Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix node local dns ip hit ct when acl is set #4810

Merged
merged 1 commit into from
Dec 12, 2024
Merged

fix node local dns ip hit ct when acl is set #4810

merged 1 commit into from
Dec 12, 2024

Conversation

changluyi
Copy link
Collaborator

Pull Request

What type of this PR

Examples of user facing changes:

  • Features
  • Bug fixes
  • Docs
  • Tests

Which issue(s) this PR fixes

Fixes #(issue-number)

@dosubot dosubot bot added size:XS This PR changes 0-9 lines, ignoring generated files. bug Something isn't working labels Dec 10, 2024
@changluyi changluyi force-pushed the fix_node_local_dns_hit_ct_when_acl_is_set_1.12 branch 4 times, most recently from 84905a5 to 8aa4003 Compare December 11, 2024 09:21
@zhangzujian
Copy link
Member 

+        char *match;
+        // skip conntrack when access node local dns ip
+        if (strlen(node_local_dns_ip_v4) != 0) {
+            match = xasprintf("ip4 && ip4.dst == %s", node_local_dns_ip_v4);
+            ovn_lflow_add_with_kube_ovn_hint(lflows, od,
+                S_SWITCH_IN_PRE_ACL, 110, match, "next;",
+                OVN_LFLOW_HINT_KUBE_OVN_SKIP_CT);
+                
+            match = xasprintf("ip4 && ip4.dst == %s", node_local_dns_ip_v4);
+            ovn_lflow_add_with_kube_ovn_hint(lflows, od,
+                S_SWITCH_OUT_PRE_ACL, 110, match, "next;",
+                OVN_LFLOW_HINT_KUBE_OVN_SKIP_CT);
+            free(match);
+        }

重复的 match = xasprintf(...);

@changluyi changluyi force-pushed the fix_node_local_dns_hit_ct_when_acl_is_set_1.12 branch from 8aa4003 to 28ea7b0 Compare December 12, 2024 06:16
@changluyi
Copy link
Collaborator Author 

skip conntrack when access node local dns ip

1

@dosubot dosubot bot added the lgtm This PR has been approved by a maintainer label Dec 12, 2024
@changluyi changluyi merged commit f2c7937 into release-1.12 Dec 12, 2024
52 of 55 checks passed
@changluyi changluyi deleted the fix_node_local_dns_hit_ct_when_acl_is_set_1.12 branch December 12, 2024 12:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zhangzujian zhangzujian zhangzujian approved these changes

Assignees
No one assigned
Labels
bug Something isn't working lgtm This PR has been approved by a maintainer size:XS This PR changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@changluyi @zhangzujian