Bug 2094632 - IPv6 related datapath flows are evicted and re-added by revalidator threads
Summary: IPv6 related datapath flows are evicted and re-added by revalidator threads
Keywords:
Status: MODIFIED
Alias: None
Product: Red Hat Enterprise Linux Fast Datapath
Classification: Red Hat
Component: openvswitch2.13
Version: FDP 21.K
Hardware: Unspecified
OS: Unspecified
urgent
urgent
Target Milestone: ---
: ---
Assignee: Aaron Conole
QA Contact: Jean-Tsung Hsiao
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-06-08 02:58 UTC by OvS team
Modified: 2023-07-13 07:25 UTC (History)
3 users (show)

Fixed In Version: openvswitch2.13-2.13.0-147.el7fdp
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker FD-2018 0 None None None 2022-06-08 03:14:10 UTC

Description OvS team 2022-06-08 02:58:09 UTC 
+++ This bug was initially created as a clone of Bug #2081773 +++

Description of problem:

ovs-vswitchd is evicting and re-adding the IPv6 related datapath flows whenever revalidation is triggered.



Version-Release number of selected component (if applicable):


How reproducible:
All the time.


Steps to Reproduce:

# Reproducer script

Start openvswitch


--------------------------------------

# Program the below flows in br-int

cat << EOF > flows.txt
table=0, priority=120 ipv6,icmp6,nw_ttl=255,icmp_type=135,icmp_code=0,nd_target=1000::10 actions=NORMAL
table=0, priority=0 actions=NORMAL
EOF

ovs-vsctl del-br br-int || :
ovs-vsctl add-br br-int
ovs-ofctl add-flows br-int flows.txt

create_fake_vm() {
    iface_id=$1
    name=$2
    mac=$3
    ip=$4
    mask=$5
    gw=$6
    ipv6_addr=$7
    ipv6_gw=$8
    ip netns add $name
    ovs-vsctl       -- add-port br-int $name       -- set interface $name type=internal       -- set Interface $name external_ids:iface-id=$iface_id
    ip link set $name netns $name
    ip netns exec $name ip link set lo up
    [ -n "$mac" ] && ip netns exec $name ip link set $name address $mac
    ip netns exec $name ip addr add $ip/$mask dev $name
    ip netns exec $name ip addr add $ipv6_addr dev $name
    ip netns exec $name ip link set $name up
    ip netns exec $name ip route add default via $gw dev $name
    ip netns exec $name ip -6 route add default via $ipv6_gw dev $name
}

ip netns delete p1 || :
ip netns delete p2 || :

# Create namespaces for p1 and p2 fake VMs.
create_fake_vm sw0-port1 p1 50:54:00:00:00:03 10.0.0.3 24 10.0.0.1 1000::3/64 1000::1
create_fake_vm sw0-port2 p2 50:54:00:00:00:04 10.0.0.4 24 10.0.0.1 1000::4/64 1000::1

# Start nc server on p1
# ip netns exec p1 nc -l -k -v 1000::3 8080

# Connect to the server from p2
# ip netns exec p2 nc 1000::3 8080

# In a separate terminal, trigger re validation

cat << EOF > trigger_dp_issue.sh
#!/bin/bash

ovs-vsctl --may-exist add-br brtmp

while true
do
    ovs-ofctl add-flow brtmp "table=0,priority=100,ip,udp actions=NORMAL"
    sleep 5
    ovs-ofctl del-flows brtmp
done

EOF

chmod 0755 trigger_dp_issue.sh

# On another session monitor datapath flows.

cat << EOF > monitor_dp_flows.sh
#!/bin/bash

watch -n1 "ovs-dpctl dump-flows -m"
EOF

chmod 0755 monitor_dp_flows.sh

--------------------------------------

Keep sending the traffic from p1 and p2.  And you'd notice that the datapath flows gets evicted and re-added with the same match.

This results in performance issues as there will be an upcall whenever revalidation threads kick-in.



Actual results:


Expected results:


Additional info:
Comment 1 OvS team 2022-06-08 02:58:12 UTC 
* Tue Jun 07 2022 Open vSwitch CI <ovs-ci> - 2.13.0-147
- Merging upstream branch-2.13 [RH git: 19832e0c5d]
    Commit list:
    24ad9da3e9 ofproto-dpif-xlate: Fix internal CT state for non-recirc traffic.
    61a1f14b26 classifier: Adjust segment boundary to execute prerequisite processing. (#2081773)
Note You need to log in before you can comment on or make changes to this bug.