Ubuntu
ovn package

  1. Bug #1967856
  2. Comment #5

Comment 5 for bug 1967856

Revision history for this message
Numan Siddique (numansiddique) wrote :

It works fine for me

---------------------

[root@ovn-chassis-1 data]# ip netns exec vm1 ping 10.78.95.196
PING 10.78.95.196 (10.78.95.196) 56(84) bytes of data.
64 bytes from 10.78.95.196: icmp_seq=1 ttl=62 time=1.18 ms
64 bytes from 10.78.95.196: icmp_seq=2 ttl=62 time=0.651 ms
64 bytes from 10.78.95.196: icmp_seq=3 ttl=62 time=0.102 ms
64 bytes from 10.78.95.196: icmp_seq=4 ttl=62 time=0.141 ms
^C
--- 10.78.95.196 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3044ms
rtt min/avg/max/mdev = 0.102/0.518/1.179/0.438 ms
[root@ovn-chassis-1 data]#
[root@ovn-chassis-1 data]#
[root@ovn-chassis-1 data]# ip netns exec vm1 ping 10.78.95.196
PING 10.78.95.196 (10.78.95.196) 56(84) bytes of data.
64 bytes from 10.78.95.196: icmp_seq=1 ttl=62 time=0.113 ms
64 bytes from 10.78.95.196: icmp_seq=2 ttl=62 time=0.339 ms
64 bytes from 10.78.95.196: icmp_seq=3 ttl=62 time=0.242 ms
64 bytes from 10.78.95.196: icmp_seq=4 ttl=62 time=0.110 ms
64 bytes from 10.78.95.196: icmp_seq=5 ttl=62 time=0.251 ms
64 bytes from 10.78.95.196: icmp_seq=6 ttl=62 time=0.213 ms
64 bytes from 10.78.95.196: icmp_seq=7 ttl=62 time=0.260 ms
64 bytes from 10.78.95.196: icmp_seq=8 ttl=62 time=0.258 ms
64 bytes from 10.78.95.196: icmp_seq=9 ttl=62 time=0.259 ms
64 bytes from 10.78.95.196: icmp_seq=10 ttl=62 time=0.257 ms
64 bytes from 10.78.95.196: icmp_seq=11 ttl=62 time=0.264 ms
64 bytes from 10.78.95.196: icmp_seq=12 ttl=62 time=0.258 ms
64 bytes from 10.78.95.196: icmp_seq=13 ttl=62 time=0.311 ms
64 bytes from 10.78.95.196: icmp_seq=14 ttl=62 time=0.257 ms
64 bytes from 10.78.95.196: icmp_seq=15 ttl=62 time=0.264 ms
64 bytes from 10.78.95.196: icmp_seq=16 ttl=62 time=0.253 ms
64 bytes from 10.78.95.196: icmp_seq=17 ttl=62 time=0.249 ms
64 bytes from 10.78.95.196: icmp_seq=18 ttl=62 time=0.286 ms
64 bytes from 10.78.95.196: icmp_seq=19 ttl=62 time=0.264 ms
64 bytes from 10.78.95.196: icmp_seq=20 ttl=62 time=0.252 ms
64 bytes from 10.78.95.196: icmp_seq=21 ttl=62 time=0.239 ms
^C
--- 10.78.95.196 ping statistics ---
21 packets transmitted, 21 received, 0% packet loss, time 20515ms
rtt min/avg/max/mdev = 0.110/0.247/0.339/0.050 ms
[root@ovn-chassis-1 data]# ip netns exec vm1 ping 10.78.95.196
PING 10.78.95.196 (10.78.95.196) 56(84) bytes of data.
64 bytes from 10.78.95.196: icmp_seq=1 ttl=62 time=0.816 ms
64 bytes from 10.78.95.196: icmp_seq=2 ttl=62 time=0.258 ms
64 bytes from 10.78.95.196: icmp_seq=3 ttl=62 time=0.265 ms
64 bytes from 10.78.95.196: icmp_seq=4 ttl=62 time=0.269 ms
64 bytes from 10.78.95.196: icmp_seq=5 ttl=62 time=0.256 ms
64 bytes from 10.78.95.196: icmp_seq=6 ttl=62 time=0.273 ms
64 bytes from 10.78.95.196: icmp_seq=7 ttl=62 time=0.260 ms
64 bytes from 10.78.95.196: icmp_seq=8 ttl=62 time=0.239 ms
^C
--- 10.78.95.196 ping statistics ---
8 packets transmitted, 8 received, 0% packet loss, time 7165ms
rtt min/avg/max/mdev = 0.239/0.329/0.816/0.184 ms
[root@ovn-chassis-1 data]# ip netns exec vm1 ping 10.78.95.196
PING 10.78.95.196 (10.78.95.196) 56(84) bytes of data.
64 bytes from 10.78.95.196: icmp_seq=1 ttl=62 time=1.41 ms
64 bytes from 10.78.95.196: icmp_seq=2 ttl=62 time=2.10 ms
64 bytes from 10.78.95.196: icmp_seq=3 ttl=62 time=0.275 ms
64 bytes from 10.78.95.196: icmp_seq=4 ttl=62 time=0.262 ms
^C
--- 10.78.95.196 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3023ms
rtt min/avg/max/mdev = 0.262/1.012/2.102/0.783 ms

conntrack v1.4.5 (conntrack-tools): 11 flow entries have been shown.
icmp 1 23 src=10.78.95.196 dst=10.78.95.196 type=8 code=0 id=44853 src=192.168.0.52 dst=10.78.95.196 type=0 code=0 id=44853 mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=1 use=1
icmp 1 29 src=192.168.0.52 dst=10.78.95.196 type=8 code=0 id=41407 src=10.78.95.196 dst=10.78.95.196 type=0 code=0 id=41407 mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=4 use=1
icmp 1 2 src=192.168.0.52 dst=10.78.95.196 type=8 code=0 id=50072 src=10.78.95.196 dst=10.78.95.196 type=0 code=0 id=50072 mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=4 use=1
icmp 1 29 src=10.78.95.196 dst=10.78.95.196 type=8 code=0 id=41407 src=192.168.0.52 dst=10.78.95.196 type=0 code=0 id=41407 mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=1 use=1
icmp 1 23 src=192.168.0.52 dst=10.78.95.196 type=8 code=0 id=44853 src=10.78.95.196 dst=10.78.95.196 type=0 code=0 id=44853 mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=4 use=1
icmp 1 2 src=10.78.95.196 dst=10.78.95.196 type=8 code=0 id=50072 src=192.168.0.52 dst=10.78.95.196 type=0 code=0 id=50072 mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=1 use=1

-------------------

I noticed that NAT's had the option stateless=true set. Is that intentional ?

If so, the packet should not be sent to conntrack at all. For me it worked both for stateless=true and stateless=false.

I tested with the latest main. Maybe you can test with the latest main ?

Thanks