Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
The FDP team is no longer accepting new bugs in Bugzilla. Please report your issues under FDP project in Jira. Thanks.

Bug 2170828

Summary: Userspace datapath sticks to installed flows even if there is a flow change
Product: Red Hat Enterprise Linux Fast Datapath Reporter: Ales Musil <amusil>
Component: openvswitch3.1Assignee: Paolo Valerio <pvalerio>
Status: CLOSED COMPLETED QA Contact: ovs-qe
Severity: high Docs Contact:
Priority: unspecified    
Version: FDP 22.ECC: ctrautma, echaudro, jhsiao, qding, ralongi
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2024-09-18 14:16:45 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
reproducer.sh
none
flows
none
groups none

Description Ales Musil 2023-02-17 10:32:55 UTC 
Created attachment 1944721 [details]
reproducer.sh

Description of problem:
Userspace datapath continues to use installed flow even if the first packet triggers learn action that changes how the second packet should behave with the 
learned flow installed.

Version-Release number of selected component (if applicable):
master

How reproducible:
100%

Steps to Reproduce:
1. podman run --privileged --rm -it quay.io/almusil/ovn-tests /bin/bash
2. Inside the container run the reproducer.sh

Actual results:
recirc_id(0),in_port(4),ct_state(-new-rel-trk),packet_type(ns=0,id=0),eth(src=f0:00:00:01:02:04,dst=00:00:02:01:02:03),eth_type(0x0800),ipv4(src=172.16.1.2/255.255.255.254,dst=172.16.1.100,proto=6,ttl=64,frag=no),tcp(dst=8080), packets:1, bytes:74, used:0.838s, flags:S, actions:ct(zone=1,nat),recirc(0x4c)
recirc_id(0x4c),in_port(4),ct_state(+new-est-rel+trk),ct_mark(0x2/0x2),packet_type(ns=0,id=0),eth_type(0x0800),ipv4(dst=192.168.1.2/192.0.0.0,proto=6,frag=no), packets:0, bytes:0, used:never, actions:hash(l4(0)),recirc(0x4d)
recirc_id(0x4d),dp_hash(0xdb4b73c/0xf),in_port(4),packet_type(ns=0,id=0),eth_type(0x0800),ipv4(frag=no), packets:1, bytes:74, used:0.838s, flags:S, actions:ct(commit,zone=1,mark=0x2/0x2,nat(dst=192.168.1.2:80)),recirc(0x4e)
recirc_id(0x4e),in_port(4),ct_state(+new+trk),packet_type(ns=0,id=0),eth_type(0x0800),ipv4(src=172.16.1.2,dst=192.168.1.2,proto=6,frag=no),tcp(dst=80), packets:1, bytes:74, used:0.838s, flags:S, actions:drop

Expected results:
recirc_id(0),in_port(4),ct_state(-new-rel-trk),packet_type(ns=0,id=0),eth(src=f0:00:00:01:02:04,dst=00:00:02:01:02:03),eth_type(0x0800),ipv4(src=172.16.1.2/255.255.255.254,dst=172.16.1.100,proto=6,ttl=64,frag=no),tcp(dst=8080), packets:3, bytes:198, used:1.207s, flags:F., actions:ct(zone=1,nat),recirc(0x50)
recirc_id(0x50),in_port(4),ct_state(+new-rel+trk),packet_type(ns=0,id=0),eth_type(0x0800),ipv4(src=172.16.1.2,dst=172.16.1.100,proto=6,frag=no),tcp(dst=8080), packets:0, bytes:0, used:never, actions:hash(l4(0)),recirc(0x51)
recirc_id(0x51),dp_hash(0x2500121b/0xf),in_port(4),packet_type(ns=0,id=0),eth_type(0x0800),ipv4(frag=no), packets:0, bytes:0, used:never, actions:ct(commit,zone=1,mark=0x2/0x2,nat(dst=192.168.1.2:80)),recirc(0x52)
recirc_id(0x52),in_port(4),ct_state(+new+trk),packet_type(ns=0,id=0),eth(src=f0:00:00:01:02:04,dst=00:00:02:01:02:03),eth_type(0x0800),ipv4(dst=192.168.1.2/255.255.255.0,ttl=64,frag=no), packets:0, bytes:0, used:never, actions:set(eth(src=00:00:04:01:02:04,dst=00:00:04:01:02:03)),set(ipv4(ttl=63)),ct(zone=1,nat),recirc(0x53)
recirc_id(0x53),in_port(4),ct_state(+new-est-rel+trk),ct_mark(0x2/0xe),packet_type(ns=0,id=0),eth(src=00:00:04:01:02:04,dst=00:00:04:01:02:03),eth_type(0x0800),ipv4(src=172.16.1.2/255.255.255.254,dst=192.168.1.2,ttl=63,frag=no), packets:0, bytes:0, used:never, actions:ct(commit,zone=1,nat(src)),set(eth(src=00:00:01:01:02:03,dst=f0:00:00:01:02:03)),set(ipv4(ttl=62)),3

Additional info:
I wasn't able to create a standalone reproducer, however it is easily reproducible with OVN system test.
Comment 1 Ales Musil 2023-02-17 10:34:51 UTC 
Created attachment 1944722 [details]
Database
Comment 2 Ales Musil 2023-02-17 11:00:26 UTC 
Created attachment 1944739 [details]
flows
Comment 3 Ales Musil 2023-02-17 11:00:55 UTC 
Created attachment 1944740 [details]
groups