Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
The FDP team is no longer accepting new bugs in Bugzilla. Please report your issues under FDP project in Jira. Thanks.

Bug 2179215

Summary: Revisit OVN's logic of flushing conntrack
Product: Red Hat Enterprise Linux Fast Datapath Reporter: OVN Bot <ovn-bot>
Component: ovn23.03Assignee: Ales Musil <amusil>
Status: CLOSED CURRENTRELEASE QA Contact: ying xu <yinxu>
Severity: urgent Docs Contact:
Priority: unspecified    
Version: FDP 23.ACC: amusil, ctrautma, dceara, jiji, jishi, mmichels
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ovn23.03-23.03.0-8.el9fdp Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2024-03-08 14:01:34 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OVN Bot 2023-03-17 04:07:46 UTC 
This is an automatically-generated clone of issue https://bugzilla.redhat.com/show_bug.cgi?id=2178962
Comment 3 ying xu 2023-05-06 07:53:54 UTC 
verified on version:
# rpm -qa|grep ovn23
ovn23.03-23.03.0-24.el9fdp.x86_64
ovn23.03-central-23.03.0-24.el9fdp.x86_64
ovn23.03-host-23.03.0-24.el9fdp.x86_64

with option ct_flush=true:
ovn-nbctl lb-add lb2 192.168.2.100:8080 192.168.2.2:80,192.168.2.3:80  -- set load_balancer lb2 options:ct_flush="true"
ovn-nbctl ls-lb-add foo lb2

check the conntrack:
# ovs-appctl dpctl/dump-conntrack|grep 192.168.2.100
tcp,orig=(src=192.168.1.2,dst=192.168.2.100,sport=37316,dport=8080),reply=(src=192.168.2.3,dst=192.168.1.2,sport=80,dport=37316),zone=13,mark=2,protoinfo=(state=SYN_SENT)
tcp,orig=(src=192.168.1.2,dst=192.168.2.100,sport=53580,dport=8080),reply=(src=192.168.2.3,dst=192.168.1.2,sport=80,dport=53580),zone=13,mark=2,protoinfo=(state=SYN_SENT)

delete lb, the conntrack flushed
# ovn-nbctl lb-del lb2
# ovs-appctl dpctl/dump-conntrack|grep 192.168.2.100   ------------flushed

without ct_flush=true
# ovn-nbctl lb-del lb2
[root@dell-per740-53 nat]#  ovs-appctl dpctl/dump-conntrack|grep 192.168.2.100
tcp,orig=(src=192.168.1.2,dst=192.168.2.100,sport=40054,dport=8080),reply=(src=192.168.2.100,dst=192.168.1.2,sport=8080,dport=40054),zone=13,protoinfo=(state=SYN_SENT)  -------not flushed.
Comment 4 Mark Michelson 2024-03-08 14:01:34 UTC 
I am closing this issue. It was initially attached to the following dropped errata: https://errata.devel.redhat.com/advisory/112892 . This errata was not published because there was one issue that failed verification. The rest of the issues were verified, though. However, since the issues were never included in a published errata, they have remained in the "VERIFIED" state. These issues have been fixed for a long time, and QE has verification set up for these issues, so I am closing these issues as "CURRENTRELEASE".