[ovs-git] [ovn-org/ovn] c9ced2: ovn-controller: Fix the missing ct zone entries fo...

[numansiddique]

  Branch: refs/heads/branch-20.06
  Home:   https://github.com/ovn-org/ovn
  Commit: c9ced21e36a7e7ce0c2799dcab8a981cef14a846
      https://github.com/ovn-org/ovn/commit/c9ced21e36a7e7ce0c2799dcab8a981cef14a846
  Author: Numan Siddique <numans at ovn.org>
  Date:   2020-07-17 (Fri, 17 Jul 2020)

  Changed paths:
    M controller/binding.c
    M tests/ovn.at
    M tests/system-ovn.at

  Log Message:
  -----------
  ovn-controller: Fix the missing ct zone entries for container ports.

After the commit in the Fixes tag, ovn-controller was not creating ct zone
entries for the container ports in the integration bridge's external_ids
column. Because of this, when a container port sends a traffic to
load balancer VIP, zone id is not used (because REG13 is not set).
But the reverse traffic doesn't go through the ct_lb action for undnat,
but instead go to the conntrack via the ct_commit() OVN action and the
packet gets dropped. This happens if an ACL with allow-related action
which matches in the egress pipeline of the logical switch.

This patch fixes this regression and the tests make sure the the ct zone
entries are created for the container ports.

Fixes: 6c8b9a132532("ovn-controller: Store the local port bindings in the runtime data I-P state.")
Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=1857865
Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=1858191
Acked-by: Dumitru Ceara <dceara at redhat.com>
Signed-off-by: Numan Siddique <numans at ovn.org>
(cherry-picked from master commit 925632ee6032225ea399e3671353c04297204eae)