> On 1/23/23 16:36, Lorenzo Bianconi wrote: > >> On Mon, 2023-01-23 at 10:01 +0100, Lorenzo Bianconi wrote: > >>> Avoid learning Link-Local reserved multicast addresses if advertised in > >>> a MLD reports since this interferes with Slaac IPv6 address resolution > >>> implemented in OVN. > >>> > >>> Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=2154930 > >>> Tested-by: Eduardo Olivares <eoliv...@redhat.com> > >>> Signed-off-by: Lorenzo Bianconi <lorenzo.bianc...@redhat.com> > >>> --- > >>> lib/mcast-snooping.c | 69 ++++++++++++++++++++++++++++++++------------ > >>> lib/packets.c | 11 +++++++ > >>> lib/packets.h | 13 +++++++++ > >>> 3 files changed, 74 insertions(+), 19 deletions(-) > >>> > >>> diff --git a/lib/mcast-snooping.c b/lib/mcast-snooping.c > >>> index 029ca2855..a9d2e7900 100644 > >>> --- a/lib/mcast-snooping.c > >>> +++ b/lib/mcast-snooping.c > >>> @@ -38,6 +38,8 @@ > >>> COVERAGE_DEFINE(mcast_snooping_learned); > >>> COVERAGE_DEFINE(mcast_snooping_expired); > >>> > >>> +VLOG_DEFINE_THIS_MODULE(mcast_snooping); > >>> + > >>> static struct mcast_port_bundle * > >>> mcast_snooping_port_lookup(struct ovs_list *list, void *port); > >>> static struct mcast_mrouter_bundle * > >>> @@ -489,6 +491,28 @@ mcast_snooping_add_report(struct mcast_snooping *ms, > >>> return count; > >>> } > >>> > >>> +static bool > >>> +mcast_snooping_should_learn_mld_group(struct in6_addr *addr) > >>> +{ > >>> + /* we should learn multicast group from the following IPv6 multicast > >> > >> Is this supposed to be "should *not* learn multicast group"? > > > > yes, sorry :) > > Hi, Lorenzo,
Hi Dumitru, > > Even in this form, I'm not sure this approach is correct. I thought > some more about it and (even if these are reserved groups) an MLD > snooping switch should probably learn them and only flood packets to > hosts that registered. > > Moreover, with your patch, if we don't learn the groups we should at > least make sure all traffic towards the group IPs is flooded and we're > not actually doing that. > > But this brings me to the original OVN problem. I think the real issue > is that in the bug report the user is expecting the logical router port > to reply with "router advertisement" for a "router solicitation". correct > > The router solicitation packet is sent to ff02::2 but the OVN logical > router port never sends an MLD report to join that group. That means > that the OVN logical switch with MLD snoop enabled doesn't learn that it > should forward traffic with dest IP ff02::2 towards the router port too. > > I think the best way to address this for OVN is to just skip generating > logical flows in OVN for groups that correspond to IPv6 reserved > multicast addresses. We currently only skip ff02::1 [0]. > > We probably need to change that to include > all-routers/all-site-router/solicited-node too. > > What do you think? sure, I am fine with this approach. I will work on a v2. Regards, Lorenzo > > Regards, > Dumitru > > [0] https://github.com/ovn-org/ovn/blob/main/northd/northd.c#L9022 > > _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
