[ovs-dev] [PATCH v2 9/9] system-traffic: Add zone-based conntrack timeout policy test

Darrell Ball dlu998 at gmail.com
Sun Aug 11 19:30:31 UTC 2019


I did some further testing and ran into another issue; in this case, one, I
did not expect.

I added an additional sending of packets at the end of the test after this
check:

AT_CHECK([ovs-appctl dpctl/dump-conntrack | FORMAT_CT(10.1.1.2)], [0], [dnl
])

Below is new code

dnl Do it again
dnl Send ICMP and UDP traffic
NS_CHECK_EXEC([at_ns0], [ping -q -c 3 -i 0.3 -w 2 10.1.1.2 | FORMAT_PING],
[0], [dnl
3 packets transmitted, 3 received, 0% packet loss, time 0ms
])
AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 "in_port=1
packet=50540000000a50540000000908004500001c000000000011a4cd0a0101010a0101020001000200080000
actions=resubmit(,0)"])

AT_CHECK([ovs-appctl dpctl/dump-conntrack | FORMAT_CT(10.1.1.2) | sort],
[0], [dnl
icmp,orig=(src=10.1.1.1,dst=10.1.1.2,id=<cleared>,type=8,code=0),reply=(src=10.1.1.2,dst=10.1.1.1,id=<cleared>,type=0,code=0),zone=5
udp,orig=(src=10.1.1.1,dst=10.1.1.2,sport=<cleared>,dport=<cleared>),reply=(src=10.1.1.2,dst=10.1.1.1,sport=<cleared>,dport=<cleared>),zone=5
])

dnl Wait until the timeout expire.
dnl We intend to wait a bit longer, because conntrack does not recycle the
entry right after it is expired.
sleep 5

AT_CHECK([ovs-appctl dpctl/dump-conntrack | FORMAT_CT(10.1.1.2)], [0], [dnl
])

The test fails bcoz the second time with short timeouts, the conntrack
entries are not cleanup up quickly

@@ -0,0 +1,2 @@
+icmp,orig=(src=10.1.1.1,dst=10.1.1.2,id=<cleared>,type=8,code=0),reply=(src=10.1.1.2,dst=10.1.1.1,id=<cleared>,type=0,code=0),zone=5
+udp,orig=(src=10.1.1.1,dst=10.1.1.2,sport=<cleared>,dport=<cleared>),reply=(src=10.1.1.2,dst=10.1.1.1,sport=<cleared>,dport=<cleared>),zone=5



On Tue, Aug 6, 2019 at 12:16 PM Darrell Ball <dlu998 at gmail.com> wrote:

>
>
> On Tue, Aug 6, 2019 at 11:07 AM Yi-Hung Wei <yihung.wei at gmail.com> wrote:
>
>> On Tue, Aug 6, 2019 at 10:21 AM Darrell Ball <dlu998 at gmail.com> wrote:
>> >
>> >
>> > I did some more testing and found a similar problem as in V1.
>> >
>> > This test can be run successfully once and then fails after that.
>> > Maybe you want to look into that. It is probably related to:
>> >
>> > dball at ubuntu:~/openvswitch/ovs$ lsmod | grep nf
>> > .
>> > nfnetlink_cttimeout    16384  1
>> > .
>> >
>> > Darrell
>> >
>>
>> Thanks for trying out the test.  I can not reproduce the issue that
>> you mentioned on my local VM.
>>
>> Can you provide your kernel version and system-kmod-testsuite.log?
>>
>> Thanks,
>>
>> -Yi-Hung
>>
>
>
> Here it is:
>
> dball at ubuntu:~/ovs$ uname -a
> Linux ubuntu 4.4.0-119-generic #143-Ubuntu SMP Mon Apr 2 16:08:24 UTC 2018
> x86_64 x86_64 x86_64 GNU/Linux
>
> dball at ubuntu:~/ovs$ lsb_release -a
> No LSB modules are available.
> Distributor ID: Ubuntu
> Description: Ubuntu 16.04.2 LTS
> Release: 16.04
> Codename: xenial
>
> #                             -*- compilation -*-
> 75. system-traffic.at:3182: testing conntrack - zone-based timeout policy
> ...
> net.netfilter.nf_conntrack_helper = 0
> ../../tests/system-traffic.at:3185: modprobe openvswitch
> ../../tests/system-traffic.at:3185: ovsdb-tool create conf.db
> $abs_top_srcdir/vswitchd/vswitch.ovsschema
> ../../tests/system-traffic.at:3185: ovsdb-server --detach --no-chdir
> --pidfile --log-file --remote=punix:$OVS_RUNDIR/db.sock
> stderr:
> 2019-08-06T19:11:47Z|00001|vlog|INFO|opened log file
> /home/dball/ovs/_gcc/tests/system-kmod-testsuite.dir/075/ovsdb-server.log
> ../../tests/system-traffic.at:3185: sed < stderr '
> /vlog|INFO|opened log file/d
> /ovsdb_server|INFO|ovsdb-server (Open vSwitch)/d'
> ../../tests/system-traffic.at:3185: ovs-vsctl --no-wait init
> ../../tests/system-traffic.at:3185: ovs-vswitchd  --detach --no-chdir
> --pidfile --log-file -vvconn -vofproto_dpif -vunixctl
> stderr:
> 2019-08-06T19:11:47Z|00001|vlog|INFO|opened log file
> /home/dball/ovs/_gcc/tests/system-kmod-testsuite.dir/075/ovs-vswitchd.log
> 2019-08-06T19:11:47Z|00002|ovs_numa|INFO|Discovered 1 CPU cores on NUMA
> node 0
> 2019-08-06T19:11:47Z|00003|ovs_numa|INFO|Discovered 1 NUMA nodes and 1 CPU
> cores
> 2019-08-06T19:11:47Z|00004|reconnect|INFO|unix:/home/dball/ovs/_gcc/tests/system-kmod-testsuite.dir/075/db.sock:
> connecting...
> 2019-08-06T19:11:47Z|00005|reconnect|INFO|unix:/home/dball/ovs/_gcc/tests/system-kmod-testsuite.dir/075/db.sock:
> connected
> ../../tests/system-traffic.at:3185: sed < stderr '
> /ovs_numa|INFO|Discovered /d
> /vlog|INFO|opened log file/d
> /vswitchd|INFO|ovs-vswitchd (Open vSwitch)/d
> /reconnect|INFO|/d
> /dpif_netlink|INFO|Generic Netlink family .ovs_datapath. does not exist/d
> /ofproto|INFO|using datapath ID/d
> /netdev_linux|INFO|.*device has unknown hardware address family/d
> /ofproto|INFO|datapath ID changed to fedcba9876543210/d
> /dpdk|INFO|DPDK Disabled - Use other_config:dpdk-init to enable/d
> /netlink_socket|INFO|netlink: could not enable listening to all nsid/d
> /probe tc:/d
> /tc: Using policy/d'
> ../../tests/system-traffic.at:3185: ovs-vsctl -- add-br br0 -- set Bridge
> br0
> protocols=OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13,OpenFlow14,OpenFlow15
> fail-mode=secure  --
> --- /dev/null 2019-02-26 18:50:08.043999906 -0800
> +++
> /home/dball/ovs/_gcc/tests/system-kmod-testsuite.dir/at-groups/75/stderr
> 2019-08-06 12:12:17.489401899 -0700
> @@ -0,0 +1,2 @@
> +2019-08-06T19:12:17Z|00002|fatal_signal|WARN|terminating with signal 14
> (Alarm clock)
> +/home/dball/ovs/_gcc/tests/system-kmod-testsuite.dir/at-groups/75/test-source:
> line 874: 58958 Alarm clock             ovs-vsctl -- add-br br0 -- set
> Bridge br0
> protocols=OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13,OpenFlow14,OpenFlow15
> fail-mode=secure --
> ../../tests/system-traffic.at:3185: exit code was 142, expected 0
> ovsdb-server.log:
> > 2019-08-06T19:11:47.418Z|00001|vlog|INFO|opened log file
> /home/dball/ovs/_gcc/tests/system-kmod-testsuite.dir/075/ovsdb-server.log
> > 2019-08-06T19:11:47.420Z|00002|ovsdb_server|INFO|ovsdb-server (Open
> vSwitch) 2.12.90
> > 2019-08-06T19:11:57.433Z|00003|memory|INFO|4504 kB peak resident set
> size after 10.0 seconds
> > 2019-08-06T19:11:57.433Z|00004|memory|INFO|cells:122 monitors:3
> sessions:2
> ovs-vswitchd.log:
> > 2019-08-06T19:11:47.449Z|00001|vlog|INFO|opened log file
> /home/dball/ovs/_gcc/tests/system-kmod-testsuite.dir/075/ovs-vswitchd.log
> > 2019-08-06T19:11:47.449Z|00002|ovs_numa|INFO|Discovered 1 CPU cores on
> NUMA node 0
> > 2019-08-06T19:11:47.449Z|00003|ovs_numa|INFO|Discovered 1 NUMA nodes and
> 1 CPU cores
> >
> 2019-08-06T19:11:47.450Z|00004|reconnect|INFO|unix:/home/dball/ovs/_gcc/tests/system-kmod-testsuite.dir/075/db.sock:
> connecting...
> >
> 2019-08-06T19:11:47.450Z|00005|reconnect|INFO|unix:/home/dball/ovs/_gcc/tests/system-kmod-testsuite.dir/075/db.sock:
> connected
> > 2019-08-06T19:11:47.473Z|00006|bridge|INFO|ovs-vswitchd (Open vSwitch)
> 2.12.90
> > 2019-08-06T19:11:47.492Z|00007|ofproto_dpif|INFO|system at ovs-system:
> Datapath supports recirculation
> > 2019-08-06T19:11:47.492Z|00008|ofproto_dpif|INFO|system at ovs-system:
> VLAN header stack length probed as 2
> > 2019-08-06T19:11:47.492Z|00009|ofproto_dpif|INFO|system at ovs-system:
> MPLS label stack length probed as 1
> > 2019-08-06T19:11:47.492Z|00010|ofproto_dpif|INFO|system at ovs-system:
> Datapath supports truncate action
> > 2019-08-06T19:11:47.492Z|00011|ofproto_dpif|INFO|system at ovs-system:
> Datapath supports unique flow ids
> > 2019-08-06T19:11:47.492Z|00012|ofproto_dpif|INFO|system at ovs-system:
> Datapath supports clone action
> > 2019-08-06T19:11:47.492Z|00013|ofproto_dpif|INFO|system at ovs-system: Max
> sample nesting level probed as 10
> > 2019-08-06T19:11:47.492Z|00014|ofproto_dpif|INFO|system at ovs-system:
> Datapath supports eventmask in conntrack action
> > 2019-08-06T19:11:47.492Z|00015|ofproto_dpif|INFO|system at ovs-system:
> Datapath supports ct_clear action
> > 2019-08-06T19:11:47.492Z|00016|ofproto_dpif|INFO|system at ovs-system: Max
> dp_hash algorithm probed to be 0
> > 2019-08-06T19:11:47.492Z|00017|ofproto_dpif|INFO|system at ovs-system:
> Datapath supports check_pkt_len action
> > 2019-08-06T19:11:47.492Z|00018|ofproto_dpif|INFO|system at ovs-system:
> Datapath supports ct_state
> > 2019-08-06T19:11:47.492Z|00019|ofproto_dpif|INFO|system at ovs-system:
> Datapath supports ct_zone
> > 2019-08-06T19:11:47.492Z|00020|ofproto_dpif|INFO|system at ovs-system:
> Datapath supports ct_mark
> > 2019-08-06T19:11:47.492Z|00021|ofproto_dpif|INFO|system at ovs-system:
> Datapath supports ct_label
> > 2019-08-06T19:11:47.492Z|00022|ofproto_dpif|INFO|system at ovs-system:
> Datapath supports ct_state_nat
> > 2019-08-06T19:11:47.492Z|00023|ofproto_dpif|INFO|system at ovs-system:
> Datapath supports ct_orig_tuple
> > 2019-08-06T19:11:47.492Z|00024|ofproto_dpif|INFO|system at ovs-system:
> Datapath supports ct_orig_tuple6
> ../tests/system-kmod-testsuite: line 1705: 59097 Alarm clock
> exit 1
> 2019-08-06T19:12:28Z|00001|daemon_unix|WARN|/home/dball/ovs/_gcc/tests/system-kmod-testsuite.dir/075/ovs-vswitchd.pid:
> open: No such file or directory
> ovs-appctl: cannot read pidfile
> "/home/dball/ovs/_gcc/tests/system-kmod-testsuite.dir/075/ovs-vswitchd.pid"
> (No such file or directory)
> 75. system-traffic.at:3182: 75. conntrack - zone-based timeout policy (
> system-traffic.at:3182): FAILED (system-traffic.at:3185)
>
>
> dball at ubuntu:~/ovs$ lsmod | grep nf
> nfnetlink_cttimeout    16384  1
>
>
>


More information about the dev mailing list