2170828 – Userspace datapath sticks to installed flows even if there is a flow change

Bug 2170828 - Userspace datapath sticks to installed flows even if there is a flow change

Summary: Userspace datapath sticks to installed flows even if there is a flow change

Keywords:
Status:	NEW
Alias:	None
Product:	Red Hat Enterprise Linux Fast Datapath
Classification:	Red Hat
Component:	openvswitch3.1
Sub Component:
Version:	FDP 22.E
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	---
Target Release:	---
Assignee:	Paolo Valerio
QA Contact:	ovs-qe
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2023-02-17 10:32 UTC by Ales Musil
Modified:	2023-07-13 07:25 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
reproducer.sh (737 bytes, application/x-shellscript) 2023-02-17 10:32 UTC, Ales Musil	no flags	Details
flows (188.27 KB, text/plain) 2023-02-17 11:00 UTC, Ales Musil	no flags	Details
groups (744 bytes, text/plain) 2023-02-17 11:00 UTC, Ales Musil	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	FD-2694	0	None	None	None	2023-02-17 10:35:52 UTC

Description Ales Musil 2023-02-17 10:32:55 UTC

Created attachment 1944721 [details]
reproducer.sh

Description of problem:
Userspace datapath continues to use installed flow even if the first packet triggers learn action that changes how the second packet should behave with the 
learned flow installed.

Version-Release number of selected component (if applicable):
master

How reproducible:
100%

Steps to Reproduce:
1. podman run --privileged --rm -it quay.io/almusil/ovn-tests /bin/bash
2. Inside the container run the reproducer.sh

Actual results:
recirc_id(0),in_port(4),ct_state(-new-rel-trk),packet_type(ns=0,id=0),eth(src=f0:00:00:01:02:04,dst=00:00:02:01:02:03),eth_type(0x0800),ipv4(src=172.16.1.2/255.255.255.254,dst=172.16.1.100,proto=6,ttl=64,frag=no),tcp(dst=8080), packets:1, bytes:74, used:0.838s, flags:S, actions:ct(zone=1,nat),recirc(0x4c)
recirc_id(0x4c),in_port(4),ct_state(+new-est-rel+trk),ct_mark(0x2/0x2),packet_type(ns=0,id=0),eth_type(0x0800),ipv4(dst=192.168.1.2/192.0.0.0,proto=6,frag=no), packets:0, bytes:0, used:never, actions:hash(l4(0)),recirc(0x4d)
recirc_id(0x4d),dp_hash(0xdb4b73c/0xf),in_port(4),packet_type(ns=0,id=0),eth_type(0x0800),ipv4(frag=no), packets:1, bytes:74, used:0.838s, flags:S, actions:ct(commit,zone=1,mark=0x2/0x2,nat(dst=192.168.1.2:80)),recirc(0x4e)
recirc_id(0x4e),in_port(4),ct_state(+new+trk),packet_type(ns=0,id=0),eth_type(0x0800),ipv4(src=172.16.1.2,dst=192.168.1.2,proto=6,frag=no),tcp(dst=80), packets:1, bytes:74, used:0.838s, flags:S, actions:drop

Expected results:
recirc_id(0),in_port(4),ct_state(-new-rel-trk),packet_type(ns=0,id=0),eth(src=f0:00:00:01:02:04,dst=00:00:02:01:02:03),eth_type(0x0800),ipv4(src=172.16.1.2/255.255.255.254,dst=172.16.1.100,proto=6,ttl=64,frag=no),tcp(dst=8080), packets:3, bytes:198, used:1.207s, flags:F., actions:ct(zone=1,nat),recirc(0x50)
recirc_id(0x50),in_port(4),ct_state(+new-rel+trk),packet_type(ns=0,id=0),eth_type(0x0800),ipv4(src=172.16.1.2,dst=172.16.1.100,proto=6,frag=no),tcp(dst=8080), packets:0, bytes:0, used:never, actions:hash(l4(0)),recirc(0x51)
recirc_id(0x51),dp_hash(0x2500121b/0xf),in_port(4),packet_type(ns=0,id=0),eth_type(0x0800),ipv4(frag=no), packets:0, bytes:0, used:never, actions:ct(commit,zone=1,mark=0x2/0x2,nat(dst=192.168.1.2:80)),recirc(0x52)
recirc_id(0x52),in_port(4),ct_state(+new+trk),packet_type(ns=0,id=0),eth(src=f0:00:00:01:02:04,dst=00:00:02:01:02:03),eth_type(0x0800),ipv4(dst=192.168.1.2/255.255.255.0,ttl=64,frag=no), packets:0, bytes:0, used:never, actions:set(eth(src=00:00:04:01:02:04,dst=00:00:04:01:02:03)),set(ipv4(ttl=63)),ct(zone=1,nat),recirc(0x53)
recirc_id(0x53),in_port(4),ct_state(+new-est-rel+trk),ct_mark(0x2/0xe),packet_type(ns=0,id=0),eth(src=00:00:04:01:02:04,dst=00:00:04:01:02:03),eth_type(0x0800),ipv4(src=172.16.1.2/255.255.255.254,dst=192.168.1.2,ttl=63,frag=no), packets:0, bytes:0, used:never, actions:ct(commit,zone=1,nat(src)),set(eth(src=00:00:01:01:02:03,dst=f0:00:00:01:02:03)),set(ipv4(ttl=62)),3

Additional info:
I wasn't able to create a standalone reproducer, however it is easily reproducible with OVN system test.

Comment 1 Ales Musil 2023-02-17 10:34:51 UTC

Created attachment 1944722 [details]
Database

Comment 2 Ales Musil 2023-02-17 11:00:26 UTC

Created attachment 1944739 [details]
flows

Comment 3 Ales Musil 2023-02-17 11:00:55 UTC

Created attachment 1944740 [details]
groups

Note You need to log in before you can comment on or make changes to this bug.