For some reason the forced SNAT IP in this test is configured as a
random IP from the join switch subnet that doesn't belong to anything.
When the return traffic hits the router R1, it doesn't know the
destination MAC for this IP and the packet gets sent to ovn-controller
and eventually dropped. None of the wget calls actually succeed.
The test doesn't check that and it only checks that there are some
conntrack entries, which are actually in SYN_SENT state.
While this is enough to check that load balancing is happening, this
makes the test extremely slow. wget is configured to re-try 5 times
with 1 second wait. And it also by default backs off by 1 more second
on every re-try. And we're calling wget 10 times. In the end, all of
this takes 2.5 minutes per test. Test suite runs the test twice with
different options resulting in 5 minutes of wasted time.
Let's use the proper router IP instead for SNAT. This allows reply
traffic to actually go through and wget to succeed, saving us these
5 minutes.
Also changing the simple NS_EXEC to NS_CHECK_EXEC so the test fails if
wget fails.
The test still reproduces the original issue.
Fixes: da5529438342 ("northd: Do not drop ip traffic with destination vip
expressed via template vars.")
Signed-off-by: Ilya Maximets <[email protected]>
---
tests/system-ovn.at | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/tests/system-ovn.at b/tests/system-ovn.at
index 65781bed3..b08363eda 100644
--- a/tests/system-ovn.at
+++ b/tests/system-ovn.at
@@ -17725,7 +17725,7 @@ ADD_VETH(bar1, bar1, br-int, "192.168.2.2/24",
"f0:00:00:01:02:05", \
check ovn-nbctl lsp-add bar bar1 \
-- lsp-set-addresses bar1 "f0:00:00:01:02:05 192.168.2.2"
-check ovn-nbctl set logical_router R2 options:lb_force_snat_ip="20.0.0.5"
+check ovn-nbctl set logical_router R2 options:lb_force_snat_ip="20.0.0.2"
AT_CHECK([ovn-nbctl -- create chassis_template_var chassis="hv1" \
variables="{vip=172.16.1.1,vport1=8000,backends1=\"192.168.1.2:80,192.168.2.2:80\"}"],
@@ -17741,12 +17741,12 @@ check ovn-nbctl --wait=hv sync
OVS_START_L7([foo1], [http])
OVS_START_L7([bar1], [http])
-NETNS_START_TCPDUMP([foo1], [-neei foo1 src 20.0.0.5 and tcp], [foo1])
-NETNS_START_TCPDUMP([bar1], [-neei bar1 src 20.0.0.5 and tcp], [bar1])
+NETNS_START_TCPDUMP([foo1], [-neei foo1 src 20.0.0.2 and tcp], [foo1])
+NETNS_START_TCPDUMP([bar1], [-neei bar1 src 20.0.0.2 and tcp], [bar1])
check ovs-appctl dpctl/flush-conntrack
for i in $(seq 10); do
- NS_EXEC([alice1], [wget 172.16.1.1:8000 -t 5 -T 1 --retry-connrefused -v
-o wget$i.log])
+ NS_CHECK_EXEC([alice1], [wget 172.16.1.1:8000 -t 5 -T 1
--retry-connrefused -v -o wget$i.log])
done
OVS_WAIT_UNTIL([
@@ -17758,10 +17758,10 @@ OVS_WAIT_UNTIL([
test "${n_pkt}" -ge 1
])
-AT_CHECK([ovs-appctl dpctl/dump-conntrack | FORMAT_CT(20.0.0.5) | \
+AT_CHECK([ovs-appctl dpctl/dump-conntrack | FORMAT_CT(20.0.0.2) | \
sed -e 's/zone=[[0-9]]*/zone=<cleared>/'], [0], [dnl
-tcp,orig=(src=172.16.1.2,dst=192.168.1.2,sport=<cleared>,dport=<cleared>),reply=(src=192.168.1.2,dst=20.0.0.5,sport=<cleared>,dport=<cleared>),zone=<cleared>,protoinfo=(state=<cleared>)
-tcp,orig=(src=172.16.1.2,dst=192.168.2.2,sport=<cleared>,dport=<cleared>),reply=(src=192.168.2.2,dst=20.0.0.5,sport=<cleared>,dport=<cleared>),zone=<cleared>,protoinfo=(state=<cleared>)
+tcp,orig=(src=172.16.1.2,dst=192.168.1.2,sport=<cleared>,dport=<cleared>),reply=(src=192.168.1.2,dst=20.0.0.2,sport=<cleared>,dport=<cleared>),zone=<cleared>,protoinfo=(state=<cleared>)
+tcp,orig=(src=172.16.1.2,dst=192.168.2.2,sport=<cleared>,dport=<cleared>),reply=(src=192.168.2.2,dst=20.0.0.2,sport=<cleared>,dport=<cleared>),zone=<cleared>,protoinfo=(state=<cleared>)
])
OVN_CLEANUP_CONTROLLER([hv1])
--
2.54.0
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
