Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
northd: Don't check ct_lb_related feature for skip_snat/force_snat.
skip_snat and force_snat were added in ct_lb/ct_lb_mark action by commit c1d6b8a to set skip_snat and force_snat bits in ct-lable/mark. It is not related to the ct_lb_related feature. This patch removes the check. Without this fix, the skip_snat/force_snat features are broken when northd is running in "backward compatible" mode, when there is any ovn-controller running an older version that doesn't support "ct_lb_related". northd would not add the skip_snat/force_snat in the ct_lb action in such case, and the relevant bits won't be set in CT (even on nodes running ovn-controller that supports the skip_snat/force_snat in ct_lb action), but those CT bits are required to be matched in another logical flows so that the relevant register flags can be set (the behavior introduced by the commit ce46a1b): match=(ct.est && !ct.rel && !ct.new && ct_mark.natted && ct_mark.force_snat == 1), action=(flags.force_snat_for_lb = 1; next;) match=(ct.est && !ct.rel && !ct.new && ct_mark.natted && ct_mark.skip_snat == 1), action=(flags.skip_snat_for_lb = 1; next;) Because of this, the skip_snat/force_snat doesn't work in "backward compatible" mode. With this fix, the feature continues to work between "backward compatible" mode northd and all nodes that has the ct_lb skip_snat/force_snat support, while nodes running older version of ovn-controller would report syntax error on such logical flows. While this may not sound perfect, but if users follow the suggested upgrade order so that ovn-controllers are upgraded before ovn-northd, there is no problem. The biggest benefit of this fix is that when there is a bad node that fails upgrading ovn-controller, the skip_snat/force_snat features are not broken. Alternatively, we could fix the problem by reverting commit ce46a1b. However, there were already several fixes and refactors for the related code on top of that, it is not straightforward. The code would become more complex and the value of the backward compatibility for a northd-first upgrade order is not obvious for this feature which was introduced 2 release ago. In addition, there are other places when the ct_lb skip_snat/force_snat are used without checking any chassis feature support, such as in build_lb_affinity_lr_flows(). So, based on all the above considerations, simply removing the feature compatiblity check seems to be a more reasonable fix. Fixes: c1d6b8a ("northd: Store skip_snat and force_snat in ct_label/mark") Fixes: ce46a1b ("northd: Use generic ct.est flows for LR LBs") Signed-off-by: Han Zhou <hzhou@ovn.org> Acked-by: Ales Musil <amusil@redhat.com>
- Loading branch information