While debugging some problems in a cluster using ovn-kubernetes, I
noticed that we're creating two conflicting logical flows. These two
flows only matched on the destination MAC address. It was not
deterministic whether you'd hit the IPv4 (ARP) or IPv6 (NS) version.
This change adds an ip4 or ip6 match to each flow as appropriate.
Signed-off-by: Russell Bryant <russ...@ovn.org>
---
northd/ovn-northd.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- NOTE ---
I've only tested this by running "make check" and "make check-kernel" so
far, and all tests still pass.
If I'm reading this code right, I'm really surprised this hasn't come up
sooner? I guess we also don't have adequate test coverage for these
flows?
diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c
index 41e97f841..f0ab43b27 100644
--- a/northd/ovn-northd.c
+++ b/northd/ovn-northd.c
@@ -9319,7 +9319,7 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap
*ports,
}
ovn_lflow_add(lflows, od, S_ROUTER_IN_ARP_REQUEST, 100,
- "eth.dst == 00:00:00:00:00:00",
+ "eth.dst == 00:00:00:00:00:00 && ip4",
"arp { "
"eth.dst = ff:ff:ff:ff:ff:ff; "
"arp.spa = reg1; "
@@ -9328,7 +9328,7 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap
*ports,
"output; "
"};");
ovn_lflow_add(lflows, od, S_ROUTER_IN_ARP_REQUEST, 100,
- "eth.dst == 00:00:00:00:00:00",
+ "eth.dst == 00:00:00:00:00:00 && ip6",
"nd_ns { "
"nd.target = xxreg0; "
"output; "
--
2.23.0
_______________________________________________
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
