Make svc bypass code dual-stack aware

It was added long back for some openstack customer and only handled V4. This was causing a mess up of dual-stack service flows. Fixed that. Signed-off-by: Madhu Challa <challa@gmail.com>
noironetworks · Sep 26, 2023 · 3028684 · 3028684
1 parent b676dd9
commit 3028684
Showing 1 changed file with 9 additions and 2 deletions.
diff --git a/agent-ovs/ovs/AccessFlowManager.cpp b/agent-ovs/ovs/AccessFlowManager.cpp
@@ -301,17 +301,24 @@ static void flowBypassServiceIP(FlowEntryList& el,
 
     for (const string& epipStr : ep->getIPs()) {
         network::cidr_t cidr;
+        boost::system::error_code ec;
+        address addr = address::from_string(epipStr, ec);
+        if (ec) continue;
         if (!network::cidr_from_string(epipStr, cidr, false))
             continue;
         for (const string& svcipStr : ep->getServiceIPs()) {
             boost::system::error_code ec;
             address serviceAddr =
                 address::from_string(svcipStr, ec);
             if (ec) continue;
+            if (addr.is_v4() != serviceAddr.is_v4())
+                continue;
 
             FlowBuilder ingress, egress;
+            uint16_t ethT = addr.is_v4() ? eth::type::IP
+                                         : eth::type::IPV6;
             ingress.priority(10)
-                   .ethType(eth::type::IP)
+                   .ethType(ethT)
                    .inPort(uplinkPort)
                    .ipSrc(serviceAddr)
                    .ipDst(cidr.first, cidr.second)
@@ -332,7 +339,7 @@ static void flowBypassServiceIP(FlowEntryList& el,
             ingress.build(el);
 
             egress.priority(10)
-                  .ethType(eth::type::IP)
+                  .ethType(ethT)
                   .inPort(accessPort)
                   .ipSrc(cidr.first, cidr.second)
                   .ipDst(serviceAddr)