On Fri, Jul 21, 2023 at 12:50 PM Mike Pattrick <[email protected]> wrote: > > On Fri, Jul 21, 2023 at 12:16 PM Ilya Maximets <[email protected]> wrote: > > > > On 7/20/23 16:46, Aaron Conole wrote: > > > Mike Pattrick <[email protected]> writes: > > > > > >> Currently OVS keeps track of which mirrors that each packet has been > > >> sent to for the purpose of deduplication. However, this doesn't consider > > >> that openflow rules can make significant changes to packets after > > >> ingress. > > >> > > >> For example, OVN can create OpenFlow rules that turn an echo request > > >> into an echo response by flipping source/destination addresses and > > >> setting the ICMP type to Reply. When a mirror is configured, only the > > >> request gets mirrored even though a response is received. > > >> > > >> This can cause a false impression of the actual traffic on wire if > > >> someone inspects the mirror and doesn't see an echo reply even though > > >> one has been sent. > > >> > > >> This patch resets the mirrors every time a packet is modified, so > > >> mirrors will receive every copy of a packet that is sent for output. > > >> > > >> Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=2155579 > > >> Signed-off-by: Mike Pattrick <[email protected]> > > >> > > >> --- > > > > > > Acked-by: Aaron Conole <[email protected]> > > > > Thanks, Mike, Eelco and Aaron! > > > > Applied and backported down to 2.17. > > Hello Ilya, > > Thank you for backporting this, is it possible to apply it back to > 2.13 for OSP 16.1?
Sorry, disregard this email, I had misread the patch. Cheers, M > > > > > > Best regards, Ilya Maximets. > > _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
