From patchwork Fri Nov 19 16:07:18 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Vladislav Odintsov
X-Patchwork-Id: 1557237
Return-Path:
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: bilbo.ozlabs.org;
dkim=fail reason="signature verification failed" (2048-bit key;
unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256
header.s=20210112 header.b=hGMf0eKM;
dkim-atps=neutral
Authentication-Results: ozlabs.org;
spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org
(client-ip=2605:bc80:3010::136; helo=smtp3.osuosl.org;
envelope-from=ovs-dev-bounces@openvswitch.org; receiver=)
Received: from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
SHA256)
(No client certificate requested)
by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HwhQW0FTTz9sX3
for ; Sat, 20 Nov 2021 03:07:46 +1100 (AEDT)
Received: from localhost (localhost [127.0.0.1])
by smtp3.osuosl.org (Postfix) with ESMTP id 8088061C3F;
Fri, 19 Nov 2021 16:07:44 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from smtp3.osuosl.org ([127.0.0.1])
by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id Ok90li8NQICr; Fri, 19 Nov 2021 16:07:39 +0000 (UTC)
Received: from lists.linuxfoundation.org (lf-lists.osuosl.org
[IPv6:2605:bc80:3010:104::8cd3:938])
by smtp3.osuosl.org (Postfix) with ESMTPS id 8ADA961C27;
Fri, 19 Nov 2021 16:07:38 +0000 (UTC)
Received: from lf-lists.osuosl.org (localhost [127.0.0.1])
by lists.linuxfoundation.org (Postfix) with ESMTP id 7C992C0038;
Fri, 19 Nov 2021 16:07:37 +0000 (UTC)
X-Original-To: dev@openvswitch.org
Delivered-To: ovs-dev@lists.linuxfoundation.org
Received: from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136])
by lists.linuxfoundation.org (Postfix) with ESMTP id 629D2C003E
for ; Fri, 19 Nov 2021 16:07:34 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by smtp3.osuosl.org (Postfix) with ESMTP id 4D9F961C29
for ; Fri, 19 Nov 2021 16:07:34 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from smtp3.osuosl.org ([127.0.0.1])
by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 78ySrdkNF4Ch for ;
Fri, 19 Nov 2021 16:07:33 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.8.0
Received: from mail-ed1-x535.google.com (mail-ed1-x535.google.com
[IPv6:2a00:1450:4864:20::535])
by smtp3.osuosl.org (Postfix) with ESMTPS id DAA3161C21
for ; Fri, 19 Nov 2021 16:07:32 +0000 (UTC)
Received: by mail-ed1-x535.google.com with SMTP id o20so234313eds.10
for ; Fri, 19 Nov 2021 08:07:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;
h=from:to:cc:subject:date:message-id:in-reply-to:references
:mime-version:content-transfer-encoding;
bh=kM2IEEWX1GnM9HKnnZfOxoA0RjXAdXGPDUmCI+wnaFE=;
b=hGMf0eKMQEgLtMxS7slnsuwXriVIc857mPQ2y/eoEBG0t4en6WPd2OGU7R3RAhVdvD
0m+D3X759g7PGfUUwFx41sLx9vA/iCbMuyPlwWfNih+xg0NJey+awNi10yX7ezCLvq/5
BXti2Y+516SYttXnLt3T4BtMqC93fGD2TqDVvY2AuiVW217ydw03xu+bmAvPx0fJBy34
a3TRjMVTbGbs0NNugqU2vZhYl61Kz+iYL6cyDpLCht3DZnGoR1RQjz4QajPihxNtE3yp
Q4qAj5wUv7Kx5JBZX/mNxjL4SZ+wINBBspZogCWP4kWb53mu83b4nS0eAXtwW4iuh54m
dVCw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=kM2IEEWX1GnM9HKnnZfOxoA0RjXAdXGPDUmCI+wnaFE=;
b=m+S7RNfiHcEfHudaxEIX7yocDKHfY9RA/UHgAvD2zXvSBRs0FnLZZ2O0/T1WvS35P6
8TJBF1u9/ey9AoNhsE/UdJtEoDcpGALLqMuKysIuj2vHmpH0Hen8aVVYlte/Cmpwx+x1
G1ZW45Ni13Yus1BK4/U3mqfc7NGG7GrAS37s61LCNrvwZkGZ97P43yk5KNAhvpFVdZmZ
NewNFv5T2C1y6bLeYDGX7sxW2xGYlJNzG7ysBapLi5Ui8LJZcF2Fa8pSNE2uVdV0fDkb
yzXo1Z9l4XPncTRYcva0w0NRkoms+tgaRXhKJfCf+S9K1QSJdKPLPCt3he6dDy2TffjC
5xjw==
X-Gm-Message-State: AOAM532LSkHXkKsPQB16uWH6Z1NgelyT3ZDg0LKNZNcUkfrCfr0opEEC
K5ayeT/GdCEcfGyRwqngYZmn2Bj7vKH17w==
X-Google-Smtp-Source:
ABdhPJzR4E++tpcSGpnUpzNMRNypi9/DVkFps2IB/5NadK2OQ0FgNgJEp5OuGybh44TJ3S58dApOpQ==
X-Received: by 2002:a17:907:7d8b:: with SMTP id
oz11mr9356697ejc.507.1637338050587;
Fri, 19 Nov 2021 08:07:30 -0800 (PST)
Received: from localhost.localdomain (109-252-131-59.dynamic.spd-mgts.ru.
[109.252.131.59])
by smtp.gmail.com with ESMTPSA id z6sm121427edc.76.2021.11.19.08.07.29
(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
Fri, 19 Nov 2021 08:07:30 -0800 (PST)
From: Vladislav Odintsov
To: dev@openvswitch.org
Date: Fri, 19 Nov 2021 19:07:18 +0300
Message-Id: <20211119160721.60612-4-odivlad@gmail.com>
X-Mailer: git-send-email 2.30.0
In-Reply-To: <20211119160721.60612-1-odivlad@gmail.com>
References: <20211119160721.60612-1-odivlad@gmail.com>
MIME-Version: 1.0
Cc: Vladislav Odintsov
Subject: [ovs-dev] [PATCH ovn v9 3/6] northd: make connected routes have
higher priority than static
X-BeenThere: ovs-dev@openvswitch.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id:
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Errors-To: ovs-dev-bounces@openvswitch.org
Sender: "dev"
With this patch routes to connected networks have higher
priority than static routes with same ip_prefix.
This brings commonly-used behaviour for routes lookup order:
1: longest prefix match
2: metric
The metric has next lookup order:
1: connected routes
2: static routes
Earlier static and connected routes with same ip_prefix had
the same priority, so it was impossible to predict which one
is used for routing decision.
Each route's prefix length has its own 'slot' in lflow prios.
Now prefix length space is calculated using next information:
to calculate route's priority prefixlen multiplied by 3
+ route origin offset (0 - source-based route; 1 - static route;
2 - directly-connected route2).
Also, enlarge prio for generic records in lr_in_ip_routing stage
by 10000.
Signed-off-by: Vladislav Odintsov
---
northd/northd.c | 50 ++++++++++++++++++++++++++++-------------
northd/ovn-northd.8.xml | 26 +++++++++++----------
tests/ovn-northd.at | 8 +++----
3 files changed, 53 insertions(+), 31 deletions(-)
diff --git a/northd/northd.c b/northd/northd.c
index df83f701b..a65ef8b5e 100644
--- a/northd/northd.c
+++ b/northd/northd.c
@@ -305,6 +305,15 @@ enum ovn_stage {
*
*/
+/*
+ * Route offsets implement logic to prioritize traffic for routes with
+ * same ip_prefix values:
+ * - connected route overrides static one;
+ * - static route overrides connected route. */
+#define ROUTE_PRIO_OFFSET_MULTIPLIER 3
+#define ROUTE_PRIO_OFFSET_STATIC 1
+#define ROUTE_PRIO_OFFSET_CONNECTED 2
+
/* Returns an "enum ovn_stage" built from the arguments. */
static enum ovn_stage
ovn_stage_build(enum ovn_datapath_type dp_type, enum ovn_pipeline pipeline,
@@ -8826,6 +8835,7 @@ struct ecmp_groups_node {
struct in6_addr prefix;
unsigned int plen;
bool is_src_route;
+ const char *origin;
uint16_t route_count;
struct ovs_list route_list; /* Contains ecmp_route_list_node */
};
@@ -8863,6 +8873,7 @@ ecmp_groups_add(struct hmap *ecmp_groups,
eg->prefix = route->prefix;
eg->plen = route->plen;
eg->is_src_route = route->is_src_route;
+ eg->origin = smap_get_def(&route->route->options, "origin", "");
ovs_list_init(&eg->route_list);
ecmp_groups_add_route(eg, route);
@@ -8963,19 +8974,20 @@ build_route_prefix_s(const struct in6_addr *prefix, unsigned int plen)
static void
build_route_match(const struct ovn_port *op_inport, const char *network_s,
int plen, bool is_src_route, bool is_ipv4, struct ds *match,
- uint16_t *priority)
+ uint16_t *priority, int ofs)
{
const char *dir;
/* The priority here is calculated to implement longest-prefix-match
* routing. */
if (is_src_route) {
dir = "src";
- *priority = plen * 2;
+ ofs = 0;
} else {
dir = "dst";
- *priority = (plen * 2) + 1;
}
+ *priority = (plen * ROUTE_PRIO_OFFSET_MULTIPLIER) + ofs;
+
if (op_inport) {
ds_put_format(match, "inport == %s && ", op_inport->json_key);
}
@@ -9117,7 +9129,7 @@ add_ecmp_symmetric_reply_flows(struct hmap *lflows,
out_port->lrp_networks.ea_s,
IN6_IS_ADDR_V4MAPPED(&route->prefix) ? "" : "xx",
port_ip, out_port->json_key);
- ovn_lflow_add_with_hint(lflows, od, S_ROUTER_IN_IP_ROUTING, 300,
+ ovn_lflow_add_with_hint(lflows, od, S_ROUTER_IN_IP_ROUTING, 10300,
ds_cstr(&match), ds_cstr(&actions),
&st_route->header_);
@@ -9147,8 +9159,10 @@ build_ecmp_route_flow(struct hmap *lflows, struct ovn_datapath *od,
struct ds route_match = DS_EMPTY_INITIALIZER;
char *prefix_s = build_route_prefix_s(&eg->prefix, eg->plen);
+ int ofs = !strcmp(eg->origin, ROUTE_ORIGIN_CONNECTED) ?
+ ROUTE_PRIO_OFFSET_CONNECTED: ROUTE_PRIO_OFFSET_STATIC;
build_route_match(NULL, prefix_s, eg->plen, eg->is_src_route, is_ipv4,
- &route_match, &priority);
+ &route_match, &priority, ofs);
free(prefix_s);
struct ds actions = DS_EMPTY_INITIALIZER;
@@ -9224,7 +9238,7 @@ add_route(struct hmap *lflows, struct ovn_datapath *od,
const struct ovn_port *op, const char *lrp_addr_s,
const char *network_s, int plen, const char *gateway,
bool is_src_route, const struct ovsdb_idl_row *stage_hint,
- bool is_discard_route)
+ bool is_discard_route, int ofs)
{
bool is_ipv4 = strchr(network_s, '.') ? true : false;
struct ds match = DS_EMPTY_INITIALIZER;
@@ -9240,7 +9254,7 @@ add_route(struct hmap *lflows, struct ovn_datapath *od,
}
}
build_route_match(op_inport, network_s, plen, is_src_route, is_ipv4,
- &match, &priority);
+ &match, &priority, ofs);
struct ds common_actions = DS_EMPTY_INITIALIZER;
struct ds actions = DS_EMPTY_INITIALIZER;
@@ -9300,10 +9314,15 @@ build_static_route_flow(struct hmap *lflows, struct ovn_datapath *od,
}
}
+ int ofs = !strcmp(smap_get_def(&route->options, "origin", ""),
+ ROUTE_ORIGIN_CONNECTED) ? ROUTE_PRIO_OFFSET_CONNECTED
+ : ROUTE_PRIO_OFFSET_STATIC;
+
char *prefix_s = build_route_prefix_s(&route_->prefix, route_->plen);
add_route(lflows, route_->is_discard_route ? od : out_port->od, out_port,
lrp_addr_s, prefix_s, route_->plen, route->nexthop,
- route_->is_src_route, &route->header_, route_->is_discard_route);
+ route_->is_src_route, &route->header_, route_->is_discard_route,
+ ofs);
free(prefix_s);
}
@@ -10716,14 +10735,14 @@ build_ip_routing_flows_for_lrouter_port(
add_route(lflows, op->od, op, op->lrp_networks.ipv4_addrs[i].addr_s,
op->lrp_networks.ipv4_addrs[i].network_s,
op->lrp_networks.ipv4_addrs[i].plen, NULL, false,
- &op->nbrp->header_, false);
+ &op->nbrp->header_, false, ROUTE_PRIO_OFFSET_CONNECTED);
}
for (int i = 0; i < op->lrp_networks.n_ipv6_addrs; i++) {
add_route(lflows, op->od, op, op->lrp_networks.ipv6_addrs[i].addr_s,
op->lrp_networks.ipv6_addrs[i].network_s,
op->lrp_networks.ipv6_addrs[i].plen, NULL, false,
- &op->nbrp->header_, false);
+ &op->nbrp->header_, false, ROUTE_PRIO_OFFSET_CONNECTED);
}
} else if (lsp_is_router(op->nbsp)) {
struct ovn_port *peer = ovn_port_get_peer(ports, op);
@@ -10746,7 +10765,8 @@ build_ip_routing_flows_for_lrouter_port(
peer->lrp_networks.ipv4_addrs[0].addr_s,
laddrs->ipv4_addrs[k].network_s,
laddrs->ipv4_addrs[k].plen, NULL, false,
- &peer->nbrp->header_, false);
+ &peer->nbrp->header_, false,
+ ROUTE_PRIO_OFFSET_CONNECTED);
}
}
}
@@ -10817,7 +10837,7 @@ build_mcast_lookup_flows_for_lrouter(
/* Drop IPv6 multicast traffic that shouldn't be forwarded,
* i.e., router solicitation and router advertisement.
*/
- ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_ROUTING, 550,
+ ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_ROUTING, 10550,
"nd_rs || nd_ra", "drop;");
if (!od->mcast_info.rtr.relay) {
return;
@@ -10845,7 +10865,7 @@ build_mcast_lookup_flows_for_lrouter(
}
ds_put_format(actions, "outport = \"%s\"; ip.ttl--; next;",
igmp_group->mcgroup.name);
- ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_ROUTING, 500,
+ ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_ROUTING, 10500,
ds_cstr(match), ds_cstr(actions));
}
@@ -10853,7 +10873,7 @@ build_mcast_lookup_flows_for_lrouter(
* ports. Otherwise drop any multicast traffic.
*/
if (od->mcast_info.rtr.flood_static) {
- ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_ROUTING, 450,
+ ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_ROUTING, 10450,
"ip4.mcast || ip6.mcast",
"clone { "
"outport = \""MC_STATIC"\"; "
@@ -10861,7 +10881,7 @@ build_mcast_lookup_flows_for_lrouter(
"next; "
"};");
} else {
- ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_ROUTING, 450,
+ ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_ROUTING, 10450,
"ip4.mcast || ip6.mcast", "drop;");
}
}
diff --git a/northd/ovn-northd.8.xml b/northd/ovn-northd.8.xml
index a56a54955..a4ed7244b 100644
--- a/northd/ovn-northd.8.xml
+++ b/northd/ovn-northd.8.xml
@@ -3313,9 +3313,9 @@ output;
table. This table, instead, is responsible for determine the ECMP
group id and select a member id within the group based on 5-tuple
hashing. It stores group id in reg8[0..15]
and member id in
- reg8[16..31]
. This step is skipped with a priority-300 rule
- if the traffic going out the ECMP route is reply traffic, and the ECMP
- route was configured to use symmetric replies. Instead, the stored
+ reg8[16..31]
. This step is skipped with a priority-10300
+ rule if the traffic going out the ECMP route is reply traffic, and the
+ ECMP route was configured to use symmetric replies. Instead, the stored
ct_label
value is used to choose the destination. The least
significant 48 bits of the ct_label
tell the destination MAC
address to which the packet should be sent. The next 16 bits tell the
@@ -3331,14 +3331,14 @@ output;
-
- Priority-550 flow that drops IPv6 Router Solicitation/Advertisement
+ Priority-10550 flow that drops IPv6 Router Solicitation/Advertisement
packets that were not processed in previous tables.
-
- Priority-500 flows that match IP multicast traffic destined to
+ Priority-10500 flows that match IP multicast traffic destined to
groups registered on any of the attached switches and sets
outport
to the associated multicast group that will
eventually flood the traffic to all interested attached logical
@@ -3348,7 +3348,7 @@ output;
-
- Priority-450 flow that matches unregistered IP multicast traffic
+ Priority-10450 flow that matches unregistered IP multicast traffic
and sets outport
to the MC_STATIC
multicast group, which ovn-northd
populates with the
logical ports that have
@@ -3362,10 +3362,11 @@ output;
IPv4 routing table. For each route to IPv4 network N with
netmask M, on router port P with IP address
- A and Ethernet
- address E, a logical flow with match ip4.dst ==
- N/M
, whose priority is the number of
- 1-bits in M, has the following actions:
+ A and Ethernet address E, a logical flow with
+ match ip4.dst == N/M
, whose
+ priority is the number of 1-bits in M multiplied by 3 +
+ route offset: 0 for src-ip route policy, 1 for dst-ip static routes.
+ This flow has the following actions:
@@ -3398,8 +3399,9 @@ next;
P with IP address A and Ethernet address
E, a logical flow with match in CIDR notation
ip6.dst == N/M
,
- whose priority is the integer value of M, has the
- following actions:
+ whose priority is the integer value of M multiplied by 3 +
+ route offset: 0 for src-ip route policy, 1 for dst-ip static routes.
+ This flow has the following actions:
diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at
index 85b47a18f..3c1a97f73 100644
--- a/tests/ovn-northd.at
+++ b/tests/ovn-northd.at
@@ -5430,7 +5430,7 @@ check ovn-nbctl --wait=sb --ecmp-symmetric-reply lr-route-add lr0 1.0.0.1 192.16
ovn-sbctl dump-flows lr0 > lr0flows
AT_CHECK([grep -e "lr_in_ip_routing.*select" lr0flows | sed 's/table=../table=??/' | sort], [0], [dnl
- table=??(lr_in_ip_routing ), priority=65 , match=(ip4.dst == 1.0.0.1/32), action=(ip.ttl--; flags.loopback = 1; reg8[[0..15]] = 1; reg8[[16..31]] = select(1, 2);)
+ table=??(lr_in_ip_routing ), priority=97 , match=(ip4.dst == 1.0.0.1/32), action=(ip.ttl--; flags.loopback = 1; reg8[[0..15]] = 1; reg8[[16..31]] = select(1, 2);)
])
AT_CHECK([grep -e "lr_in_ip_routing_ecmp" lr0flows | sed 's/192\.168\.0\..0/192.168.0.??/' | sed 's/table=../table=??/' | sort], [0], [dnl
table=??(lr_in_ip_routing_ecmp), priority=100 , match=(reg8[[0..15]] == 1 && reg8[[16..31]] == 1), action=(reg0 = 192.168.0.??; reg1 = 192.168.0.1; eth.src = 00:00:20:20:12:13; outport = "lr0-public"; next;)
@@ -5443,7 +5443,7 @@ check ovn-nbctl --wait=sb --ecmp-symmetric-reply lr-route-add lr0 1.0.0.1 192.16
ovn-sbctl dump-flows lr0 > lr0flows
AT_CHECK([grep -e "lr_in_ip_routing.*select" lr0flows | sed 's/table=../table=??/' | sort], [0], [dnl
- table=??(lr_in_ip_routing ), priority=65 , match=(ip4.dst == 1.0.0.1/32), action=(ip.ttl--; flags.loopback = 1; reg8[[0..15]] = 1; reg8[[16..31]] = select(1, 2);)
+ table=??(lr_in_ip_routing ), priority=97 , match=(ip4.dst == 1.0.0.1/32), action=(ip.ttl--; flags.loopback = 1; reg8[[0..15]] = 1; reg8[[16..31]] = select(1, 2);)
])
AT_CHECK([grep -e "lr_in_ip_routing_ecmp" lr0flows | sed 's/192\.168\.0\..0/192.168.0.??/' | sed 's/table=../table=??/' | sort], [0], [dnl
table=??(lr_in_ip_routing_ecmp), priority=100 , match=(reg8[[0..15]] == 1 && reg8[[16..31]] == 1), action=(reg0 = 192.168.0.??; reg1 = 192.168.0.1; eth.src = 00:00:20:20:12:13; outport = "lr0-public"; next;)
@@ -5458,14 +5458,14 @@ check ovn-nbctl --wait=sb lr-route-add lr0 1.0.0.0/24 192.168.0.10
ovn-sbctl dump-flows lr0 > lr0flows
AT_CHECK([grep -e "lr_in_ip_routing.*192.168.0.10" lr0flows | sed 's/table=../table=??/' | sort], [0], [dnl
- table=??(lr_in_ip_routing ), priority=49 , match=(ip4.dst == 1.0.0.0/24), action=(ip.ttl--; reg8[[0..15]] = 0; reg0 = 192.168.0.10; reg1 = 192.168.0.1; eth.src = 00:00:20:20:12:13; outport = "lr0-public"; flags.loopback = 1; next;)
+ table=??(lr_in_ip_routing ), priority=73 , match=(ip4.dst == 1.0.0.0/24), action=(ip.ttl--; reg8[[0..15]] = 0; reg0 = 192.168.0.10; reg1 = 192.168.0.1; eth.src = 00:00:20:20:12:13; outport = "lr0-public"; flags.loopback = 1; next;)
])
check ovn-nbctl --wait=sb lr-route-add lr0 2.0.0.0/24 lr0-public
ovn-sbctl dump-flows lr0 > lr0flows
AT_CHECK([grep -e "lr_in_ip_routing.*2.0.0.0" lr0flows | sed 's/table=../table=??/' | sort], [0], [dnl
- table=??(lr_in_ip_routing ), priority=49 , match=(ip4.dst == 2.0.0.0/24), action=(ip.ttl--; reg8[[0..15]] = 0; reg0 = ip4.dst; reg1 = 192.168.0.1; eth.src = 00:00:20:20:12:13; outport = "lr0-public"; flags.loopback = 1; next;)
+ table=??(lr_in_ip_routing ), priority=73 , match=(ip4.dst == 2.0.0.0/24), action=(ip.ttl--; reg8[[0..15]] = 0; reg0 = ip4.dst; reg1 = 192.168.0.1; eth.src = 00:00:20:20:12:13; outport = "lr0-public"; flags.loopback = 1; next;)
])
AT_CLEANUP