1. Experiment Setup

• This test is run using Boron SR1

1. Create a network N1
2. Create a security group S1 and add rules for icmp, ssh and dhcp
3. Create 2 instances on N1 and add them to S1
4. Create 2 VNFs, 2 SFs and 2 classifiers

After each step I delete everything and compare the ovs state after deletion to the default ovs state. For steps 1-3 everything looks fine
If I delete everything after step 4 though, I get a leftover flow in table 11 on one of my compute nodes

cookie=0x1110010000020255, duration=1172.279s, table=11, n_packets=0, n_bytes=0, tcp,reg0=0x1,tp_dst=80 actions=move:NXM_NX_TUN_ID[0..31]>NXM_NX_NSH_C2[],push_nsh,load:0x1>NXM_NX_NSH_MDTYPE[],load:0x3->NXM_NX_NSH_NP[],load:0xc0a80035->NXM_NX_NSH_C1[],load:0x2->NXM_NX_NSP[0..23],load:0xff->NXM_NX_NSI[],load:0xb000005->NXM_NX_TUN_IPV4_DST[],load:0x2->NXM_NX_TUN_ID[0..31],resubmit(,0)

Running ovs-vsctl show, yields that one vxgpe port was not removed:

Port vxgpe
Interface vxgpe
type: vxlan
options:

{dst_port="6633", exts=gpe, key=flow, "nshc1"=flow, "nshc2"=flow, "nshc3"=flow, "nshc4"=flow, nsi=flow, nsp=flow, remote_ip=flow}

Port "vxlan-192.168.2.53"
Interface "vxlan-192.168.2.53"
type: vxlan
options:

{key=flow, local_ip="192.168.2.51", remote_ip="192.168.2.53"}

Listing all SFFs shows that one SFF is not properly removed. Deleting the SFF manually does not remove the port

1. It seems that the OVS state is not properly cleaned when an SFF is removed. Could someone investigate this?
2. Shouldn’t the SFF be implicitly removed when the SF is deleted? Many users will utilize the tacker API, which does not expose the SFF entities.