On 6/16/26 11:54 AM, Ales Musil via dev wrote: > This series adds ARP/ND suppression for EVPN-enabled logical > switches. When a broadcast ARP request or multicast ND > solicitation targets an IP address that was learned via EVPN, > OVN now generates proxy-reply flows instead of flooding the > request to remote VTEPs. > > Problem > ------- > In EVPN deployments, every broadcast ARP request and multicast > ND solicitation is flooded across VXLAN tunnels to all remote > VTEPs. This wastes bandwidth on the overlay fabric and adds > latency to address resolution. The remote VTEPs already > advertised their MAC/IP bindings via EVPN type-2 routes, so the > local switch has enough information to answer on their behalf. > > Approach > -------- > The solution introduces a dedicated OpenFlow side table > (table 113) populated with EVPN-learned MAC/IP bindings. A new > chk_evpn_arp() action performs a lookup in this table. If the > target IP is found, the resolved MAC is loaded into eth.dst and > a regbit flag is set. The northd pipeline then uses the flag to > generate a proxy ARP reply or ND NA reply directly on the > ingress switch, short-circuiting the flood. >
Hi Ales, Aside from some minor comments from my side and also some relatively small things in patch 2/5 that Xavier found the rest looks good to me. I'm planning to squash in the suggested changes myself and apply the series to main soon. Regards, Dumitru > Patch breakdown > --------------- > 1/5 tests: Replace hardcoded table numbers with OFTABLE macros > in ovn.at. > > Preparatory cleanup. A few test cases used raw OpenFlow > table numbers; replace them with OFTABLE_* m4 macros so > that the tests adapt automatically when table assignments > change. > > 2/5 controller: Add room between OpenFlow table stages. > > Shift the output-implementation, egress, and post-egress > table regions to leave comfortable gaps between them. This > prevents table-number collisions when new stages are added > (as this series does) and removes the need for cascading > renumbering. > > 3/5 actions: Add chk_evpn_arp action and EVPN side table. > > Infrastructure patch. Defines OFTABLE_EVPN_ARP_LOOKUP > (table 113), the OVNACT for chk_evpn_arp(), and the > parse/format/encode/free functions. Also adds an > ovn-trace stub. No flows use the action yet. > > 4/5 controller: Populate EVPN ARP side table for logical > switches. > > Extends physical_consider_evpn_arp() to install flows in > the EVPN side table for the switch datapath. Each flow > matches on metadata + IP address and loads the resolved > MAC into eth.dst on a hit. > > 5/5 northd: Add EVPN ARP/ND suppression for logical switches. > > Adds a pre-lookup stage (ls_in_arp_nd_pre_lookup) and > EVPN suppression response flows in ls_in_arp_rsp. The > pre-lookup calls chk_evpn_arp(); the response flows > generate proxy ARP/ND replies when the lookup succeeds. > > Testing > ------- > - Unit tests in ovn-northd.at verify the generated logical > flows for the new pipeline stage. > - Integration tests in ovn.at verify the chk_evpn_arp action > encoding. > - A system test in system-ovn.at exercises the full ARP > suppression path end-to-end with an EVPN-enabled switch > topology. > > Ales Musil (5): > tests: Replace hardcoded table numbers with OFTABLE macros in ovn.at. > controller: Add room between OpenFlow table stages. > actions: Add chk_evpn_arp action and EVPN side table. > controller: Populate EVPN ARP side table for logical switches. > northd: Add EVPN ARP/ND suppression for logical switches. > > Documentation/ref/ovn-logical-flows.7.rst | 72 ++++++++--- > NEWS | 6 + > controller/lflow.c | 1 + > controller/lflow.h | 76 ++++++----- > controller/physical.c | 151 ++++++++++++++-------- > include/ovn/actions.h | 10 ++ > include/ovn/logical-fields.h | 4 + > lib/actions.c | 78 +++++++++++ > lib/ovn-util.c | 4 +- > lib/ovn-util.h | 2 +- > northd/northd.c | 83 ++++++++++++ > northd/northd.h | 18 +-- > ovn-architecture.7.xml | 124 +++++++++--------- > ovn-sb.ovsschema | 6 +- > ovn-sb.xml | 41 ++++++ > tests/ovn-macros.at | 64 ++++----- > tests/ovn-northd.at | 39 ++++++ > tests/ovn.at | 62 ++++++--- > tests/system-ovn.at | 137 ++++++++++++++++++++ > tests/test-ovn.c | 1 + > utilities/ovn-trace.c | 37 ++++++ > 21 files changed, 784 insertions(+), 232 deletions(-) > _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
