-
Notifications
You must be signed in to change notification settings - Fork 254
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix load balanced hairpin traffic for fragmented packets.
If we have a UDP load balancer - 10.0.0.10:80 = 10.0.0.3:8080, in order to determine if the load balanced traffic needs to be hairpinned, the vip - 10.0.0.10 and the vip port - 80 are stored in the registers before the packet is load balanced using the below logical flow - table=6 (ls_in_pre_stateful ), priority=120 , match=(reg0[2] == 1 && ip4.dst == 10.0.0.10 && tcp.dst == 80), action=(reg1 = 10.0.0.10; reg2[0..15] = 80; ct_lb_mark;) These registers are used in the later stages to check if the load balanced packet needs to be hairpinned or not. However, if the packet is fragmented we may not be able to match on the L4 fields (tcp, udp or sctp dest port) and this breaks the hairpin traffic. This patch addressed this issue by making use of ct_nw_dst/ct_ip6_dst and ct_tp_dst conntrack fields to determine the hairpin load balanced traffic. In order to not break hardware offload on certain smart nics, care is taken to match on these fields only for fragmented packets. Note: Relying on conntrack to reassemble packets is not exactly correct, it only accidentaly works with the kernel datapath. In our internal bug tracking system we have this issue to track this incorrect assumption: https://issues.redhat.com/browse/FDP-913 Reported-at: https://issues.redhat.com/browse/FDP-905 Fixes: 1139b65 ("Don't blindly save original dst IP and Port to avoid megaflow unwildcarding.") Acked-by: Dumitru Ceara <dceara@redhat.com> Suggested-by: Dumitru Ceara <dceara@redhat.com> Signed-off-by: Numan Siddique <numans@ovn.org>
- Loading branch information
1 parent
55782af
commit 0f806cf
Showing
14 changed files
with
516 additions
and
51 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.