On Wed, Mar 17, 2021 at 9:01 PM Krzysztof Klimonda <kklimo...@syntaxhighlighted.com> wrote: > > Hi, > > I've been tracking down BFD timeouts, and decided to debug what seemed to be > the only related thing I could find, that is the following message in dmesg: > > ``` > ovs-system: deferred action limit reached, drop recirc action > ``` > > From going through ovn-trace output (attached to this email) new connections > for IP address of the router are handled like parts of existing connections, > and then sent to the next pipeline where packet is looped around back to > ingress pipeline and the whole process repeats. Finally, after enough loops > TTL is set to 0 and icmp ttl exceeded is sent back to the host. At the same > time datapath gets 63 flows installed, for each ttl and seemingly that > results in the dmesg message we are seeing. > > I was able to reproduce it with a basic configuration from ovn-fake-multinode > repository by trying to establish tcp session to "external" IP address of the > router. > > Is there a flow missing that should be dropping incoming TCP/UDP connections > that are not in established state before they are sent to unsnat table? >
Hi, Can you please share the steps to reproduce ? And also if you can share your OVN NB DB, I could try it out locally. Thanks Numan > -- > Krzysztof Klimonda > > kklimonda@syntaxhighlighted.com_______________________________________________ > discuss mailing list > disc...@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-discuss _______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
