Created
June 2, 2020 06:57
-
-
Save fafucoder/bbf152342e9dd5c4d268ee4f7990cf1b to your computer and use it in GitHub Desktop.
Revisions
-
fafucoder created this gist
Jun 2, 2020 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,218 @@ dawn@node-3:~$ kubectl ko trace kube-system/kube-ovn-pinger-4tm8h 192.168.101.1 icmp + kubectl exec ovn-central-7c95745dc4-v8rb5 -n kube-system -- ovn-trace --ct=new ovn-default 'inport == "kube-ovn-pinger-4tm8h.kube-system" && ip.ttl == 64 && icmp && eth.src == 00:00:00:17:34:1A && ip4.src == 10.19.0.5 && eth.dst == 00:00:00:F9:34:7E && ip4.dst == 192.168.101.1' # icmp,reg14=0x5,vlan_tci=0x0000,dl_src=00:00:00:17:34:1a,dl_dst=00:00:00:f9:34:7e,nw_src=10.19.0.5,nw_dst=192.168.101.1,nw_tos=0,nw_ecn=0,nw_ttl=64,icmp_type=0,icmp_code=0 ingress(dp="ovn-default", inport="kube-ovn-pinger-4tm8h.kube-system") --------------------------------------------------------------------- 0. ls_in_port_sec_l2 (ovn-northd.c:4520): inport == "kube-ovn-pinger-4tm8h.kube-system" && eth.src == {00:00:00:17:34:1a}, priority 50, uuid d80aa01b next; 1. ls_in_port_sec_ip (ovn-northd.c:4188): inport == "kube-ovn-pinger-4tm8h.kube-system" && eth.src == 00:00:00:17:34:1a && ip4.src == {10.19.0.5}, priority 90, uuid 04b1a887 next; 3. ls_in_pre_acl (ovn-northd.c:4708): ip, priority 100, uuid 2689502e reg0[0] = 1; next; 5. ls_in_pre_stateful (ovn-northd.c:4895): reg0[0] == 1, priority 100, uuid 8c9ce45e ct_next; ct_next(ct_state=new|trk) ------------------------- 6. ls_in_acl (ovn-northd.c:5269): ip && (!ct.est || (ct.est && ct_label.blocked == 1)), priority 1, uuid 3351348d reg0[1] = 1; next; 10. ls_in_stateful (ovn-northd.c:5653): reg0[1] == 1, priority 100, uuid 1e5b2215 ct_commit(ct_label=0/0x1); next; 19. ls_in_l2_lkup (ovn-northd.c:6783): eth.dst == 00:00:00:f9:34:7e, priority 50, uuid 7e64747f outport = "ovn-default-ovn-cluster"; output; egress(dp="ovn-default", inport="kube-ovn-pinger-4tm8h.kube-system", outport="ovn-default-ovn-cluster") ------------------------------------------------------------------------------------------------------- 0. ls_out_pre_lb (ovn-northd.c:4880): ip, priority 100, uuid c01bc12f reg0[0] = 1; next; 1. ls_out_pre_acl (ovn-northd.c:4664): ip && outport == "ovn-default-ovn-cluster", priority 110, uuid 2e6713a3 next; 2. ls_out_pre_stateful (ovn-northd.c:4897): reg0[0] == 1, priority 100, uuid 4c690c38 ct_next; ct_next(ct_state=est|trk /* default (use --ct to customize) */) --------------------------------------------------------------- 3. ls_out_lb (ovn-northd.c:5508): ct.est && !ct.rel && !ct.new && !ct.inv, priority 65535, uuid 7d6a2579 reg0[2] = 1; next; 7. ls_out_stateful (ovn-northd.c:5667): reg0[2] == 1, priority 100, uuid 54cd48e0 ct_lb; ct_lb ----- 9. ls_out_port_sec_l2 (ovn-northd.c:4586): outport == "ovn-default-ovn-cluster", priority 50, uuid 473eb11a output; /* output to "ovn-default-ovn-cluster", type "patch" */ ingress(dp="ovn-cluster", inport="ovn-cluster-ovn-default") ----------------------------------------------------------- 0. lr_in_admission (ovn-northd.c:7883): eth.dst == 00:00:00:f9:34:7e && inport == "ovn-cluster-ovn-default", priority 50, uuid 38ddc48b next; 1. lr_in_lookup_neighbor (ovn-northd.c:7932): 1, priority 0, uuid f4b5fb1e reg9[3] = 1; next; 2. lr_in_learn_neighbor (ovn-northd.c:7938): reg9[3] == 1 || reg9[2] == 1, priority 100, uuid 53bbb733 next; 9. lr_in_ip_routing (ovn-northd.c:7511): ip4.dst == 192.168.101.0/24, priority 49, uuid 61c8254a ip.ttl--; reg8[0..15] = 0; reg0 = ip4.dst; reg1 = 192.168.101.3; eth.src = 1a:aa:aa:aa:aa:08; outport = "lrp-ovn-cluster-ovn-external"; flags.loopback = 1; next; 10. lr_in_ip_routing_ecmp (ovn-northd.c:9430): reg8[0..15] == 0, priority 150, uuid 6d9968be next; 12. lr_in_arp_resolve (ovn-northd.c:9887): outport == "lrp-ovn-cluster-ovn-external" && reg0 == 192.168.101.1, priority 100, uuid 3d8ec360 eth.dst = 1a:aa:aa:aa:aa:06; next; 16. lr_in_arp_request (ovn-northd.c:10114): 1, priority 0, uuid 6824f55f output; egress(dp="ovn-cluster", inport="ovn-cluster-ovn-default", outport="lrp-ovn-cluster-ovn-external") -------------------------------------------------------------------------------------------------- 3. lr_out_delivery (ovn-northd.c:10160): outport == "lrp-ovn-cluster-ovn-external", priority 100, uuid 128993d1 output; /* output to "lrp-ovn-cluster-ovn-external", type "patch" */ ingress(dp="ovn-external", inport="lsp-ovn-external-ovn-cluster") ----------------------------------------------------------------- 0. ls_in_port_sec_l2 (ovn-northd.c:4520): inport == "lsp-ovn-external-ovn-cluster", priority 50, uuid f4a0e5c6 next; 19. ls_in_l2_lkup (ovn-northd.c:6783): eth.dst == 1a:aa:aa:aa:aa:06, priority 50, uuid b54a3459 outport = "lsp-ovn-external-route1"; output; egress(dp="ovn-external", inport="lsp-ovn-external-ovn-cluster", outport="lsp-ovn-external-route1") --------------------------------------------------------------------------------------------------- 9. ls_out_port_sec_l2 (ovn-northd.c:4586): outport == "lsp-ovn-external-route1", priority 50, uuid 651f9af0 output; /* output to "lsp-ovn-external-route1", type "patch" */ ingress(dp="route1", inport="lrp-route1-ovn-external") ------------------------------------------------------ 0. lr_in_admission (ovn-northd.c:7883): eth.dst == 1a:aa:aa:aa:aa:06 && inport == "lrp-route1-ovn-external", priority 50, uuid 70787e75 next; 1. lr_in_lookup_neighbor (ovn-northd.c:7932): 1, priority 0, uuid 74810ca1 reg9[3] = 1; next; 2. lr_in_learn_neighbor (ovn-northd.c:7938): reg9[3] == 1 || reg9[2] == 1, priority 100, uuid 0be830a9 next; 3. lr_in_ip_input (ovn-northd.c:8520): ip4.dst == {192.168.101.1} || ip6.dst == {fe80::18aa:aaff:feaa:aa06}, priority 60, uuid 3b9be154 drop; dawn@node-3:~$ kubectl ko trace kube-system/kube-ovn-pinger-4tm8h 192.168.101.2 icmp + kubectl exec ovn-central-7c95745dc4-v8rb5 -n kube-system -- ovn-trace --ct=new ovn-default 'inport == "kube-ovn-pinger-4tm8h.kube-system" && ip.ttl == 64 && icmp && eth.src == 00:00:00:17:34:1A && ip4.src == 10.19.0.5 && eth.dst == 00:00:00:F9:34:7E && ip4.dst == 192.168.101.2' # icmp,reg14=0x5,vlan_tci=0x0000,dl_src=00:00:00:17:34:1a,dl_dst=00:00:00:f9:34:7e,nw_src=10.19.0.5,nw_dst=192.168.101.2,nw_tos=0,nw_ecn=0,nw_ttl=64,icmp_type=0,icmp_code=0 ingress(dp="ovn-default", inport="kube-ovn-pinger-4tm8h.kube-system") --------------------------------------------------------------------- 0. ls_in_port_sec_l2 (ovn-northd.c:4520): inport == "kube-ovn-pinger-4tm8h.kube-system" && eth.src == {00:00:00:17:34:1a}, priority 50, uuid d80aa01b next; 1. ls_in_port_sec_ip (ovn-northd.c:4188): inport == "kube-ovn-pinger-4tm8h.kube-system" && eth.src == 00:00:00:17:34:1a && ip4.src == {10.19.0.5}, priority 90, uuid 04b1a887 next; 3. ls_in_pre_acl (ovn-northd.c:4708): ip, priority 100, uuid 2689502e reg0[0] = 1; next; 5. ls_in_pre_stateful (ovn-northd.c:4895): reg0[0] == 1, priority 100, uuid 8c9ce45e ct_next; ct_next(ct_state=new|trk) ------------------------- 6. ls_in_acl (ovn-northd.c:5269): ip && (!ct.est || (ct.est && ct_label.blocked == 1)), priority 1, uuid 3351348d reg0[1] = 1; next; 10. ls_in_stateful (ovn-northd.c:5653): reg0[1] == 1, priority 100, uuid 1e5b2215 ct_commit(ct_label=0/0x1); next; 19. ls_in_l2_lkup (ovn-northd.c:6783): eth.dst == 00:00:00:f9:34:7e, priority 50, uuid 7e64747f outport = "ovn-default-ovn-cluster"; output; egress(dp="ovn-default", inport="kube-ovn-pinger-4tm8h.kube-system", outport="ovn-default-ovn-cluster") ------------------------------------------------------------------------------------------------------- 0. ls_out_pre_lb (ovn-northd.c:4880): ip, priority 100, uuid c01bc12f reg0[0] = 1; next; 1. ls_out_pre_acl (ovn-northd.c:4664): ip && outport == "ovn-default-ovn-cluster", priority 110, uuid 2e6713a3 next; 2. ls_out_pre_stateful (ovn-northd.c:4897): reg0[0] == 1, priority 100, uuid 4c690c38 ct_next; ct_next(ct_state=est|trk /* default (use --ct to customize) */) --------------------------------------------------------------- 3. ls_out_lb (ovn-northd.c:5508): ct.est && !ct.rel && !ct.new && !ct.inv, priority 65535, uuid 7d6a2579 reg0[2] = 1; next; 7. ls_out_stateful (ovn-northd.c:5667): reg0[2] == 1, priority 100, uuid 54cd48e0 ct_lb; ct_lb ----- 9. ls_out_port_sec_l2 (ovn-northd.c:4586): outport == "ovn-default-ovn-cluster", priority 50, uuid 473eb11a output; /* output to "ovn-default-ovn-cluster", type "patch" */ ingress(dp="ovn-cluster", inport="ovn-cluster-ovn-default") ----------------------------------------------------------- 0. lr_in_admission (ovn-northd.c:7883): eth.dst == 00:00:00:f9:34:7e && inport == "ovn-cluster-ovn-default", priority 50, uuid 38ddc48b next; 1. lr_in_lookup_neighbor (ovn-northd.c:7932): 1, priority 0, uuid f4b5fb1e reg9[3] = 1; next; 2. lr_in_learn_neighbor (ovn-northd.c:7938): reg9[3] == 1 || reg9[2] == 1, priority 100, uuid 53bbb733 next; 9. lr_in_ip_routing (ovn-northd.c:7511): ip4.dst == 192.168.101.0/24, priority 49, uuid 61c8254a ip.ttl--; reg8[0..15] = 0; reg0 = ip4.dst; reg1 = 192.168.101.3; eth.src = 1a:aa:aa:aa:aa:08; outport = "lrp-ovn-cluster-ovn-external"; flags.loopback = 1; next; 10. lr_in_ip_routing_ecmp (ovn-northd.c:9430): reg8[0..15] == 0, priority 150, uuid 6d9968be next; 12. lr_in_arp_resolve (ovn-northd.c:9887): outport == "lrp-ovn-cluster-ovn-external" && reg0 == 192.168.101.2, priority 100, uuid 3b355b6d eth.dst = 1a:aa:aa:aa:aa:07; next; 16. lr_in_arp_request (ovn-northd.c:10114): 1, priority 0, uuid 6824f55f output; egress(dp="ovn-cluster", inport="ovn-cluster-ovn-default", outport="lrp-ovn-cluster-ovn-external") -------------------------------------------------------------------------------------------------- 3. lr_out_delivery (ovn-northd.c:10160): outport == "lrp-ovn-cluster-ovn-external", priority 100, uuid 128993d1 output; /* output to "lrp-ovn-cluster-ovn-external", type "patch" */ ingress(dp="ovn-external", inport="lsp-ovn-external-ovn-cluster") ----------------------------------------------------------------- 0. ls_in_port_sec_l2 (ovn-northd.c:4520): inport == "lsp-ovn-external-ovn-cluster", priority 50, uuid f4a0e5c6 next; 19. ls_in_l2_lkup (ovn-northd.c:6783): eth.dst == 1a:aa:aa:aa:aa:07, priority 50, uuid 30381971 outport = "lsp-ovn-external-route2"; output; egress(dp="ovn-external", inport="lsp-ovn-external-ovn-cluster", outport="lsp-ovn-external-route2") --------------------------------------------------------------------------------------------------- 9. ls_out_port_sec_l2 (ovn-northd.c:4586): outport == "lsp-ovn-external-route2", priority 50, uuid 37fc86e0 output; /* output to "lsp-ovn-external-route2", type "patch" */ ingress(dp="route2", inport="lrp-route2-ovn-external") ------------------------------------------------------ 0. lr_in_admission (ovn-northd.c:7883): eth.dst == 1a:aa:aa:aa:aa:07 && inport == "lrp-route2-ovn-external", priority 50, uuid 73ee97b3 next; 1. lr_in_lookup_neighbor (ovn-northd.c:7932): 1, priority 0, uuid be49229d reg9[3] = 1; next; 2. lr_in_learn_neighbor (ovn-northd.c:7938): reg9[3] == 1 || reg9[2] == 1, priority 100, uuid 1077f963 next; 3. lr_in_ip_input (ovn-northd.c:8520): ip4.dst == {192.168.101.2} || ip6.dst == {fe80::18aa:aaff:feaa:aa07}, priority 60, uuid e1460f22 drop;