-
Notifications
You must be signed in to change notification settings - Fork 366
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use LOCAL instead of CONTROLLER as the in_port of packet-out message #4992
Conversation
CONTROLLER cannot be used as the in_port due to a bug in Windows ovsext driver, otherwise the Windows OS would crash. See openvswitch/ovs-issues#280. Signed-off-by: Quan Tian <qtian@vmware.com>
/test-all |
@@ -1053,12 +1054,15 @@ func (p *proxier) HandlePacketIn(pktIn *ofctrl.PacketIn) error { | |||
return fmt.Errorf("error when getting match field inPort") | |||
} | |||
outPort := inPortField.GetValue().(uint32) | |||
// It cannot use CONTROLLER (the default value when inPort is 0) as the inPort due to a bug in Windows ovsext | |||
// driver, otherwise the Windows OS would crash. See https://github.com/openvswitch/ovs-issues/issues/280. | |||
inPort := uint32(openflow15.P_LOCAL) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does it work with value "0xfffffffe" on Windows ? What about Linux?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have verified on Linux it works (accessig the service from antrea-gw0 and Pod interface), and @xliuxu tested manually on Windows via ovs-ofctl packet-out
and it didn't crash. Will need your help to verify it end to end on Windows.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
tested with Windows docker runtime, a reject packet on a no-Endpoint Service request does not trigger BSoD. Will run more tests tomorrow.
Do we have a test case for this scenario? |
/test-windows-containerd-networkpolicy |
No, I think we should add one, but I notice none of proxy specific tests run on Windows. @hongliangl can we make these tests run on Windows? |
Sure, I'll try to add these tests on Windows. |
@hongliangl, as @xliuxu suggested above, please add one case for Service without Endpoints to verify we can get reject response when accessing the Service from Node and Pod. |
Sure, I'll add it today. |
/test-e2e |
|
…ntrea-io#4992) CONTROLLER cannot be used as the in_port due to a bug in Windows ovsext driver, otherwise the Windows OS would crash. See openvswitch/ovs-issues#280. Signed-off-by: Quan Tian <qtian@vmware.com>
CONTROLLER cannot be used as the in_port due to a bug in Windows ovsext driver, otherwise the Windows OS would crash.
See openvswitch/ovs-issues#280.
Fixes #4990