Uploaded image for project: 'Network Observability'
  1. Network Observability
  2. NETOBSERV-2343

Flows for UDP-encrypted packets report 0 bytes and 0 packets

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • netobserv-1.9
    • eBPF
    • None
    • Quality / Stability / Reliability
    • False
    • Hide

      None

      Show
      None
    • None
    • Moderate
    • None
    • None
    • None
    • None
    • None
    • None

      Description of problem:

      When IPsec is enabled and Network Observability enables the "IPSec" eBPF feature, all UDP-encrypted packets are reported as 0 bytes and 0 packets.

      Steps to Reproduce:

      1. Enable IPsec in OVN-Kubernets.
2. Enable the "IPSec" feature in eBPF Agent when creating the FlowCollector instance.
3. In OCP web console, go to Observe > Network Traffic, Traffic flows table
4. Set filter so "IPSec Status" != n/a.
5. Maximize the browser window or OCP web console, or remove some columns so you can see the "IPSec Status" column (last column).

      Actual results:

      All UDP-encrypted packets, indicated by the "L3 Layer Protocol" column, will show 0 bytes and 0 packets.

      Expected results:

      The number of bytes and packets should be greater than 0.

eBPF Agent sees the UDP-encapsulated packet, which contains the encyrpted IPsec payload.  Therefore, bytes and packets should not be 0.

        1. flows_ipsec_status.png
          flows_ipsec_status.png
          157 kB

              Unassigned Unassigned
              stlee@redhat.com Steven Lee
              None
              None
              None
              None
              None
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: