-
Notifications
You must be signed in to change notification settings - Fork 236
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix ACL reject action for UDP packets.
The icmp packet generated by ovn-controller for reject ACL action for non TCP packets is not getting delivered to the sender of the original packet. This is because the icmp packets are skipped from out_pre_lb/out_pre_acl logical switch egress pipeline and this results in these icmp packets getting dropped in the ACL stage because of invalid ct flags. This patch fixes this issue by removing those logical flows. The IP checksum generated by ovn-controller is invalid. This patch fixes this issue as well. Tested-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com> Signed-off-by: Numan Siddique <numans@ovn.org>
- Loading branch information
1 parent
4052d48
commit f792b1a
Showing
4 changed files
with
177 additions
and
88 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.