Last active
September 14, 2021 14:26
-
-
Save orimanabu/769c8a1e57d124489b9b8ac384da4ce8 to your computer and use it in GitHub Desktop.
ovn-trace: OCP4.8 Pod-to-ClusterIP different node
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| ## ovn-trace command line | |
| ## | |
| # oc -n openshift-ovn-kubernetes exec -c northd ovnkube-master-h2qh7 -- \ | |
| # ovn-trace -p /ovn-cert/tls.key -c /ovn-cert/tls.crt -C /ovn-ca/ca-bundle.crt --db 'ssl:172.16.13.102:9642' \ | |
| # worker-4 --ct new ' \ | |
| # inport == \"proj1_client\" && | |
| # eth.src == 0a:58:0a:83:02:28 && | |
| # eth.dst == 0a:58:0a:83:02:01 && | |
| # ip4.src == 10.131.2.40 && | |
| # ip4.dst == 172.30.11.18 && | |
| # ip.ttl == 64 && | |
| # tcp && | |
| # tcp.src == 33333 && | |
| # tcp.dst == 80' | |
| ## | |
| ## trace output | |
| ## | |
| # tcp,reg14=0x42,vlan_tci=0x0000,dl_src=0a:58:0a:83:02:28,dl_dst=0a:58:0a:83:02:01,nw_src=10.131.2.40,nw_dst=172.30.11.18,nw_tos=0,nw_ecn=0,nw_ttl=64,tp_src=33333,tp_dst=80,tcp_flags=0 | |
| ingress(dp="worker-4", inport="proj1_client") | |
| --------------------------------------------- | |
| 0. ls_in_port_sec_l2 (ovn-northd.c:5036): inport == "proj1_client" && eth.src == {0a:58:0a:83:02:28}, priority 50, uuid 1703ac99 | |
| next; | |
| 1. ls_in_port_sec_ip (ovn-northd.c:4684): inport == "proj1_client" && eth.src == 0a:58:0a:83:02:28 && ip4.src == {10.131.2.40}, priority 90, uuid 7a9898e4 | |
| next; | |
| 5. ls_in_pre_acl (ovn-northd.c:5237): ip, priority 100, uuid a37aaeec | |
| reg0[0] = 1; | |
| next; | |
| 6. ls_in_pre_lb (ovn-northd.c:5405): ip, priority 100, uuid 48729749 | |
| reg0[2] = 1; | |
| next; | |
| 7. ls_in_pre_stateful (ovn-northd.c:5432): reg0[2] == 1 && ip4 && tcp, priority 120, uuid 428e6ecd | |
| reg1 = ip4.dst; | |
| reg2[0..15] = tcp.dst; | |
| ct_lb; | |
| ct_lb | |
| ----- | |
| 8. ls_in_acl_hint (ovn-northd.c:5525): !ct.trk, priority 5, uuid 035217ee | |
| reg0[8] = 1; | |
| reg0[9] = 1; | |
| next; | |
| 22. ls_in_l2_lkup (ovn-northd.c:7609): eth.dst == 0a:58:0a:83:02:01, priority 50, uuid 7f82616a | |
| outport = "stor-worker-4"; | |
| output; | |
| egress(dp="worker-4", inport="proj1_client", outport="stor-worker-4") | |
| --------------------------------------------------------------------- | |
| 0. ls_out_pre_lb (ovn-northd.c:5182): ip && outport == "stor-worker-4", priority 110, uuid b6946a39 | |
| next; | |
| 1. ls_out_pre_acl (ovn-northd.c:5182): ip && outport == "stor-worker-4", priority 110, uuid 1f580f37 | |
| next; | |
| 3. ls_out_acl_hint (ovn-northd.c:5525): !ct.trk, priority 5, uuid 424d9922 | |
| reg0[8] = 1; | |
| reg0[9] = 1; | |
| next; | |
| 9. ls_out_port_sec_l2 (ovn-northd.c:5131): outport == "stor-worker-4", priority 50, uuid d4445653 | |
| output; | |
| /* output to "stor-worker-4", type "patch" */ | |
| ingress(dp="ovn_cluster_router", inport="rtos-worker-4") | |
| -------------------------------------------------------- | |
| 0. lr_in_admission (ovn-northd.c:9657): eth.dst == 0a:58:0a:83:02:01 && inport == "rtos-worker-4", priority 50, uuid df11cb73 | |
| xreg0[0..47] = 0a:58:0a:83:02:01; | |
| next; | |
| 1. lr_in_lookup_neighbor (ovn-northd.c:9736): 1, priority 0, uuid c122b402 | |
| reg9[2] = 1; | |
| next; | |
| 2. lr_in_learn_neighbor (ovn-northd.c:9745): reg9[2] == 1, priority 100, uuid 682ffab1 | |
| next; | |
| 10. lr_in_ip_routing (ovn-northd.c:8704): ip4.src == 10.131.2.0/23, priority 46, uuid 1d3d7c2c | |
| ip.ttl--; | |
| reg8[0..15] = 0; | |
| reg0 = 100.64.0.2; | |
| reg1 = 100.64.0.1; | |
| eth.src = 0a:58:64:40:00:01; | |
| outport = "rtoj-ovn_cluster_router"; | |
| flags.loopback = 1; | |
| next; | |
| 11. lr_in_ip_routing_ecmp (ovn-northd.c:10003): reg8[0..15] == 0, priority 150, uuid 9743d59c | |
| next; | |
| 12. lr_in_policy (ovn-northd.c:10128): 1, priority 0, uuid e11ab73c | |
| reg8[0..15] = 0; | |
| next; | |
| 13. lr_in_policy_ecmp (ovn-northd.c:10130): reg8[0..15] == 0, priority 150, uuid d8180133 | |
| next; | |
| 14. lr_in_arp_resolve (ovn-northd.c:10507): outport == "rtoj-ovn_cluster_router" && reg0 == 100.64.0.2, priority 100, uuid d4436af5 | |
| eth.dst = 0a:58:64:40:00:02; | |
| next; | |
| 18. lr_in_arp_request (ovn-northd.c:10753): 1, priority 0, uuid adb98462 | |
| output; | |
| egress(dp="ovn_cluster_router", inport="rtos-worker-4", outport="rtoj-ovn_cluster_router") | |
| ------------------------------------------------------------------------------------------ | |
| 3. lr_out_delivery (ovn-northd.c:10801): outport == "rtoj-ovn_cluster_router", priority 100, uuid 5f0ff9f8 | |
| output; | |
| /* output to "rtoj-ovn_cluster_router", type "patch" */ | |
| ingress(dp="join", inport="jtor-ovn_cluster_router") | |
| ---------------------------------------------------- | |
| 0. ls_in_port_sec_l2 (ovn-northd.c:5036): inport == "jtor-ovn_cluster_router", priority 50, uuid 45078acd | |
| next; | |
| 6. ls_in_pre_lb (ovn-northd.c:5179): ip && inport == "jtor-ovn_cluster_router", priority 110, uuid f7f32e1d | |
| next; | |
| 22. ls_in_l2_lkup (ovn-northd.c:7674): eth.dst == 0a:58:64:40:00:02, priority 50, uuid b0da296e | |
| outport = "jtor-GR_worker-4"; | |
| output; | |
| egress(dp="join", inport="jtor-ovn_cluster_router", outport="jtor-GR_worker-4") | |
| ------------------------------------------------------------------------------- | |
| 0. ls_out_pre_lb (ovn-northd.c:5182): ip && outport == "jtor-GR_worker-4", priority 110, uuid e9a46e6f | |
| next; | |
| 9. ls_out_port_sec_l2 (ovn-northd.c:5131): outport == "jtor-GR_worker-4", priority 50, uuid 3a8ed8e0 | |
| output; | |
| /* output to "jtor-GR_worker-4", type "l3gateway" */ | |
| ingress(dp="GR_worker-4", inport="rtoj-GR_worker-4") | |
| ---------------------------------------------------- | |
| 0. lr_in_admission (ovn-northd.c:9657): eth.dst == 0a:58:64:40:00:02 && inport == "rtoj-GR_worker-4", priority 50, uuid 809a8dd4 | |
| xreg0[0..47] = 0a:58:64:40:00:02; | |
| next; | |
| 1. lr_in_lookup_neighbor (ovn-northd.c:9736): 1, priority 0, uuid c122b402 | |
| reg9[2] = 1; | |
| next; | |
| 2. lr_in_learn_neighbor (ovn-northd.c:9745): reg9[2] == 1 || reg9[3] == 0, priority 100, uuid 6371a776 | |
| next; | |
| 4. lr_in_defrag (ovn-northd.c:8976): ip && ip4.dst == 172.30.11.18, priority 100, uuid bfb58371 | |
| ct_next; | |
| ct_next(ct_state=new|trk) | |
| ------------------------- | |
| 6. lr_in_dnat (ovn-northd.c:8823): ct.new && ip && ip4.dst == 172.30.11.18 && tcp && tcp.dst == 80, priority 120, uuid 55c63ce1 | |
| flags.force_snat_for_lb = 1; | |
| ct_lb(backends=10.130.3.45:8080,10.130.3.46:8080,10.131.2.31:8080,10.131.2.37:8080); | |
| ct_lb | |
| ----- | |
| 10. lr_in_ip_routing (ovn-northd.c:8704): ip4.dst == 10.128.0.0/14, priority 29, uuid 694c5b7c | |
| ip.ttl--; | |
| reg8[0..15] = 0; | |
| reg0 = 100.64.0.1; | |
| reg1 = 100.64.0.2; | |
| eth.src = 0a:58:64:40:00:02; | |
| outport = "rtoj-GR_worker-4"; | |
| flags.loopback = 1; | |
| next; | |
| 11. lr_in_ip_routing_ecmp (ovn-northd.c:10003): reg8[0..15] == 0, priority 150, uuid 9743d59c | |
| next; | |
| 12. lr_in_policy (ovn-northd.c:10128): 1, priority 0, uuid e11ab73c | |
| reg8[0..15] = 0; | |
| next; | |
| 13. lr_in_policy_ecmp (ovn-northd.c:10130): reg8[0..15] == 0, priority 150, uuid d8180133 | |
| next; | |
| 14. lr_in_arp_resolve (ovn-northd.c:10164): ip4, priority 0, uuid 207043e5 | |
| get_arp(outport, reg0); | |
| /* MAC binding to 0a:58:64:40:00:01. */ | |
| next; | |
| 18. lr_in_arp_request (ovn-northd.c:10753): 1, priority 0, uuid adb98462 | |
| output; | |
| egress(dp="GR_worker-4", inport="rtoj-GR_worker-4", outport="rtoj-GR_worker-4") | |
| ------------------------------------------------------------------------------- | |
| 1. lr_out_snat (ovn-northd.c:11589): ip && ip4.src == 10.128.0.0/14, priority 15, uuid 3dac4721 | |
| ct_snat(172.16.13.108); | |
| ct_snat(ip4.src=172.16.13.108) | |
| ------------------------------ | |
| 3. lr_out_delivery (ovn-northd.c:10801): outport == "rtoj-GR_worker-4", priority 100, uuid c2a09265 | |
| output; | |
| /* output to "rtoj-GR_worker-4", type "l3gateway" */ | |
| ingress(dp="join", inport="jtor-GR_worker-4") | |
| --------------------------------------------- | |
| 0. ls_in_port_sec_l2 (ovn-northd.c:5036): inport == "jtor-GR_worker-4", priority 50, uuid bd1f56ae | |
| next; | |
| 6. ls_in_pre_lb (ovn-northd.c:5179): ip && inport == "jtor-GR_worker-4", priority 110, uuid 9966e932 | |
| next; | |
| 22. ls_in_l2_lkup (ovn-northd.c:7674): eth.dst == 0a:58:64:40:00:01, priority 50, uuid 774cdc38 | |
| outport = "jtor-ovn_cluster_router"; | |
| output; | |
| egress(dp="join", inport="jtor-GR_worker-4", outport="jtor-ovn_cluster_router") | |
| ------------------------------------------------------------------------------- | |
| 0. ls_out_pre_lb (ovn-northd.c:5182): ip && outport == "jtor-ovn_cluster_router", priority 110, uuid 38fe7937 | |
| next; | |
| 9. ls_out_port_sec_l2 (ovn-northd.c:5131): outport == "jtor-ovn_cluster_router", priority 50, uuid c86ee550 | |
| output; | |
| /* output to "jtor-ovn_cluster_router", type "patch" */ | |
| ingress(dp="ovn_cluster_router", inport="rtoj-ovn_cluster_router") | |
| ------------------------------------------------------------------ | |
| 0. lr_in_admission (ovn-northd.c:9657): eth.dst == 0a:58:64:40:00:01 && inport == "rtoj-ovn_cluster_router", priority 50, uuid 89cd857c | |
| xreg0[0..47] = 0a:58:64:40:00:01; | |
| next; | |
| 1. lr_in_lookup_neighbor (ovn-northd.c:9736): 1, priority 0, uuid c122b402 | |
| reg9[2] = 1; | |
| next; | |
| 2. lr_in_learn_neighbor (ovn-northd.c:9745): reg9[2] == 1, priority 100, uuid 682ffab1 | |
| next; | |
| 10. lr_in_ip_routing (ovn-northd.c:8704): ip4.dst == 10.130.2.0/23, priority 47, uuid 86330ef1 | |
| ip.ttl--; | |
| reg8[0..15] = 0; | |
| reg0 = ip4.dst; | |
| reg1 = 10.130.2.1; | |
| eth.src = 0a:58:0a:82:02:01; | |
| outport = "rtos-worker-3"; | |
| flags.loopback = 1; | |
| next; | |
| 11. lr_in_ip_routing_ecmp (ovn-northd.c:10003): reg8[0..15] == 0, priority 150, uuid 9743d59c | |
| next; | |
| 12. lr_in_policy (ovn-northd.c:8051): ip4.src == 10.128.0.0/14 && ip4.dst == 10.128.0.0/14, priority 101, uuid 34662525 | |
| reg8[0..15] = 0; | |
| next; | |
| 13. lr_in_policy_ecmp (ovn-northd.c:10130): reg8[0..15] == 0, priority 150, uuid d8180133 | |
| next; | |
| 14. lr_in_arp_resolve (ovn-northd.c:10309): outport == "rtos-worker-3" && reg0 == 10.130.3.46, priority 100, uuid 62bd06d0 | |
| eth.dst = 0a:58:0a:82:03:2e; | |
| next; | |
| 18. lr_in_arp_request (ovn-northd.c:10753): 1, priority 0, uuid adb98462 | |
| output; | |
| egress(dp="ovn_cluster_router", inport="rtoj-ovn_cluster_router", outport="rtos-worker-3") | |
| ------------------------------------------------------------------------------------------ | |
| 3. lr_out_delivery (ovn-northd.c:10801): outport == "rtos-worker-3", priority 100, uuid 444094e8 | |
| output; | |
| /* output to "rtos-worker-3", type "patch" */ | |
| ingress(dp="worker-3", inport="stor-worker-3") | |
| ---------------------------------------------- | |
| 0. ls_in_port_sec_l2 (ovn-northd.c:5036): inport == "stor-worker-3", priority 50, uuid 47a3f2ce | |
| next; | |
| 5. ls_in_pre_acl (ovn-northd.c:5179): ip && inport == "stor-worker-3", priority 110, uuid 345fe9a2 | |
| next; | |
| 6. ls_in_pre_lb (ovn-northd.c:5179): ip && inport == "stor-worker-3", priority 110, uuid 15dcb534 | |
| next; | |
| 8. ls_in_acl_hint (ovn-northd.c:5505): ct.new && !ct.est, priority 7, uuid 44582a06 | |
| reg0[7] = 1; | |
| reg0[9] = 1; | |
| next; | |
| 9. ls_in_acl (ovn-northd.c:5930): ip && (!ct.est || (ct.est && ct_label.blocked == 1)), priority 1, uuid e3fc1aed | |
| reg0[1] = 1; | |
| next; | |
| 12. ls_in_stateful (ovn-northd.c:6236): reg0[1] == 1, priority 100, uuid 98670bfc | |
| ct_commit { ct_label.blocked = 0; }; | |
| next; | |
| 13. ls_in_pre_hairpin (ovn-northd.c:6275): ip && ct.trk, priority 100, uuid f07f9563 | |
| reg0[6] = chk_lb_hairpin(); | |
| reg0[12] = chk_lb_hairpin_reply(); | |
| *** chk_lb_hairpin_reply action not implemented | |
| next; | |
| 22. ls_in_l2_lkup (ovn-northd.c:7609): eth.dst == 0a:58:0a:82:03:2e, priority 50, uuid 40016e76 | |
| outport = "proj1_hello-6cdb8c795c-qkpk5"; | |
| output; | |
| egress(dp="worker-3", inport="stor-worker-3", outport="proj1_hello-6cdb8c795c-qkpk5") | |
| ------------------------------------------------------------------------------------- | |
| 0. ls_out_pre_lb (ovn-northd.c:5407): ip, priority 100, uuid 38a41a98 | |
| reg0[2] = 1; | |
| next; | |
| 1. ls_out_pre_acl (ovn-northd.c:5239): ip, priority 100, uuid ddaafe6d | |
| reg0[0] = 1; | |
| next; | |
| 2. ls_out_pre_stateful (ovn-northd.c:5452): reg0[2] == 1, priority 110, uuid 85953020 | |
| ct_lb; | |
| ct_lb | |
| ----- | |
| 3. ls_out_acl_hint (ovn-northd.c:5505): ct.new && !ct.est, priority 7, uuid ffe13232 | |
| reg0[7] = 1; | |
| reg0[9] = 1; | |
| next; | |
| 4. ls_out_acl (ovn-northd.c:5933): ip && (!ct.est || (ct.est && ct_label.blocked == 1)), priority 1, uuid a20334dc | |
| reg0[1] = 1; | |
| next; | |
| 7. ls_out_stateful (ovn-northd.c:6239): reg0[1] == 1, priority 100, uuid d49066cb | |
| ct_commit { ct_label.blocked = 0; }; | |
| next; | |
| 8. ls_out_port_sec_ip (ovn-northd.c:4684): outport == "proj1_hello-6cdb8c795c-qkpk5" && eth.dst == 0a:58:0a:82:03:2e && ip4.dst == {255.255.255.255, 224.0.0.0/4, 10.130.3.46}, priority 90, uuid 51d34066 | |
| next; | |
| 9. ls_out_port_sec_l2 (ovn-northd.c:5131): outport == "proj1_hello-6cdb8c795c-qkpk5" && eth.dst == {0a:58:0a:82:03:2e}, priority 50, uuid 6ce0849b | |
| output; | |
| /* output to "proj1_hello-6cdb8c795c-qkpk5", type "" */ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment