Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
The FDP team is no longer accepting new bugs in Bugzilla. Please report your issues under FDP project in Jira. Thanks.

Bug 2094632

Summary: IPv6 related datapath flows are evicted and re-added by revalidator threads
Product: Red Hat Enterprise Linux Fast Datapath Reporter: OvS team <ovs-bugzilla>
Component: openvswitch2.13Assignee: Aaron Conole <aconole>
Status: CLOSED EOL QA Contact: Jean-Tsung Hsiao <jhsiao>
Severity: urgent Docs Contact:
Priority: urgent    
Version: FDP 21.KCC: ctrautma, jhsiao, ralongi
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openvswitch2.13-2.13.0-147.el7fdp Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2024-10-08 17:49:14 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OvS team 2022-06-08 02:58:09 UTC 
+++ This bug was initially created as a clone of Bug #2081773 +++

Description of problem:

ovs-vswitchd is evicting and re-adding the IPv6 related datapath flows whenever revalidation is triggered.



Version-Release number of selected component (if applicable):


How reproducible:
All the time.


Steps to Reproduce:

# Reproducer script

Start openvswitch


--------------------------------------

# Program the below flows in br-int

cat << EOF > flows.txt
table=0, priority=120 ipv6,icmp6,nw_ttl=255,icmp_type=135,icmp_code=0,nd_target=1000::10 actions=NORMAL
table=0, priority=0 actions=NORMAL
EOF

ovs-vsctl del-br br-int || :
ovs-vsctl add-br br-int
ovs-ofctl add-flows br-int flows.txt

create_fake_vm() {
    iface_id=$1
    name=$2
    mac=$3
    ip=$4
    mask=$5
    gw=$6
    ipv6_addr=$7
    ipv6_gw=$8
    ip netns add $name
    ovs-vsctl       -- add-port br-int $name       -- set interface $name type=internal       -- set Interface $name external_ids:iface-id=$iface_id
    ip link set $name netns $name
    ip netns exec $name ip link set lo up
    [ -n "$mac" ] && ip netns exec $name ip link set $name address $mac
    ip netns exec $name ip addr add $ip/$mask dev $name
    ip netns exec $name ip addr add $ipv6_addr dev $name
    ip netns exec $name ip link set $name up
    ip netns exec $name ip route add default via $gw dev $name
    ip netns exec $name ip -6 route add default via $ipv6_gw dev $name
}

ip netns delete p1 || :
ip netns delete p2 || :

# Create namespaces for p1 and p2 fake VMs.
create_fake_vm sw0-port1 p1 50:54:00:00:00:03 10.0.0.3 24 10.0.0.1 1000::3/64 1000::1
create_fake_vm sw0-port2 p2 50:54:00:00:00:04 10.0.0.4 24 10.0.0.1 1000::4/64 1000::1

# Start nc server on p1
# ip netns exec p1 nc -l -k -v 1000::3 8080

# Connect to the server from p2
# ip netns exec p2 nc 1000::3 8080

# In a separate terminal, trigger re validation

cat << EOF > trigger_dp_issue.sh
#!/bin/bash

ovs-vsctl --may-exist add-br brtmp

while true
do
    ovs-ofctl add-flow brtmp "table=0,priority=100,ip,udp actions=NORMAL"
    sleep 5
    ovs-ofctl del-flows brtmp
done

EOF

chmod 0755 trigger_dp_issue.sh

# On another session monitor datapath flows.

cat << EOF > monitor_dp_flows.sh
#!/bin/bash

watch -n1 "ovs-dpctl dump-flows -m"
EOF

chmod 0755 monitor_dp_flows.sh

--------------------------------------

Keep sending the traffic from p1 and p2.  And you'd notice that the datapath flows gets evicted and re-added with the same match.

This results in performance issues as there will be an upcall whenever revalidation threads kick-in.



Actual results:


Expected results:


Additional info:
Comment 1 OvS team 2022-06-08 02:58:12 UTC 
* Tue Jun 07 2022 Open vSwitch CI <ovs-ci> - 2.13.0-147
- Merging upstream branch-2.13 [RH git: 19832e0c5d]
    Commit list:
    24ad9da3e9 ofproto-dpif-xlate: Fix internal CT state for non-recirc traffic.
    61a1f14b26 classifier: Adjust segment boundary to execute prerequisite processing. (#2081773)
Comment 2 ovs-bot 2024-10-08 17:49:14 UTC 
This bug did not meet the criteria for automatic migration and is being closed.
If the issue remains, please open a new ticket in https://issues.redhat.com/browse/FDP