OVN-kube node crashes with the following errors:

F0809 19:25:35.697554 2129731 ovnkube.go:136] failed to start node network manager: failed to start default node network controller: failed to repair Egress Services entries: [running [/usr/sbin/iptables -t
nat -D OVN-KUBE-EGRESS-SVC -A OVN-KUBE-EGRESS-SVC -m mark --mark 0x3f0 -m comment --comment DoNotSNAT -j RETURN --wait]: exit status 2: iptables v1.8.8 (nf_tables): Cannot use -A with -D                    

Try `iptables -h' or 'iptables --help' for more information.
, running [/usr/sbin/iptables -t nat -D OVN-KUBE-EGRESS-SVC -A OVN-KUBE-EGRESS-SVC -m mark --mark 0x3f0 -m comment --comment "Do not SNAT to SVC VIP" -j RETURN --wait]: exit status 2: iptables v1.8.8 (nf_tables): Cannot use -A with -D

Try `iptables -h' or 'iptables --help' for more information.
]
I0809 19:25:35.697583 2129731 reflector.go:293] Stopping reflector *v1.Namespace (0s) from k8s.io/client-go/informers/factory.go:150 

With https://github.com/openshift/cluster-network-operator/pull/1874 tested.

4.14 (pre feature freeze)

Always

1. Install DPU 2 Cluster
2. Upgrade OVN-K and CNO (https://github.com/openshift/cluster-network-operator/pull/1874) to the latest downstream
3.

We see these rules on the host:
sudo iptables -t nat -S OVN-KUBE-EGRESS-SVC
-N OVN-KUBE-EGRESS-SVC
-A OVN-KUBE-EGRESS-SVC -m mark --mark 0x3f0 -m comment --comment DoNotSNAT -j RETURN
-A OVN-KUBE-EGRESS-SVC -m mark --mark 0x3f0 -m comment --comment "Do not SNAT to SVC VIP" -j RETURN

Thus OVN-kube node crashes.

We should see these rules on the host instead.
sudo iptables -t nat -S OVN-KUBE-EGRESS-SVC
-N OVN-KUBE-EGRESS-SVC
-A OVN-KUBE-EGRESS-SVC -m mark --mark 0x3f0 -m comment --comment DoNotSNAT -j RETURN

https://github.com/ovn-org/ovn-kubernetes/pull/3064/files#diff-bb96390aa4d292c5ff6e2bc554446182b8abd55e12ba2a0290853b92aa4e1155R589

Slack thread: https://redhat-internal.slack.com/archives/CDCP2LA9L/p1691610257057969