tcp reset packet dropped in a in-network-nat scenario
| Affects | Status | Importance | Assigned to | Milestone | ||
|---|---|---|---|---|---|---|
| Juniper Openstack | Status tracked in Trunk | |||||
| R3.0 |
Won't Fix
|
Medium
|
Hari Prasad Killi | |||
| R3.0.2.x |
Won't Fix
|
Medium
|
Hari Prasad Killi | |||
| R3.1 |
New
|
Medium
|
Hari Prasad Killi | |||
| R3.2 |
Fix Committed
|
Medium
|
Hari Prasad Killi | |||
| Trunk |
Fix Committed
|
Medium
|
Hari Prasad Killi | |||
Bug Description
R3.0.2.x Build 13 Ubuntu 14.04 Kilo
This is with agent fix where in in-network-nat, on the right side of SI, onward packet is bridged and return packet is routed.
When there is a TCP flow created by a SYN in onward direction and closed by RESET in the reverse direction, it is seen that the reverse packet is dropped by vrouter as (Flow Unusable)
Example : hping3 -S -p 80 <IP> where port 80 is not open on the IP yet.
Anand is aware of this issue
root@nodek3:~# dropstats |grep -v " 0"
Flow Unusable 201 <<<<<<<
Flow Action Drop 72
Cloned Original 450778
Invalid NH 52
Invalid Mcast Source 2
Duplicated 5
Misc 30
Invalid Source 14
No L2 Route 4
root@nodek3:~#
| Hari Prasad Killi (haripk) wrote | #1 |
| tags: | added: att-aic-contrail |
| Vedamurthy Joshi (vedujoshi) wrote | #2 |
Release Note: When a flow is bridged in one direction and routed in the other (SI in ECMP), a TCP flow created in onward direction and closed by RESET in the reverse direction sees the reset packet being dropped.