[ovs-dev] [PATCH 2/4] tests: Make vxlan frag test more reliable.

Joe Stringer joe at ovn.org
Fri Jan 29 19:37:52 UTC 2016


Depending on the kernel version in use, the nf_conntrack module may
register hooks for each namespace and execute conntrack prior to passing
packets to OVS (or not). In cases where this happens, the previous flow
table in this test would trust the local stack's connection tracking and
use it rather than sending packets through conntrack itself (and
therefore handling IP defragmentation/fragmentation).

This patch revealed two fatal datapath bugs, fixed by these commits:
86c2eb45fd82 datapath: Fix panic sending IP frags over tunnels.
XXXXXXXXXXXX datapath: inet: frag: Always orphan skbs inside ip_defrag().

Signed-off-by: Joe Stringer <joe at ovn.org>
---
The second patch was applied to the upstream kernel, but not to OVS tree
yet. I'll update the commit ID with the OVS commit ID when applied.
---
 tests/system-traffic.at | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/system-traffic.at b/tests/system-traffic.at
index 102b56fba033..c35241275ad1 100644
--- a/tests/system-traffic.at
+++ b/tests/system-traffic.at
@@ -1309,8 +1309,8 @@ AT_DATA([flows.txt], [dnl
 priority=1,action=drop
 priority=10,arp,action=normal
 priority=100,in_port=1,icmp,action=ct(commit,zone=9),LOCAL
-priority=100,in_port=LOCAL,ct_state=-trk,icmp,action=ct(table=0,zone=9)
-priority=100,in_port=LOCAL,ct_state=+trk+est,icmp,action=1
+priority=100,in_port=LOCAL,icmp,action=ct(table=1,zone=9)
+table=1,priority=100,in_port=LOCAL,ct_state=+trk+est,icmp,action=1
 ])
 
 AT_CHECK([ovs-ofctl --bundle add-flows br0 flows.txt])
-- 
2.1.4




More information about the dev mailing list