[...]
> > </p>
> > </li>
> >
> > + <li>
> > + <p>
> > + For each BFD port the two following priorirty-110 flows are
> > added
>
> s/priorirty/priority/
ack, I will fix in in v6.
Regards,
Lorenzo
>
> > + to manage BFD traffic:
> > +
> > + <ul>
> > + <li>
> > + if <code>ip4.src</code> or <code>ip6.src</code> is any IP
> > + address owned by the router port and <code>udp.dst == 3784
> > + </code>, the packet is advanced to the next pipeline stage.
> > + </li>
> > +
> > + <li>
> > + if <code>ip4.dst</code> or <code>ip6.dst</code> is any IP
> > + address owned by the router port and <code>udp.dst == 3784
> > + </code>, the <code>handle_bfd_msg</code> action is executed.
> > + </li>
> > + </ul>
> > + </p>
> > + </li>
> > +
> > <li>
> > <p>
> > L3 admission control: A priority-100 flow drops packets that
> > match
> > diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c
> > index 8b1ff37af..5fd53477a 100644
> > --- a/northd/ovn-northd.c
> > +++ b/northd/ovn-northd.c
> > @@ -1473,6 +1473,8 @@ struct ovn_port {
> >
> > bool has_unknown; /* If the addresses have 'unknown' defined. */
> >
> > + bool has_bfd;
> > +
> > /* The port's peer:
> > *
> > * - A switch port S of type "router" has a router port R as a
> > peer,
> > @@ -7574,7 +7576,8 @@ build_bfd_update_sb_conf(const struct nbrec_bfd
> > *nb_bt,
> > }
> >
> > static void
> > -build_bfd_table(struct northd_context *ctx, struct hmap *bfd_connections)
> > +build_bfd_table(struct northd_context *ctx, struct hmap *bfd_connections,
> > + struct hmap *ports)
> > {
> > struct hmap sb_only = HMAP_INITIALIZER(&sb_only);
> > struct bfd_entry *bfd_e, *next_bfd_e;
> > @@ -7632,10 +7635,20 @@ build_bfd_table(struct northd_context *ctx, struct
> > hmap *bfd_connections)
> >
> > bfd_e->found = true;
> > }
> > +
> > + struct ovn_port *op = ovn_port_find(ports, nb_bt->logical_port);
> > + if (op) {
> > + op->has_bfd = true;
> > + }
> > }
> >
> > HMAP_FOR_EACH_SAFE (bfd_e, next_bfd_e, hmap_node, &sb_only) {
> > if (!bfd_e->found && bfd_e->sb_bt) {
> > + struct ovn_port *op = ovn_port_find(ports,
> > +
> > bfd_e->sb_bt->logical_port);
> > + if (op) {
> > + op->has_bfd = false;
> > + }
> > sbrec_bfd_delete(bfd_e->sb_bt);
> > }
> > hmap_remove(&sb_only, &bfd_e->hmap_node);
> > @@ -8395,16 +8408,15 @@ add_route(struct hmap *lflows, const struct
> > ovn_port *op,
> > build_route_match(op_inport, network_s, plen, is_src_route, is_ipv4,
> > &match, &priority);
> >
> > - struct ds actions = DS_EMPTY_INITIALIZER;
> > - ds_put_format(&actions, "ip.ttl--; "REG_ECMP_GROUP_ID" = 0; %s = ",
> > + struct ds common_actions = DS_EMPTY_INITIALIZER;
> > + ds_put_format(&common_actions, REG_ECMP_GROUP_ID" = 0; %s = ",
> > is_ipv4 ? REG_NEXT_HOP_IPV4 : REG_NEXT_HOP_IPV6);
> > -
> > if (gateway) {
> > - ds_put_cstr(&actions, gateway);
> > + ds_put_cstr(&common_actions, gateway);
> > } else {
> > - ds_put_format(&actions, "ip%s.dst", is_ipv4 ? "4" : "6");
> > + ds_put_format(&common_actions, "ip%s.dst", is_ipv4 ? "4" : "6");
> > }
> > - ds_put_format(&actions, "; "
> > + ds_put_format(&common_actions, "; "
> > "%s = %s; "
> > "eth.src = %s; "
> > "outport = %s; "
> > @@ -8414,11 +8426,20 @@ add_route(struct hmap *lflows, const struct
> > ovn_port *op,
> > lrp_addr_s,
> > op->lrp_networks.ea_s,
> > op->json_key);
> > + struct ds actions = DS_EMPTY_INITIALIZER;
> > + ds_put_format(&actions, "ip.ttl--; %s", ds_cstr(&common_actions));
> >
> > ovn_lflow_add_with_hint(lflows, op->od, S_ROUTER_IN_IP_ROUTING,
> > priority,
> > ds_cstr(&match), ds_cstr(&actions),
> > stage_hint);
> > + if (op->has_bfd) {
> > + ds_put_format(&match, " && udp.dst == 3784");
> > + ovn_lflow_add_with_hint(lflows, op->od, S_ROUTER_IN_IP_ROUTING,
> > + priority + 1, ds_cstr(&match),
> > + ds_cstr(&common_actions), stage_hint);
> > + }
> > ds_destroy(&match);
> > + ds_destroy(&common_actions);
> > ds_destroy(&actions);
> > }
> >
> > @@ -9080,6 +9101,52 @@ build_lrouter_force_snat_flows(struct hmap *lflows,
> > struct ovn_datapath *od,
> > ds_destroy(&actions);
> > }
> >
> > +static void
> > +build_lrouter_bfd_flows(struct hmap *lflows, struct ovn_port *op)
> > +{
> > + if (!op->has_bfd) {
> > + return;
> > + }
> > +
> > + struct ds ip_list = DS_EMPTY_INITIALIZER;
> > + struct ds match = DS_EMPTY_INITIALIZER;
> > +
> > + if (op->lrp_networks.n_ipv4_addrs) {
> > + op_put_v4_networks(&ip_list, op, false);
> > + ds_put_format(&match, "ip4.src == %s && udp.dst == 3784",
> > + ds_cstr(&ip_list));
> > + ovn_lflow_add_with_hint(lflows, op->od, S_ROUTER_IN_IP_INPUT, 110,
> > + ds_cstr(&match), "next; ",
> > + &op->nbrp->header_);
> > + ds_clear(&match);
> > + ds_put_format(&match, "ip4.dst == %s && udp.dst == 3784",
> > + ds_cstr(&ip_list));
> > + ovn_lflow_add_with_hint(lflows, op->od, S_ROUTER_IN_IP_INPUT, 110,
> > + ds_cstr(&match), "handle_bfd_msg(); ",
> > + &op->nbrp->header_);
> > + }
> > + if (op->lrp_networks.n_ipv6_addrs) {
> > + ds_clear(&ip_list);
> > + ds_clear(&match);
> > +
> > + op_put_v6_networks(&ip_list, op);
> > + ds_put_format(&match, "ip6.src == %s && udp.dst == 3784",
> > + ds_cstr(&ip_list));
> > + ovn_lflow_add_with_hint(lflows, op->od, S_ROUTER_IN_IP_INPUT, 110,
> > + ds_cstr(&match), "next; ",
> > + &op->nbrp->header_);
> > + ds_clear(&match);
> > + ds_put_format(&match, "ip6.dst == %s && udp.dst == 3784",
> > + ds_cstr(&ip_list));
> > + ovn_lflow_add_with_hint(lflows, op->od, S_ROUTER_IN_IP_INPUT, 110,
> > + ds_cstr(&match), "handle_bfd_msg(); ",
> > + &op->nbrp->header_);
> > + }
> > +
> > + ds_destroy(&ip_list);
> > + ds_destroy(&match);
> > +}
> > +
> > static void
> > build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
> > struct hmap *lflows, struct shash *meter_groups,
> > @@ -9184,6 +9251,9 @@ build_lrouter_flows(struct hmap *datapaths, struct
> > hmap *ports,
> > &op->nbrp->header_);
> > }
> >
> > + /* BFD msg handling */
> > + build_lrouter_bfd_flows(lflows, op);
> > +
> > /* ICMP time exceeded */
> > for (int i = 0; i < op->lrp_networks.n_ipv4_addrs; i++) {
> > ds_clear(&match);
> > @@ -12677,7 +12747,7 @@ ovnnb_db_run(struct northd_context *ctx,
> > build_ip_mcast(ctx, datapaths);
> > build_mcast_groups(ctx, datapaths, ports, &mcast_groups,
> > &igmp_groups);
> > build_meter_groups(ctx, &meter_groups);
> > - build_bfd_table(ctx, &bfd_connections);
> > + build_bfd_table(ctx, &bfd_connections, ports);
> > build_lflows(ctx, datapaths, ports, &port_groups, &mcast_groups,
> > &igmp_groups, &meter_groups, &lbs);
> > ovn_update_ipv6_prefix(ports);
> > diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at
> > index ce6c44db4..8f94838d4 100644
> > --- a/tests/ovn-northd.at
> > +++ b/tests/ovn-northd.at
> > @@ -2322,3 +2322,46 @@ sed 's/reg8\[[0..15\]] == [[0-9]]*/reg8\[[0..15\]]
> > == <cleared>/' | sort], [0],
> > ])
> >
> > AT_CLEANUP
> > +
> > +AT_SETUP([ovn -- check BFD config propagation to SBDB])
> > +AT_KEYWORDS([northd-bfd])
> > +ovn_start
> > +
> > +check ovn-nbctl --wait=sb lr-add r0
> > +for i in $(seq 1 2); do
> > + check ovn-nbctl --wait=sb lrp-add r0 r0-sw$i 00:00:00:00:00:0$i
> > 192.168.$i.1/24
> > + check ovn-nbctl --wait=sb ls-add sw$i
> > + check ovn-nbctl --wait=sb lsp-add sw$i sw$i-r0
> > + check ovn-nbctl --wait=sb lsp-set-type sw$i-r0 router
> > + check ovn-nbctl --wait=sb lsp-set-options sw$i-r0 router-port=r0-sw$i
> > + check ovn-nbctl --wait=sb lsp-set-addresses sw$i-r0 00:00:00:00:00:0$i
> > +done
> > +
> > +ovn-nbctl create bfd logical_port=r0-sw1 dst_ip=192.168.10.2 status=down
> > min_tx=250 min_rx=250 detect_mult=10
> > +ovn-nbctl create bfd logical_port=r0-sw2 dst_ip=192.168.20.2 status=down
> > min_tx=500 min_rx=500 detect_mult=20
> > +
> > +check_column 10 bfd detect_mult logical_port=r0-sw1
> > +check_column "192.168.10.2" bfd dst_ip logical_port=r0-sw1
> > +check_column 250 bfd min_rx logical_port=r0-sw1
> > +check_column 250 bfd min_tx logical_port=r0-sw1
> > +check_column admin_down bfd status logical_port=r0-sw1
> > +
> > +check_column 20 bfd detect_mult logical_port=r0-sw2
> > +check_column "192.168.20.2" bfd dst_ip logical_port=r0-sw2
> > +check_column 500 bfd min_rx logical_port=r0-sw2
> > +check_column 500 bfd min_tx logical_port=r0-sw2
> > +check_column admin_down bfd status logical_port=r0-sw2
> > +
> > +uuid=$(fetch_column nb:bfd _uuid logical_port=r0-sw1)
> > +check ovn-nbctl set bfd $uuid min_tx=1000
> > +check ovn-nbctl set bfd $uuid min_rx=1000
> > +check ovn-nbctl set bfd $uuid detect_mult=100
> > +
> > +check_column 1000 bfd min_tx logical_port=r0-sw1
> > +check_column 1000 bfd min_rx logical_port=r0-sw1
> > +check_column 100 bfd detect_mult logical_port=r0-sw1
> > +
> > +ovn-nbctl destroy bfd $uuid
> > +check_row_count bfd 1
> > +
> > +AT_CLEANUP
> >
>
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
