Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
The FDP team is no longer accepting new bugs in Bugzilla. Please report your issues under FDP project in Jira. Thanks.

Bug 2151287

Summary: [OVN] Session Affinity doesn't work as expected when a non-affinity service shares its backends with the affinity service
Product: Red Hat Enterprise Linux Fast Datapath Reporter: OVN Bot <ovn-bot>
Component: ovn22.09Assignee: Dumitru Ceara <dceara>
Status: CLOSED ERRATA QA Contact: ying xu <yinxu>
Severity: urgent Docs Contact:
Priority: urgent    
Version: FDP 22.LCC: ctrautma, dceara, jiji, jishi
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ovn22.09-22.09.0-24.el9fdp Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-02-09 00:24:32 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OVN Bot 2022-12-06 15:31:54 UTC 
This is an automatically-generated clone of issue https://bugzilla.redhat.com/show_bug.cgi?id=2150533
Comment 3 ying xu 2023-01-30 07:43:28 UTC 
I can reproduce this issue on version:
# rpm -qa|grep ovn
ovn22.09-central-22.09.0-22.el9fdp.x86_64
ovn22.09-host-22.09.0-22.el9fdp.x86_64
ovn22.09-22.09.0-22.el9fdp.x86_64

topo:
#    foo -- R1 -- join - R2 -- alice
#           |          |
#    bar ----          - R3 --- bob
#

set lb for R1 as below:
# ovn-nbctl list load_balancer
_uuid               : 84152d94-1c68-4311-8fd7-36ae12a4377a
external_ids        : {}
health_check        : []
ip_port_mappings    : {}
name                : lb1-no-aff
options             : {}
protocol            : tcp
selection_fields    : []
vips                : {"172.16.1.101:8081"="192.168.1.2:80,192.168.2.2:80"}


_uuid               : 8b2caa4d-83c5-49bc-a779-20dc5cbf1730
external_ids        : {}
health_check        : []
ip_port_mappings    : {}
name                : lb1
options             : {affinity_timeout="3"}
protocol            : tcp
selection_fields    : []
vips                : {"172.16.1.101:8080"="192.168.1.2:80,192.168.2.2:80"}


then, do "ip netns exec alice1 ncat 172.16.1.101 8081 <<< h"
but we can see that counter is increased for port 8080
# ovs-ofctl dump-flows br-int|grep 8080
 cookie=0x48842071, duration=3948.235s, table=16, n_packets=53, n_bytes=3922, idle_age=3361, priority=100,ct_state=+new+trk,tcp,reg0=0xac100165,reg9=0/0x40,metadata=0x2,nw_dst=192.168.1.2,tp_dst=80 actions=learn(table=78,idle_timeout=3,delete_learned,OXM_OF_METADATA[],eth_type=0x800,NXM_OF_IP_SRC[],ip_dst=172.16.1.101,nw_proto=6,tcp_dst=8080,load:0x1->NXM_NX_REG10[14],load:0xc0a80102->NXM_NX_REG4[],load:0x50->NXM_NX_REG8[0..15])
 cookie=0x10fdf642, duration=3948.235s, table=16, n_packets=72, n_bytes=5328, idle_age=108, priority=100,ct_state=+new+trk,tcp,reg0=0xac100165,reg9=0/0x40,metadata=0x2,nw_dst=192.168.2.2,tp_dst=80 actions=learn(table=78,idle_timeout=3,delete_learned,OXM_OF_METADATA[],eth_type=0x800,NXM_OF_IP_SRC[],ip_dst=172.16.1.101,nw_proto=6,tcp_dst=8080,load:0x1->NXM_NX_REG10[14],load:0xc0a80202->NXM_NX_REG4[],load:0x50->NXM_NX_REG8[0..15])
 cookie=0x95d6ca81, duration=3948.219s, table=16, n_packets=0, n_bytes=0, idle_age=3948, priority=100,ct_state=+new+trk,tcp,reg0=0xac10016f,reg9=0/0x40,metadata=0x2,nw_dst=192.168.1.2,tp_dst=80 actions=learn(table=78,idle_timeout=3,delete_learned,OXM_OF_METADATA[],eth_type=0x800,NXM_OF_IP_SRC[],ip_dst=172.16.1.111,nw_proto=6,tcp_dst=8080,load:0x1->NXM_NX_REG10[14],load:0xc0a80102->NXM_NX_REG4[],load:0x50->NXM_NX_REG8[0..15])
 cookie=0x5e2f7f57, duration=3948.219s, table=16, n_packets=0, n_bytes=0, idle_age=3948, priority=100,ct_state=+new+trk,tcp,reg0=0xac10016f,reg9=0/0x40,metadata=0x2,nw_dst=192.168.2.2,tp_dst=80 actions=learn(table=78,idle_timeout=3,delete_learned,OXM_OF_METADATA[],eth_type=0x800,NXM_OF_IP_SRC[],ip_dst=172.16.1.111,nw_proto=6,tcp_dst=8080,load:0x1->NXM_NX_REG10[14],load:0xc0a80202->NXM_NX_REG4[],load:0x50->NXM_NX_REG8[0..15])
 
verified on version:
# rpm -qa|grep ovn
ovn22.09-central-22.09.0-31.el9fdp.x86_64
ovn22.09-host-22.09.0-31.el9fdp.x86_64
ovn22.09-22.09.0-31.el9fdp.x86_64

we set two lb for lr,one with affiinity and another without,
do "ip netns exec alice1 ncat 172.16.1.101 8081 <<< h"
we can see that counter isn't increased for port 8080
# ovs-ofctl dump-flows br-int|grep 8080                   ------------all packets counters are 0.
 cookie=0x772eba22, duration=1700.642s, table=16, n_packets=0, n_bytes=0, idle_age=1700, priority=100,ct_state=+new+trk,tcp,reg0=0xac100165,reg9=0x1f900000/0xffff0040,metadata=0x2,nw_dst=192.168.1.2,tp_dst=80 actions=learn(table=78,idle_timeout=3,delete_learned,OXM_OF_METADATA[],eth_type=0x800,NXM_OF_IP_SRC[],ip_dst=172.16.1.101,nw_proto=6,tcp_dst=8080,load:0x1->NXM_NX_REG10[14],load:0xc0a80102->NXM_NX_REG4[],load:0x50->NXM_NX_REG8[0..15])
 cookie=0x7937c223, duration=1700.642s, table=16, n_packets=0, n_bytes=0, idle_age=1700, priority=100,ct_state=+new+trk,tcp,reg0=0xac100165,reg9=0x1f900000/0xffff0040,metadata=0x2,nw_dst=192.168.2.2,tp_dst=80 actions=learn(table=78,idle_timeout=3,delete_learned,OXM_OF_METADATA[],eth_type=0x800,NXM_OF_IP_SRC[],ip_dst=172.16.1.101,nw_proto=6,tcp_dst=8080,load:0x1->NXM_NX_REG10[14],load:0xc0a80202->NXM_NX_REG4[],load:0x50->NXM_NX_REG8[0..15])
 cookie=0x30b4c06c, duration=1700.628s, table=16, n_packets=0, n_bytes=0, idle_age=1700, priority=100,ct_state=+new+trk,tcp,reg0=0xac10016f,reg9=0x1f900000/0xffff0040,metadata=0x2,nw_dst=192.168.1.2,tp_dst=80 actions=learn(table=78,idle_timeout=3,delete_learned,OXM_OF_METADATA[],eth_type=0x800,NXM_OF_IP_SRC[],ip_dst=172.16.1.111,nw_proto=6,tcp_dst=8080,load:0x1->NXM_NX_REG10[14],load:0xc0a80102->NXM_NX_REG4[],load:0x50->NXM_NX_REG8[0..15])
 cookie=0x933beece, duration=1700.628s, table=16, n_packets=0, n_bytes=0, idle_age=1700, priority=100,ct_state=+new+trk,tcp,reg0=0xac10016f,reg9=0x1f900000/0xffff0040,metadata=0x2,nw_dst=192.168.2.2,tp_dst=80 actions=learn(table=78,idle_timeout=3,delete_learned,OXM_OF_METADATA[],eth_type=0x800,NXM_OF_IP_SRC[],ip_dst=172.16.1.111,nw_proto=6,tcp_dst=8080,load:0x1->NXM_NX_REG10[14],load:0xc0a80202->NXM_NX_REG4[],load:0x50->NXM_NX_REG8[0..15])
Comment 5 errata-xmlrpc 2023-02-09 00:24:32 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (ovn22.09 bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2023:0684