[ovs-dev] [PATCH ovn v1 1/4] northd: Don't add lr_out_delivery default drop flow for each lrp.

Thu, 08 Feb 2024 13:49:36 -0800 

From: Numan Siddique <[email protected]>

The default drop flow in lr_out_delivery stage is generated
for every router port of a logical router.  This results in the
lflow_table_add_lflow() to be called multiple times for the
same match and actions and the ovn_lflow to have multiple
dp_refcnts.  Fix this by generating this lflow only once for
each router.

Fixes: 27a92cc272aa ("northd: make default drops explicit")
Signed-off-by: Numan Siddique <[email protected]>
---
 northd/northd.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/northd/northd.c b/northd/northd.c
index a174a4dcd1..a5d5e67117 100644
--- a/northd/northd.c
+++ b/northd/northd.c
@@ -13470,9 +13470,6 @@ build_egress_delivery_flows_for_lrouter_port(
     ds_put_format(match, "outport == %s", op->json_key);
     ovn_lflow_add(lflows, op->od, S_ROUTER_OUT_DELIVERY, 100,
                   ds_cstr(match), "output;", lflow_ref);
-
-    ovn_lflow_add_default_drop(lflows, op->od, S_ROUTER_OUT_DELIVERY,
-                               lflow_ref);
 }
 
 static void
@@ -14838,9 +14835,9 @@ lrouter_check_nat_entry(const struct ovn_datapath *od,
 }
 
 /* NAT, Defrag and load balancing. */
-static void build_lr_nat_defrag_and_lb_default_flows(struct ovn_datapath *od,
-                                                struct lflow_table *lflows,
-                                                struct lflow_ref *lflow_ref)
+static void build_lr_nat_defrag_and_lb_default_flows(
+    struct ovn_datapath *od, struct lflow_table *lflows,
+    struct lflow_ref *lflow_ref)
 {
     ovs_assert(od->nbr);
 
@@ -14866,6 +14863,12 @@ static void 
build_lr_nat_defrag_and_lb_default_flows(struct ovn_datapath *od,
      * packet would go through conntrack - which is not required. */
     ovn_lflow_add(lflows, od, S_ROUTER_OUT_SNAT, 120, "nd_ns", "next;",
                   lflow_ref);
+
+    /* Default drop rule in lr_out_delivery stage.  See
+     * build_egress_delivery_flows_for_lrouter_port() which adds a rule
+     * for each router port. */
+    ovn_lflow_add_default_drop(lflows, od, S_ROUTER_OUT_DELIVERY,
+                               lflow_ref);
 }
 
 static void
-- 
2.43.0

_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Reply via email to