel-networking-openvswitch-ovn-common-1.0-8.noarch openvswitch2.11-2.11.0-3.el7fdp.x86_64 ovn2.13-host-20.06.2-11.el8fdp.x86_64 python-openvswitch2.11-2.11.0-3.el7fdp.x86_64 openvswitch-selinux-extra-policy-1.0-23.el8fdp.noarch openvswitch2.13-2.13.0-59.el8fdp.x86_64 ovn2.13-20.06.2-11.el8fdp.x86_64 python3-openvswitch2.13-2.13.0-59.el8fdp.x86_64 ovn2.13-central-20.06.2-11.el8fdp.x86_64
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (ovn2.13 bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:4356