On 3/28/25 10:08, Qin, Qiaofeng via discuss wrote: > Hi all, > > I created some ACLs in OVN, and want to trace each OVN-SB logical flow > to the corresponding OVN-NB ACL table row. To achieve it, I refer to the > "stage-hint" value of Logical_Flow.External_Ids and compare the UUID. > > However, when multiple datapaths have the same ACL rule, these rules will > be combined into a single logical flow with a logical_dp_group. The merged > logical flow has only one "stage-hint" UUID value. Therefore, some OVN-NB > ACL table rows can no longer be tracked in OVN-SB.
Hi. What is your use case for tracking NB ACLs in SB? If those ACLs are actually the same, you may reference the same ACL row from all switches and port groups. That will solve the mapping problem, as there will be just one ACL row in both NB and SB. Best regards, Ilya Maximets. > > Would it be possible to keep all stage-hint UUIDs when ovn-northd performs > the flow combination? Or are there any workarounds to prevent an ACL from > being merged? Currently, I am setting different names to each ACL to make > them distinct. However, that also forces ACL logging that creates extra > traffic overheads. > > > Best, > Qiaofeng _______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
