Hi Ales, Xavier, Lorenzo, On 6/18/26 5:21 PM, Dumitru Ceara wrote: > On 6/16/26 11:54 AM, Ales Musil via dev wrote: >> This series adds ARP/ND suppression for EVPN-enabled logical >> switches. When a broadcast ARP request or multicast ND >> solicitation targets an IP address that was learned via EVPN, >> OVN now generates proxy-reply flows instead of flooding the >> request to remote VTEPs. >> >> Problem >> ------- >> In EVPN deployments, every broadcast ARP request and multicast >> ND solicitation is flooded across VXLAN tunnels to all remote >> VTEPs. This wastes bandwidth on the overlay fabric and adds >> latency to address resolution. The remote VTEPs already >> advertised their MAC/IP bindings via EVPN type-2 routes, so the >> local switch has enough information to answer on their behalf. >> >> Approach >> -------- >> The solution introduces a dedicated OpenFlow side table >> (table 113) populated with EVPN-learned MAC/IP bindings. A new >> chk_evpn_arp() action performs a lookup in this table. If the >> target IP is found, the resolved MAC is loaded into eth.dst and >> a regbit flag is set. The northd pipeline then uses the flag to >> generate a proxy ARP reply or ND NA reply directly on the >> ingress switch, short-circuiting the flood. >> > > Hi Ales, > > Aside from some minor comments from my side and also some relatively > small things in patch 2/5 that Xavier found the rest looks good to me. > > I'm planning to squash in the suggested changes myself and apply the > series to main soon. >
Thanks for the series and the reviews! I squashed this small incremental in patch 2/5 to address Xavier's review comments: diff --git a/tests/system-ovn.at b/tests/system-ovn.at index 35df0ec2fe..60b2e3b2e0 100644 --- a/tests/system-ovn.at +++ b/tests/system-ovn.at @@ -6401,11 +6401,11 @@ AT_CLEANUP ]) # When a lport is released on a chassis, ovn-controller was -# not clearing some of the flowss in the table 33 leading +# not clearing some of the flows in the physical tables leading # to packet drops if ct() is hit. # Make sure that those flows are cleared properly. OVN_FOR_EACH_NORTHD([ -AT_SETUP([Test packet drops due to incorrect flows in physical table 33]) +AT_SETUP([Test packet drops due to incorrect flows in physical tables]) AT_KEYWORDS([lb]) ovn_start @@ -6643,7 +6643,7 @@ sed -e 's/mark=[[0-9]]*/mark=<cleared>/' | sort], [0], [dnl icmp,orig=(src=172.16.0.1,dst=10.0.0.2,id=<cleared>,type=8,code=0),reply=(src=10.0.0.2,dst=172.16.0.1,id=<cleared>,type=0,code=0),zone=<cleared>,mark=<cleared>,labels=0x1001020400000000 tcp,orig=(src=172.16.0.1,dst=10.0.0.2,sport=<cleared>,dport=<cleared>),reply=(src=10.0.0.2,dst=172.16.0.1,sport=<cleared>,dport=<cleared>),zone=<cleared>,mark=<cleared>,labels=0x1001020400000000,protoinfo=(state=<cleared>) ]) -# Check entries in table 76 and 77 expires w/o traffic +# Check entries in table OFTABLE_ECMP_NH_MAC and OFTABLE_ECMP_NH expires w/o traffic OVS_WAIT_UNTIL([ test $(ovs-ofctl dump-flows br-int | grep -c 'table=OFTABLE_ECMP_NH_MAC, n_packets') -eq 0 ]) @@ -6873,7 +6873,7 @@ icmpv6,orig=(src=fd07::1,dst=fd01::2,id=<cleared>,type=128,code=0),reply=(src=fd tcp,orig=(src=fd07::1,dst=fd01::2,sport=<cleared>,dport=<cleared>),reply=(src=fd01::2,dst=fd07::1,sport=<cleared>,dport=<cleared>),zone=<cleared>,mark=<cleared>,labels=0x1001020400000000,protoinfo=(state=<cleared>) ]) -# Check entries in table 76 and 77 expires w/o traffic +# Check entries in table OFTABLE_ECMP_NH_MAC and OFTABLE_ECMP_NH expires w/o traffic OVS_WAIT_UNTIL([ test $(ovs-ofctl dump-flows br-int | grep -c 'table=OFTABLE_ECMP_NH_MAC, n_packets') -eq 0 ]) --- Then I took care of the other small issues noted during reviews, added the acks and pushed the series to main. I also backported patch 1/5 to 26.03. Regards, Dumitru _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
