[ovs-discuss] [ovn] should allow-related action apply to packets destined to logical router?
Flavio Fernandes
flavio at flaviof.com
Thu May 7 18:39:28 UTC 2020
Hi OVN gurus,
A few months back, I wrote a little blog covering ovsdbapp [2] as an alternative
to do what Russell wrote in an old gist with shell commands [1].
Going back to that last week, I noticed a change in behavior. The rule for
allow-related action does not seem to conntrack packets to the logical router.
In order to make it work, I needed to add explicit rules [3].
Is this a known/expected behavior? I can try a bisect to see when the behavior
changed, but thought of asking first.
Thanks,
-- flaviof
[1] https://gist.github.com/russellb/4ab0a9641f12f8ac66fdd6822ee7789e <https://gist.github.com/russellb/4ab0a9641f12f8ac66fdd6822ee7789e> russellb/ovn-test-icmp-reproducer.sh
[2] https://github.com/flavio-fernandes/ovsdbapp_playground/blob/a9e780ce7ad57215b2200eba14c515482be84d63/scripts/step2_create_logical_ports.py <https://github.com/flavio-fernandes/ovsdbapp_playground/blob/a9e780ce7ad57215b2200eba14c515482be84d63/scripts/step2_create_logical_ports.py> russellb's equivalent in ovsdbapp
[3] https://github.com/flavio-fernandes/ovsdbapp_playground/commit/a9e780ce7ad57215b2200eba14c515482be84d63 <https://github.com/flavio-fernandes/ovsdbapp_playground/commit/a9e780ce7ad57215b2200eba14c515482be84d63> acl rules changes to make
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20200507/31bbd73c/attachment.html>
More information about the discuss
mailing list