[Mainline-Build 2683]: syn-reset on already evicted flow makes the flow active
| Affects | Status | Importance | Assigned to | Milestone | ||
|---|---|---|---|---|---|---|
| Juniper Openstack | Status tracked in Trunk | |||||
| Trunk |
Fix Committed
|
High
|
Naveen N | |||
Bug Description
if flow is already marked evicted then for reset, flow is not marked as evicted.
steps -
1. have 2 VM, vm1-vn1(sender, 1.1.1.3) and vm1-vn2(receiver, 2.2.2.3)
2. send SYN from sender to non-existing port on receiver
3. flow gets created and marked evicted
4. repeat step 2, same index is used for flow but flow is not marked evicted.
on sender VM:
ubuntu@vm1-vn1:~$ echo "hi" | nc.traditional 2.2.2.3 9000 -p 8000 -vv
2.2.2.3 [2.2.2.3] 9000 (?) : Connection refused
sent 0, rcvd 0
ubuntu@vm1-vn1:~$ echo "hi" | nc.traditional 2.2.2.3 9000 -p 8000 -vv
2.2.2.3 [2.2.2.3] 9000 (?) : Connection refused
sent 0, rcvd 0
on receiver VM:
ubuntu@vm1-vn2:~$ sudo tcpdump -i any host 1.1.1.3
sudo: unable to resolve host vm1-vn2
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
07:37:59.657723 IP 1.1.1.3.8000 > 2.2.2.3.9000: Flags [S], seq 281958328, win 14600, options [mss 1420,sackOK,TS val 18448579 ecr 0,nop,wscale 6], length 0
07:37:59.657752 IP 2.2.2.3.9000 > 1.1.1.3.8000: Flags [R.], seq 0, ack 281958329, win 0, length 0
07:38:20.775730 IP 1.1.1.3.8000 > 2.2.2.3.9000: Flags [S], seq 611932737, win 14600, options [mss 1420,sackOK,TS val 18453858 ecr 0,nop,wscale 6], length 0
07:38:20.775756 IP 2.2.2.3.9000 > 1.1.1.3.8000: Flags [R.], seq 0, ack 329974410, win 0, length 0
root@nodec12:~# flow -l --show-evicted | grep 8000 -A2 -B1
171476<=>265544 1.1.1.3:8000 6 (1)
(K(nh):18, Action:F, Flags:E, TCP:SRD, S(nh):18, Statistics:1/74 UdpSrcPort 63818)
--
265544<=>171476 2.2.2.3:9000 6 (2)
(K(nh):32, Action:F, Flags:E, TCP:SrRD, S(nh):32, Statistics:1/54 UdpSrcPort 52854)
root@nodec12:~# flow -l --show-evicted | grep 8000 -A2 -B1 --------->> this is after step 4
171476<=>265544 1.1.1.3:8000 6 (1)
(K(nh):18, Action:F, Flags:, TCP:S, S(nh):18, Statistics:1/74 UdpSrcPort 63818)
--
265544<=>171476 2.2.2.3:9000 6 (2)
(K(nh):32, Action:F, Flags:, TCP:RD, S(nh):32, Statistics:1/54 UdpSrcPort 52854)
| information type: | Proprietary → Public |
| alok kumar (kalok) wrote | #1 |
| Naveen N (naveenn) wrote | #2 |
I don't see this issue on build 2699.