On 5/21/26 10:49 AM, Alexandra Rukomoinikova via dev wrote: > Verify that ARP requests from internal/external network to a VIF port > succeed when vif is in logical switch that also has a localnet port. > > Signed-off-by: Alexandra Rukomoinikova <[email protected]> > ---
Hi Alexandra, Thanks for the patch! As mentioned on the reply for patch 3/6 I moved the system test here: diff --git a/tests/system-ovn.at b/tests/system-ovn.at index 9bcc0df4fb..649e85ec1d 100644 --- a/tests/system-ovn.at +++ b/tests/system-ovn.at @@ -21053,6 +21053,68 @@ OVS_TRAFFIC_VSWITCHD_STOP(["/.*error receiving.*/d AT_CLEANUP ]) +OVN_FOR_EACH_NORTHD([ +AT_SETUP([NAT with only dnat_and_snat NAT configured: IPv4]) +AT_KEYWORDS([ovnnat]) + +ovn_start +OVS_TRAFFIC_VSWITCHD_START() + +ADD_BR([br-int]) +ADD_BR([br-ext]) + +ovs-ofctl add-flow br-ext action=normal +# Set external-ids in br-int needed for ovn-controller +ovs-vsctl \ + -- set Open_vSwitch . external-ids:system-id=hv1 \ + -- set Open_vSwitch . external-ids:ovn-remote=unix:$ovs_base/ovn-sb/ovn-sb.sock \ + -- set Open_vSwitch . external-ids:ovn-encap-type=geneve \ + -- set Open_vSwitch . external-ids:ovn-encap-ip=169.0.0.1 \ + -- set Open_vSwitch . external-ids:ovn-bridge-mappings=phynet:br-ext + -- set bridge br-int fail-mode=secure other-config:disable-in-band=true + +# Start ovn-controller +start_daemon ovn-controller + +check ovn-nbctl lr-add lr1 +check ovn-nbctl ls-add sw0 +check ovn-nbctl ls-add public + +check ovn-nbctl lrp-add lr1 rp-sw0 00:00:01:01:02:03 192.168.1.1/24 +check ovn-nbctl lrp-add lr1 rp-public 00:00:02:01:02:03 172.16.1.1/24 + +check ovn-nbctl lsp-add-router-port sw0 sw0-rp rp-sw0 +check ovn-nbctl lsp-add-router-port public public-rp rp-public + +check ovn-nbctl lsp-add-localnet-port public localnet phynet + +ADD_NAMESPACES(sw01-x) +ADD_VETH(sw01-x, sw01-x, br-int, "192.168.1.2/24", "f0:00:00:01:02:03", \ + "192.168.1.1") +check ovn-nbctl lsp-add sw0 sw01-x \ + -- lsp-set-addresses sw01-x "f0:00:00:01:02:03 192.168.1.2" + +ADD_NAMESPACES(ext-foo) +ADD_VETH(ext-foo, ext-foo, br-ext, "172.16.1.100/24", "00:10:10:01:02:13", \ + "172.16.1.1") + +# Create distributed nat and set gw chassis to non-exisrting +# one - to check distributed NAT on non gw-chassis. +check ovn-nbctl lrp-set-gateway-chassis rp-public hv2 +check ovn-nbctl lr-nat-del lr1 +check ovn-nbctl lr-nat-add lr1 dnat_and_snat 172.16.0.1 192.168.1.2 sw01-x 00:00:04:00:00:01 + +NS_EXEC([ext-foo], [ip r add 172.16.0.1/32 dev ext-foo]) +NS_CHECK_CONNECTIVITY([ext-foo], [sw01-x], 172.16.0.1) + +OVN_CLEANUP_CONTROLLER([hv1]) +OVN_CLEANUP_NORTHD +as +OVS_TRAFFIC_VSWITCHD_STOP(["/failed to query port patch-.*/d +/connection dropped.*/d"]) +AT_CLEANUP +]) + OVN_FOR_EACH_NORTHD([ AT_SETUP([ACL CT translation - UDP fragmentation]) AT_KEYWORDS([acl_ct_translation_udp_fragmentation]) --- Then I applied the patch to main and 26.03. Looking forward to the follow up patches that reintroduce the external ARP processing fixes! Regards, Dumitru > tests/system-ovn.at | 75 +++++++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 75 insertions(+) > > diff --git a/tests/system-ovn.at b/tests/system-ovn.at > index be859ea7d..d7bc6e717 100644 > --- a/tests/system-ovn.at > +++ b/tests/system-ovn.at > @@ -21782,3 +21782,78 @@ OVS_TRAFFIC_VSWITCHD_STOP(["/failed to query port > patch-.*/d > > AT_CLEANUP > ]) > + > +OVN_FOR_EACH_NORTHD([ > +AT_SETUP([VIF port connected to localnet network]) > +# > +# Topology: > +# (fabric) -- localnet-port -- LS --- DGP(chassis2) -- LR > +# | > +# | > +# VM (chassis1) > +# > +# It is expected that ARP requests to this port are allowed on the chassis > that hosts this port. > + > +ovn_start > +OVS_TRAFFIC_VSWITCHD_START() > +ADD_BR([br-int]) > +ADD_BR([br-ext]) > + > +ovs-ofctl add-flow br-ext action=normal > +# Set external-ids in br-int needed for ovn-controller > +ovs-vsctl \ > + -- set Open_vSwitch . external-ids:system-id=hv1 \ > + -- set Open_vSwitch . > external-ids:ovn-remote=unix:$ovs_base/ovn-sb/ovn-sb.sock \ > + -- set Open_vSwitch . external-ids:ovn-encap-type=geneve \ > + -- set Open_vSwitch . external-ids:ovn-encap-ip=169.0.0.1 \ > + -- set Open_vSwitch . external-ids:ovn-bridge-mappings=phynet:br-ext > \ > + -- set bridge br-int fail-mode=secure > other-config:disable-in-band=true > + > +# Start ovn-controller > +start_daemon ovn-controller > + > +check ovn-nbctl lr-add lr1 > +check ovn-nbctl ls-add public > + > +check ovn-nbctl lrp-add lr1 rp-public 00:00:02:01:02:03 172.31.1.1/24 > +check ovn-nbctl lsp-add-router-port public public-rp rp-public > +check ovn-nbctl lsp-add-localnet-port public localnet phynet > +check ovn-nbctl lrp-set-gateway-chassis rp-public hv2 > + > +ADD_NAMESPACES(ext) > +ADD_VETH(ext, ext, br-ext, "172.31.1.2/24", "f0:00:00:01:02:02", \ > + "172.31.1.1") > +ADD_NAMESPACES(lsp1) > +ADD_VETH(lsp1, lsp1, br-int, "172.31.1.3/24", "f0:00:00:01:02:03", \ > + "172.31.1.1") > +ADD_NAMESPACES(lsp2) > +ADD_VETH(lsp2, lsp2, br-int, "172.31.1.4/24", "f0:00:00:01:02:04", \ > + "172.31.1.1") > + > +check ovn-nbctl lsp-add public lsp1 > +check ovn-nbctl lsp-set-addresses lsp1 "f0:00:00:01:02:03 172.31.1.3" > +check ovn-nbctl lsp-add public lsp2 > +check ovn-nbctl lsp-set-addresses lsp2 "f0:00:00:01:02:04 172.31.1.4" > + > +check ovn-nbctl --wait=hv sync > + > +NS_CHECK_EXEC([ext], [ping -q -c 3 -i 0.3 -w 2 172.31.1.3 | FORMAT_PING], \ > +[0], [dnl > +3 packets transmitted, 3 received, 0% packet loss, time 0ms > +]) > + > +NS_CHECK_EXEC([lsp1], [ping -q -c 3 -i 0.3 -w 2 172.31.1.4 | FORMAT_PING], \ > +[0], [dnl > +3 packets transmitted, 3 received, 0% packet loss, time 0ms > +]) > + > +OVN_CLEANUP_CONTROLLER([hv1]) > +OVN_CLEANUP_NORTHD > + > +as > +OVS_TRAFFIC_VSWITCHD_STOP(["/failed to query port patch-.*/d > +/connection dropped.*/d"]) > + > +AT_CLEANUP > +]) > + _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
