Bug 1903199

reproduced on version:
# rpm -qa|grep ovn
ovn2.13-central-20.09.0-12.el8fdp.x86_64
ovn2.13-host-20.09.0-12.el8fdp.x86_64
ovn2.13-20.09.0-12.el8fdp.x86_64

scripts:
		#sw public

		ovn-nbctl set NB_GLOBAL . options:northd_probe_interval=180000
		ovn-nbctl set connection . inactivity_probe=180000
		ovs-vsctl set open . external_ids:ovn-openflow-probe-interval=180
		ovs-vsctl set open . external_ids:ovn-remote-probe-interval=180000
		ovn-sbctl set connection . inactivity_probe=180000

		ovn-nbctl ls-add public

		# r1
		i=1
	m=0
	for n in `seq 1 2`;do
		ovn-nbctl lr-add r${i}
		ovn-nbctl lrp-add r${i} r${i}_public 00:de:ad:ff:$m:$n 172.16.$m.$n/16
		ovn-nbctl lrp-add r${i} r${i}_s${i} 00:de:ad:fe:$m:$n 173.$m.$n.1/24
		ovn-nbctl lr-nat-add r${i} dnat_and_snat 172.16.${m}.$((n+100)) 173.$m.$n.2
		ovn-nbctl lrp-set-gateway-chassis r${i}_public hv1

		# s1
		ovn-nbctl ls-add s${i}

		# s1 - r1
		ovn-nbctl lsp-add s${i} s${i}_r${i}
		ovn-nbctl lsp-set-type s${i}_r${i} router
		ovn-nbctl lsp-set-addresses s${i}_r${i} "00:de:ad:fe:$m:$n 173.$m.$n.1"
		ovn-nbctl lsp-set-options s${i}_r${i} router-port=r${i}_s${i}

		# s1 - vm1
		ovn-nbctl lsp-add s$i vm$i
		ovn-nbctl lsp-set-addresses vm$i "00:de:ad:01:$m:$n 173.$m.$n.2"
		ovn-nbctl lrp-add r$i r${i}_public 40:44:00:00:$m:$n 172.16.$m.$n/16

		ovn-nbctl lsp-add public public_r${i}
		ovn-nbctl lsp-set-type public_r${i} router
		ovn-nbctl lsp-set-addresses public_r${i} router
		ovn-nbctl lsp-set-options public_r${i} router-port=r${i}_public nat-addresses=router addresses=router
#		ovn-nbctl set logical_router r${i} options:always_learn_from_arp_request=false
		let i++
	done
		ovn-nbctl lsp-add public ln_p1
		ovn-nbctl lsp-set-addresses ln_p1 unknown
		ovn-nbctl lsp-set-type ln_p1 localnet
		ovn-nbctl lsp-set-options ln_p1 network_name=nattest

		ovn-nbctl show
		ovn-sbctl show

		sync_set client $FUNCNAME
		sync_wait client $FUNCNAME

		ovs-vsctl show

		#add host vm1
		ip netns add vm1
		ovs-vsctl add-port br-int vm1 -- set interface vm1 type=internal
		ip link set vm1 netns vm1
		ip netns exec vm1 ip link set vm1 address 00:de:ad:01:00:01
		ip netns exec vm1 ip addr add 173.0.1.2/24 dev vm1
		ip netns exec vm1 ip link set vm1 up
		ovs-vsctl set Interface vm1 external_ids:iface-id=vm1

		ip netns add vm2
		ovs-vsctl add-port br-int vm2 -- set interface vm2 type=internal
		ip link set vm2 netns vm2
		ip netns exec vm2 ip link set vm2 address 00:de:ad:01:00:02
		ip netns exec vm2 ip addr add 173.0.2.2/24 dev vm2
		ip netns exec vm2 ip link set vm2 up
		ovs-vsctl set Interface vm2 external_ids:iface-id=vm2

		ip netns add vm3
		ovs-vsctl add-port br-int vm3 -- set interface vm3 type=internal
		ip link set vm3 netns vm3
		ip netns exec vm3 ip link set vm3 address 00:de:ad:01:00:03
		ip netns exec vm3 ip addr add 173.0.3.2/24 dev vm3
		ip netns exec vm3 ip link set vm3 up
		ovs-vsctl set Interface vm3 external_ids:iface-id=vm3

		#set provide network
		ovs-vsctl add-br nat_test
		ip link set nat_test up
		ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-mappings=nattest:nat_test
		#ovs-vsctl add-port nat_test $nic_test2
		#ip link set $nic_test2 up
		ip netns add vm0
		ip link set vm0 netns vm0
		ip netns exec vm0 ip link set vm0 address 00:00:00:00:00:01
		ip netns exec vm0 ip addr add 172.16.0.100/16 dev vm0
		ip netns exec vm0 ip link set vm0 up
		ovs-vsctl add-port nat_test vm0 -- set interface vm0 type=internal
		ip link set vm0 netns vm0
		ip netns exec vm0 ip link set vm0 address 00:00:00:00:00:01
		ip netns exec vm0 ip addr add 172.16.0.100/16 dev vm0
		ip netns exec vm0 ip link set vm0 up
		ovs-vsctl set Interface vm0 external_ids:iface-id=vm0
		ip netns exec vm1 ip route add default via 173.0.1.1
		ip netns exec vm2 ip route add default via 173.0.2.1
		ip netns exec vm3 ip route add default via 173.0.3.1

		rlRun "ovn-nbctl set logical_router r1 options:always_learn_from_arp_request=false"
		rlRun "ovn-nbctl set logical_router r2 options:always_learn_from_arp_request=false"
		rlRun "ovn-nbctl --wait=hv sync"

		rlRun "ovn-nbctl lr-nat-del r1 dnat_and_snat 172.16.0.101"
		rlRun "ovn-nbctl lr-nat-del r2 dnat_and_snat 172.16.0.102"
		rlRun "ovn-sbctl --all destroy mac_binding"

		rlRun "ovn-nbctl lr-nat-add r1 dnat_and_snat 172.16.0.101 173.0.1.2 vm1 00:00:00:01:02:03"
		rlRun "ovn-nbctl lr-nat-add r2 dnat_and_snat 172.16.0.102 173.0.2.2 vm2 00:00:00:01:02:04"

		rlRun "ovn-nbctl --wait=hv sync"
#ovn-sbctl --vflows lflow-list |grep "logical_port=r2_public, ip=172.16.0.101"'
  datapath="r2", logical_port=r2_public, ip=172.16.0.101, mac=00:00:00:01:02:03            ---------when set to false,the item generated 

#ovn-sbctl --vflows lflow-list |grep "logical_port=r1_public, ip=172.16.0.102"'
  datapath="r1", logical_port=r1_public, ip=172.16.0.102, mac=00:00:00:01:02:04            ---------when set to false,the item generated,but should not


verified on version:
#ovn-sbctl --vflows lflow-list |grep "logical_port=r2_public, ip=172.16.0.101"   -----------no mac-binding
#
#ovn-sbctl --vflows lflow-list |grep "logical_port=r1_public, ip=172.16.0.102"   -----------no mac-binding
#

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (ovn2.13 bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:0407