For all unit tests, automatically compare I+P flows with with recompute ones.
IP and recompute flows show differences in the following cases: - OVN does not properly remove a datapath from the list of local datapaths when ports are removed. Hence some related_ports and/or datapath can be avoided in the comparison. Tests were updated in that sense. - ct_zone allocation differs between I+P and recompute. Tests were updated (right before cleanup) in order to avoid this situation. - Multiple peer_ports cause flows replacing chassis mac with non deterministic router port mac for east west traffic. The table containing such flows was ignored in the comparison. Finally, some ecmp related tests were modified in order to have ports on DR in different subnets to prevent having flows with same match but different actions Reported-at: https://issues.redhat.com/browse/FDP-152 Signed-off-by: Xavier Simonart <xsimo...@redhat.com> --- v2: - Rebased on origin/main. - Added missing 'check'. v3: - Fix more tests, mostly ignoring local datapaths, as detected by latest CHECK_AFTER_RECOMPUTE macro. --- tests/ovn-controller.at | 6 +- tests/ovn-ic.at | 3 +- tests/ovn-macros.at | 20 +-- tests/ovn-northd.at | 9 +- tests/ovn.at | 265 ++++++++++++++++++++++++++++++---------- 5 files changed, 227 insertions(+), 76 deletions(-) diff --git a/tests/ovn-controller.at b/tests/ovn-controller.at index 6561e177f..efb0a1741 100644 --- a/tests/ovn-controller.at +++ b/tests/ovn-controller.at @@ -766,8 +766,12 @@ primary lport : [[lsp1]] done check as northd ovn-appctl -t ovn-northd resume + +# Since northd is restarted, port type is back to localport, so ls is not local datapath anymore. OVN_CLEANUP([hv1 -/No distributed-port option set for chassisredirect port lsp1/d]) +/No distributed-port option set for chassisredirect port lsp1/d +ignored_dp=ls1 +]) AT_CLEANUP AT_SETUP([ovn-controller - ssl/tls files change when using command line options]) diff --git a/tests/ovn-ic.at b/tests/ovn-ic.at index 0fd38acb2..fd5eca31a 100644 --- a/tests/ovn-ic.at +++ b/tests/ovn-ic.at @@ -495,7 +495,8 @@ switch <0> (ts1) check ovn-nbctl lsp-del lsp-ts1-lr1 OVS_WAIT_WHILE([ovn_as az2 ovn-nbctl show | grep lsp-ts1-lr1]) -OVN_CLEANUP_SBOX(gw1) +# ts1 should not be local dataath since lsp-ts1-lr1 has been deleted. +OVN_CLEANUP_SBOX(gw1, [], [], [ts1,lr1]) OVN_CLEANUP_IC([az1], [az2]) AT_CLEANUP diff --git a/tests/ovn-macros.at b/tests/ovn-macros.at index cdfa503da..1ef511c25 100644 --- a/tests/ovn-macros.at +++ b/tests/ovn-macros.at @@ -362,9 +362,11 @@ m4_define([OVN_CLEANUP_CONTROLLER],[ hv=$1 sbox=$2 related_ports=$3 - no_recompute_check=$4 + ignored_dp=$4 + ignored_tables=$5 + no_recompute_check=$6 if test "$no_recompute_check" != "True"; then - CHECK_RELATED_PORTS_AFTER_RECOMPUTE([$hv], [$sbox], [$related_ports]) + CHECK_AFTER_RECOMPUTE([$hv], [$sbox], [$related_ports], [$ignored_dp], [$ignored_tables]) fi if test "$hv" = "vtep"; then @@ -385,10 +387,12 @@ m4_define([OVN_CLEANUP_SBOX],[ sbox=$1 error=$2 related_ports=$3 - no_recompute_check=$4 + ignored_dp=$4 + ignored_tables=$5 + no_recompute_check=$6 echo "$sbox: clean up sandbox" as $sbox - OVN_CLEANUP_CONTROLLER([$sbox], [$sbox], [$related_ports], [$no_recompute_check]) + OVN_CLEANUP_CONTROLLER([$sbox], [$sbox], [$related_ports], [$ignored_dp], [$ignored_tables], [$no_recompute_check]) OVN_CLEANUP_VSWITCH([$sbox]) # Check for errors in logs. Ignore following errors: @@ -416,13 +420,15 @@ m4_define([OVN_CLEANUP],[ m4_foreach([sbox_and_error], [$@], [ sbox=$(echo "sbox_and_error" |sed -n '1p') error=$(echo "sbox_and_error" | grep '/') - related_ports=$(echo "sbox_and_error" | sed -n '2,$p' | grep -v '/') - CHECK_RELATED_PORTS_AFTER_RECOMPUTE([$sbox], [$sbox], [$related_ports]) + ignored_dp=$(echo "sbox_and_error" | grep 'ignored_dp' | cut -d'=' -f 2) + ignored_tables=$(echo "sbox_and_error" | grep 'ignored_tables' | cut -d'=' -f 2) + related_ports=$(echo "sbox_and_error" | sed -n '2,$p' | grep -v '/' | grep -v 'ignored_dp' | grep -v 'ignored_tables') + CHECK_AFTER_RECOMPUTE([$sbox], [$sbox], [$related_ports], [$ignored_dp], [$ignored_tables]) ]) m4_foreach([sbox_and_error], [$@], [ sbox=$(echo "sbox_and_error" |sed -n '1p') error=$(echo "sbox_and_error" | grep '/') - OVN_CLEANUP_SBOX([$sbox], [$error], [], ["True"]) + OVN_CLEANUP_SBOX([$sbox], [$error], [], [], [], ["True"]) ]) echo diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at index cfaba19bf..3e5e3a991 100644 --- a/tests/ovn-northd.at +++ b/tests/ovn-northd.at @@ -11131,7 +11131,10 @@ northd_recomp=$(as northd ovn-appctl -t ovn-northd inc-engine/show-stats northd echo northd_recomp $northd_recomp AT_CHECK([test $northd_recomp -ge 1]) -OVN_CLEANUP([hv1]) +# ls0 should not be a local datapath as all its ports got deleted. +OVN_CLEANUP([hv1 +ignored_dp=ls0 +]) AT_CLEANUP ]) @@ -11254,7 +11257,9 @@ check ovn-nbctl --wait=sb lrp-del lrp check_recompute_counter 1 1 CHECK_NO_CHANGE_AFTER_RECOMPUTE -OVN_CLEANUP([hv1]) +# lr0 is not local datapath as lrp got deleted. +OVN_CLEANUP([hv1 +ignored_dp=lr0]) AT_CLEANUP ]) diff --git a/tests/ovn.at b/tests/ovn.at index 3d159d02b..f56c95cd5 100644 --- a/tests/ovn.at +++ b/tests/ovn.at @@ -8944,7 +8944,9 @@ OVS_WAIT_UNTIL([test x`ovn-nbctl lsp-get-up lp1` = xup]) as hv1 ovs-vsctl del-port br-int vif1 OVS_WAIT_UNTIL([test x`ovn-nbctl lsp-get-up lp1` = xdown]) -OVN_CLEANUP([hv1]) +# ls1 not local to hv1 anymore after ovs-vsctl del-port br-int vif1 +OVN_CLEANUP([hv1 +ignored_dp=ls1]) AT_CLEANUP ]) @@ -9928,7 +9930,8 @@ test "$n_arp" = 10 # lr0 & ls0 should not be local datapath on hv2 anymore, and hence # ln_port should not be a related_port on hv2. OVN_CLEANUP([hv1],[hv2 -ln_port]) +ln_port +ignored_dp=lr0,ls0]) AT_CLEANUP ]) @@ -11283,7 +11286,9 @@ OVS_WAIT_UNTIL([test xdown = x$(ovn-nbctl lsp-get-up vm1)]) OVS_WAIT_UNTIL([test xdown = x$(ovn-nbctl lsp-get-up foo1)]) OVS_WAIT_UNTIL([test xdown = x$(ovn-nbctl lsp-get-up bar1)]) -OVN_CLEANUP([hv1],[hv2]) +# mgmt2 not local to hv1 anymore after ovs-vsctl del-port vm1 +OVN_CLEANUP([hv1 +ignored_dp=mgmt2],[hv2]) AT_CLEANUP ]) @@ -12953,7 +12958,8 @@ net_add n1 sim_add hv1 as hv1 ovs-vsctl add-br br-phys -ovn_attach n1 br-phys 192.168.0.1 +# do not use same ip for underlay and underlay networks +ovn_attach n1 br-phys 192.168.1.1 AT_CHECK([ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-mappings=physnet1:br-phys]) AT_CHECK([ovs-vsctl add-port br-phys snoopvif -- set Interface snoopvif options:tx_pcap=hv1/snoopvif-tx.pcap options:rxq_pcap=hv1/snoopvif-rx.pcap]) @@ -12961,13 +12967,13 @@ AT_CHECK([ovs-vsctl add-port br-phys snoopvif -- set Interface snoopvif options: sim_add hv2 as hv2 ovs-vsctl add-br br-phys -ovn_attach n1 br-phys 192.168.0.2 +ovn_attach n1 br-phys 192.168.1.2 # Initially test with no bridge-mapping on hv2, expect to receive no packets sim_add hv3 as hv3 ovs-vsctl add-br br-phys -ovn_attach n1 br-phys 192.168.0.3 +ovn_attach n1 br-phys 192.168.1.3 # Initially test with no bridge-mapping on hv3 # Create a localnet port. @@ -14804,7 +14810,11 @@ wait_row_count Chassis 1 name=gw2 # is a small window in which gw2 may claim the cr-outside port if # it has not established bfd tunnel with gw1. # So make sure that, cr-outside is claimed by gw1 finally. +# To avoid gw1 and gw2 fighting for cr-outside, wait for BFD to be up +# then for ovn-controller to handle that change. gw1_chassis=$(fetch_column Chassis _uuid name=gw1) +ovn_wait_for_bfd_up hv1 gw1 gw2 +check ovn-nbctl --wait=hv sync wait_row_count Port_Binding 1 logical_port=cr-outside chassis=$gw1_chassis OVN_CLEANUP([gw1 @@ -15282,7 +15292,9 @@ wait_for_ports_up OVS_WAIT_UNTIL([test `as hv1 ovs-vsctl get Interface lsp0 external_ids:ovn-installed` = '"true"']) OVS_WAIT_UNTIL([test x`as hv2 ovs-vsctl get Interface lsp0 external_ids:ovn-installed` = x]) -OVN_CLEANUP([hv1],[hv2]) +# Since lsp0 is requested on hv1, ls0 should not be local datapath to hv2 anymore. Ignore. +OVN_CLEANUP([hv1],[hv2 +ignored_dp=ls0]) AT_CLEANUP ]) @@ -15415,7 +15427,11 @@ wait_column "$hv1_uuid" Port_Binding requested_chassis logical_port=lsp0 wait_column "$hv2_uuid" Port_Binding additional_chassis logical_port=lsp0 wait_column "$hv2_uuid $hv3_uuid" Port_Binding requested_additional_chassis logical_port=lsp0 -OVN_CLEANUP([hv1],[hv2],[hv3]) +# ls0 not local to hv[x]since as hv1 check ovs-vsctl -- del-port br-int lsp0 +OVN_CLEANUP([hv1 +ignored_dp=ls0],[hv2 +ignored_dp=ls0],[hv3 +ignored_dp=ls0]) AT_CLEANUP ]) @@ -15756,6 +15772,16 @@ echo $request >> hv3/third.expected check_packets +# ct_zone allocation differs between I+P and recompute: +# - In I+P an ovs interface with external-ids:iface-id set (but no +# logical_port in sb) results in no ct_zone allocated. +# - In recompute, in the same case, a ct_zone is allocated - this is +# necessary to avoid flushing ct_zone if/when controller is restarted. +# As migrrator has iface-id set on hv1 but is bound to hv2, we would hit +# some ct-zone related differences in flows before and after recompute. +# Avoid/hide this by removing iface-id on hv1. + +as hv1 check ovs-vsctl remove Interface migrator external-ids iface-id OVN_CLEANUP([hv1],[hv2],[hv3]) AT_CLEANUP @@ -16146,6 +16172,11 @@ echo $request >> hv2/n1.expected check_packets +# ct_zone allocation differs between I+P and recompute. +# As migrrator has iface-id set on hv1 but is bound to hv2, we would hit +# some ct-zone related differences in flows before and after recompute. +# Avoid/hide this by removing iface-id on hv1. +as hv1 check ovs-vsctl remove Interface migrator external-ids iface-id OVN_CLEANUP([hv1],[hv2],[hv3]) AT_CLEANUP @@ -16685,6 +16716,12 @@ check_packets check ovn-nbctl lsp-set-options migrator requested-chassis=hv2 OVS_WAIT_UNTIL([test x = x$(ovn-sbctl get Port_Binding $pb_uuid options:additional-chassis-activated)]) +# ct_zone allocation differs between I+P and recompute. +# As migrrator has iface-id set on hv1 but is bound to hv2, we would hit +# some ct-zone related differences in flows before and after recompute. +# Avoid/hide this by removing iface-id on hv1. +as hv1 check ovs-vsctl remove Interface migrator external-ids iface-id + OVN_CLEANUP([hv1],[hv2],[hv3]) AT_CLEANUP @@ -16940,7 +16977,9 @@ AT_CHECK([as hv2 ovs-ofctl dump-flows br-int table=OFTABLE_LOG_TO_PHY | grep act AT_CHECK([as hv1 ovs-ofctl dump-flows br-int table=OFTABLE_PHY_TO_LOG | grep in_port=$hv1_ofport], [1], []) AT_CHECK([as hv1 ovs-ofctl dump-flows br-int table=OFTABLE_LOG_TO_PHY | grep output], [1], []) -OVN_CLEANUP([hv1],[hv2]) +# ls0 should nt be local to hv1 anymore since ovn-nbctl lsp-set-options lsp0 requested-chassis=hv2 +OVN_CLEANUP([hv1 +ignored_dp=ls0],[hv2]) AT_CLEANUP ]) @@ -17106,6 +17145,7 @@ of2=$(as hv2 ovs-vsctl --bare --columns ofport find Interface name=vif-migrator2 # There is no ofport yet for hv1 => we cannot check/find a flows with in_port=of1 AS_BOX([$(date +%H:%M:%S.%03N) Before migrating migrator2]) +as hv2 ovn-appctl vlog/set dbg # We should have zero flows in table OFTABLE_PHY_TO_LOG from in_port=migrator2 in hv1 and two flows in hv2. wait_column "" Port_Binding additional_chassis logical_port=migrator2 wait_column "" Port_Binding additional_chassis logical_port=mig2-cont @@ -17148,7 +17188,15 @@ wait_column "" Port_Binding additional_chassis logical_port=mig2-cont check_in_port_flows_count hv1 $of1 2 check_in_port_flows_count hv2 $of2 0 -OVN_CLEANUP([hv1],[hv2]) +# Remove Interface vif-migrator[x] as porti are migrated. Also, without this, +# I+P and recompute would see different ct-zones and hence different flows. +as hv1 check ovs-vsctl del-port vif-migrator1 +as hv2 check ovs-vsctl del-port vif-migrator2 + +# Skip checking ls0 datapath until FDP-1223 is fixed. +OVN_CLEANUP([hv1 +ignored_dp=ls0],[hv2 +ignored_dp=ls0]) AT_CLEANUP ]) @@ -17190,7 +17238,9 @@ wait_column '' Port_Binding chasssi logical_port=lsp0 AT_CHECK([as hv1 ovs-ofctl dump-flows br-int table=OFTABLE_PHY_TO_LOG | grep in_port=1], [1], []) AT_CHECK([as hv1 ovs-ofctl dump-flows br-int table=OFTABLE_LOG_TO_PHY | grep output], [1], []) -OVN_CLEANUP([hv1]) +# ls0 not local to hv1 since ovn-nbctl --wait=hv lsp-set-options lsp0 requested-chassis=non-existant-chassis +OVN_CLEANUP([hv1 +ignored_dp=ls0]) AT_CLEANUP ]) @@ -17459,6 +17509,7 @@ OVN_CHECK_PACKETS_CONTAIN([hv2/br-phys_n1-tx.pcap], [hv2/n1.expected]) # So public should not be a related_port. OVN_CLEANUP([hv1 public +ignored_dp=ls0 ],[hv2]) AT_CLEANUP @@ -20549,6 +20600,13 @@ OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected]) # Start ovn-controller again just so OVN_CLEANUP doesn't complain as hv2 start_daemon ovn-controller +# Stopping and restarting ovn-controller on hv2 might cause geneve to be recreated, and ofport change. +# Make sure the ofport change does not happen right before recompute, cauing potential flow differences +# between IP and recompute flows. +OVS_WAIT_UNTIL([ + test 1 = $(as hv1 ovs-vsctl --columns ofport --bare find Interface name=ovn-hv2-0 | wc -l) +]) + OVN_CLEANUP([hv1],[hv2]) AT_CLEANUP ]) @@ -25169,9 +25227,11 @@ m4_define([DVR_N_S_ARP_HANDLING], # As ls-underlay is not local, ln3 should not be a related_port. OVN_CLEANUP([hv1 /transaction error/d -ln3],[hv2 +ln3 +ignored_dp=ls-underlay],[hv2 /transaction error/d -ln3],[hv3 +ln3 +ignored_dp=ls-underlay],[hv3 /transaction error/d ],[hv4]) @@ -26150,6 +26210,12 @@ as hv4 ovs-ofctl dump-flows br-int as hv4 ovs-ofctl show br-phys as hv4 ovs-appctl fdb/show br-phys +# Wait till the mac_binding flows appear in hv1 to avoid flow differences in tables OFTABLE_MAC_BINDING, OFTABLE_MAC_LOOKUP, OFTABLE_MAC_CACHE_USE. +OVS_WAIT_UNTIL([test 1 = $(as hv1 ovs-ofctl dump-flows br-int table=OFTABLE_MAC_BINDING \ +| grep -c reg0=0xc0a80101)]) +OVS_WAIT_UNTIL([test 1 = $(as hv1 ovs-ofctl dump-flows br-int table=OFTABLE_MAC_BINDING \ +| grep -c reg0=0xc0a80202)]) + # Expect some potential transaction errors for MAC_Binding OVN_CLEANUP([hv1 /transaction error/d @@ -26357,9 +26423,13 @@ wait_row_count Service_Monitor 0 status=offline wait_row_count Service_Monitor 0 status=online # lr0_public is on hv1. Hence lr0 & public should not be local datapaths on hv2, and ln_public not a related port for hv2. +# sw1-p1 has been deleted, so sw1 should neither be part of local datapaths on hv2. +# Since both sw0 and sw1 should not be local, flows in tables OFTABLE_CHK_LB_HAIRPIN and OFTABLE_CT_SNAT_HAIRPIN +# should have been deleted as well. OVN_CLEANUP([hv1], [hv2 -ln-public]) - +ln-public +ignored_dp=lr0,public,sw0,sw1 +ignored_tables=OFTABLE_CHK_LB_HAIRPIN,OFTABLE_CT_SNAT_HAIRPIN]) AT_CLEANUP ]) @@ -26431,13 +26501,13 @@ check ovn-nbctl lsp-set-type sw0-lr0 router check ovn-nbctl lsp-set-addresses sw0-lr0 router check ovn-nbctl lsp-set-options sw0-lr0 router-port=lr0-sw0 -check ovn-nbctl lrp-add lr0 lr0-sw1 00:00:00:00:ff:02 2001::a/64 +check ovn-nbctl lrp-add lr0 lr0-sw1 00:00:00:00:ff:02 2002::a/64 check ovn-nbctl lsp-add sw1 sw1-lr0 check ovn-nbctl lsp-set-type sw1-lr0 router check ovn-nbctl lsp-set-addresses sw1-lr0 router check ovn-nbctl lsp-set-options sw1-lr0 router-port=lr0-sw1 -check ovn-nbctl lb-add lb1 [[2001::a]]:80 [[2001::3]]:80,[[2002::3]]:80 +check ovn-nbctl lb-add lb1 [[2002::a]]:80 [[2001::3]]:80,[[2002::3]]:80 OVN_LB_ID=$(ovn-nbctl --bare --column _uuid find load_balancer name=lb1) check ovn-nbctl set load_balancer ${OVN_LB_ID} selection_fields="ipv6_dst,ipv6_src,tp_dst,tp_src" # @@ -26445,7 +26515,7 @@ check ovn-nbctl --wait=sb set load_balancer . ip_port_mappings:\"[[2001::3]]\"=\ check ovn-nbctl --wait=sb set load_balancer . ip_port_mappings:\"[[2002::3]]\"=\"sw1-p1:[[2002::2]]\" AT_CHECK([ovn-nbctl --wait=sb \ - -- --id=@hc create Load_Balancer_Health_Check vip="\[\[2001\:\:a\]\]\:80" \ + -- --id=@hc create Load_Balancer_Health_Check vip="\[\[2002\:\:a\]\]\:80" \ options:failure_count=100 \ -- add Load_Balancer . health_check @hc | uuidfilt], [0], [<0> ]) @@ -26481,15 +26551,15 @@ OVS_WAIT_FOR_OUTPUT( [ovn-sbctl dump-flows > sbflows ovn-sbctl dump-flows sw0 | grep ct_lb_mark | grep priority=120 | sed 's/table=..//'], 0, [dnl - (ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] == 1 && ip6.dst == 2001::a && tcp.dst == 80), action=(xxreg1 = 2001::a; reg2[[0..15]] = 80; ct_lb_mark;) - (ls_in_lb ), priority=120 , match=(ct.new && ip6.dst == 2001::a && tcp.dst == 80), action=(xxreg1 = 2001::a; reg2[[0..15]] = 80; ct_lb_mark(backends=[[2001::3]]:80,[[2002::3]]:80; hash_fields="ipv6_dst,ipv6_src,tcp_dst,tcp_src");) + (ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] == 1 && ip6.dst == 2002::a && tcp.dst == 80), action=(xxreg1 = 2002::a; reg2[[0..15]] = 80; ct_lb_mark;) + (ls_in_lb ), priority=120 , match=(ct.new && ip6.dst == 2002::a && tcp.dst == 80), action=(xxreg1 = 2002::a; reg2[[0..15]] = 80; ct_lb_mark(backends=[[2001::3]]:80,[[2002::3]]:80; hash_fields="ipv6_dst,ipv6_src,tcp_dst,tcp_src");) ]) AT_CAPTURE_FILE([sbflows2]) OVS_WAIT_FOR_OUTPUT( [ovn-sbctl dump-flows > sbflows2 ovn-sbctl dump-flows lr0 | grep ct_lb_mark | grep priority=120 | sed 's/table=..//'], 0, - [ (lr_in_dnat ), priority=120 , match=(ct.new && !ct.rel && ip6 && ip6.dst == 2001::a && tcp && tcp.dst == 80 && is_chassis_resident("cr-lr0-public")), action=(ct_lb_mark(backends=[[2001::3]]:80,[[2002::3]]:80; hash_fields="ipv6_dst,ipv6_src,tcp_dst,tcp_src");) + [ (lr_in_dnat ), priority=120 , match=(ct.new && !ct.rel && ip6 && ip6.dst == 2002::a && tcp && tcp.dst == 80 && is_chassis_resident("cr-lr0-public")), action=(ct_lb_mark(backends=[[2001::3]]:80,[[2002::3]]:80; hash_fields="ipv6_dst,ipv6_src,tcp_dst,tcp_src");) ]) # get the svc monitor mac. @@ -26506,7 +26576,7 @@ OVS_WAIT_UNTIL( grep "405400000003${svc_mon_src_mac}" | wc -l`] ) -check ovn-nbctl set load_balancer_health_check [[2001::a]]:80 options:failure_count=1 +check ovn-nbctl set load_balancer_health_check [[2002::a]]:80 options:failure_count=1 wait_row_count Service_Monitor 2 status=offline OVS_WAIT_UNTIL( @@ -26522,16 +26592,16 @@ grep "405400000003${svc_mon_src_mac}" | wc -l`] AT_CAPTURE_FILE([sbflows3]) ovn-sbctl dump-flows sw0 > sbflows3 AT_CHECK( - [grep "ip6.dst == 2001::a && tcp.dst == 80" sbflows3 | grep priority=120 |\ + [grep "ip6.dst == 2002::a && tcp.dst == 80" sbflows3 | grep priority=120 |\ ovn_strip_lflows], [0], [dnl - table=??(ls_in_lb ), priority=120 , match=(ct.new && ip6.dst == 2001::a && tcp.dst == 80), action=(drop;) - table=??(ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] == 1 && ip6.dst == 2001::a && tcp.dst == 80), action=(xxreg1 = 2001::a; reg2[[0..15]] = 80; ct_lb_mark;) + table=??(ls_in_lb ), priority=120 , match=(ct.new && ip6.dst == 2002::a && tcp.dst == 80), action=(drop;) + table=??(ls_in_pre_stateful ), priority=120 , match=(reg0[[2]] == 1 && ip6.dst == 2002::a && tcp.dst == 80), action=(xxreg1 = 2002::a; reg2[[0..15]] = 80; ct_lb_mark;) ]) AT_CAPTURE_FILE([sbflows4]) ovn-sbctl dump-flows lr0 > sbflows4 AT_CHECK([grep lr_in_dnat sbflows4 | grep priority=120 | sed 's/table=..//' | sort], [0], [dnl - (lr_in_dnat ), priority=120 , match=(ct.new && !ct.rel && ip6 && ip6.dst == 2001::a && tcp && tcp.dst == 80 && is_chassis_resident("cr-lr0-public")), action=(drop;) + (lr_in_dnat ), priority=120 , match=(ct.new && !ct.rel && ip6 && ip6.dst == 2002::a && tcp && tcp.dst == 80 && is_chassis_resident("cr-lr0-public")), action=(drop;) ]) # Delete sw0-p1 @@ -26558,9 +26628,11 @@ wait_row_count Service_Monitor 0 status=offline wait_row_count Service_Monitor 0 status=online # lr0_public is on hv1. Hence lr0 & public should not be local datapaths on hv2, and ln_public not a related port for hv2. +# sw1-p1 has been deleted, so sw1 should neither be part of local datapaths on hv2. OVN_CLEANUP([hv1], [hv2 -ln-public]) - +ln-public +ignored_dp=lr0,public,sw0,sw1 +ignored_tables=OFTABLE_CHK_LB_HAIRPIN,OFTABLE_CT_SNAT_HAIRPIN]) AT_CLEANUP ]) @@ -26680,9 +26752,10 @@ check_row_count Service_Monitor 0 AT_CHECK([test 1 = `grep -c "SCTP load balancers do not currently support health checks" northd/ovn-northd.log`]) # lr0_public is on hv1. Hence lr0 & public should not be local datapaths on hv2, and ln_public not a related port for hv2. +# Note that, at the difference of previous test, sw1-p1 is not deleted. hence sw1, lr0 and sw0 are also local datapaths in hv2. OVN_CLEANUP([hv1], [hv2 -ln-public]) - +ln-public +ignored_dp=public]) AT_CLEANUP ]) @@ -27535,8 +27608,10 @@ else AT_CHECK([test $hv2_rcv_n2 -eq 0], [0], []) fi -OVN_CLEANUP([hv1], [hv2]) - +#ls1, ls2 and lr1 are not local datapaths on hv1 since all ports on hv1 moved to hv2 +OVN_CLEANUP([hv1 +ignored_dp=ls1,ls2,lr1 +], [hv2]) AT_CLEANUP ]) @@ -29542,7 +29617,9 @@ reg15=0x${p1_dpkey} | grep REG13 | wc -l) -eq 0]) p1_zoneid=$(as hv1 ovs-vsctl get bridge br-int external_ids:ct-zone-sw0-p1 | sed 's/"//g') AT_CHECK([test -z $p1_zoneid]) -OVN_CLEANUP([hv1]) +# sw0 is not local to hv1 since ovn-nbctl lsp-del sw0-p1 +OVN_CLEANUP([hv1 +ignored_dp=sw0]) AT_CLEANUP ]) @@ -29588,8 +29665,13 @@ check ovn-nbctl lrp-add DR dr-ls1 00:00:01:01:02:03 10.0.0.1/24 check ovn-nbctl lsp-add ls1 ls1-dr -- set Logical_Switch_Port ls1-dr \ type=router options:router-port=dr-ls1 addresses='"00:00:01:01:02:03"' +# Ports on DR should be in different subnets to prevent having flows with same match but different actions. +# The following flows (in lr_in_ip_routing) would fight in case the same subnet is used: +# table=IP_ROUTING, priority=74,ip,metadata=0x1,nw_dst=10.0.0.0/24 actions=dec_ttl(),load:0->OXM_OF_PKT_REG4[32..47],move:NXM_OF_IP_DST[]->NXM_NX_XXREG0[96..127],load:0xa000002->NXM_NX_XXREG0[64..95],mod_dl_src:00:00:01:01:02:04,load:0x2 +# table=IP_ROUTING, priority=74,ip,metadata=0x1,nw_dst=10.0.0.0/24 actions=dec_ttl(),load:0->OXM_OF_PKT_REG4[32..47],move:NXM_OF_IP_DST[]->NXM_NX_XXREG0[96..127],load:0xa000002->NXM_NX_XXREG0[64..95],mod_dl_src:00:00:01:01:02:03,load:0x1 + # Connect ls2 to DR -check ovn-nbctl lrp-add DR dr-ls2 00:00:01:01:02:04 10.0.0.2/24 +check ovn-nbctl lrp-add DR dr-ls2 00:00:01:01:02:04 10.0.1.1/24 check ovn-nbctl lsp-add ls2 ls2-dr -- set Logical_Switch_Port ls2-dr \ type=router options:router-port=dr-ls2 addresses='"00:00:01:01:02:04"' @@ -29612,8 +29694,8 @@ check ovn-nbctl lr-route-add GW 10.0.0.0/24 20.0.0.1 check ovn-nbctl --policy="src-ip" lr-route-add DR 10.0.0.0/24 20.0.0.2 # Now add some ECMP routes to the GW router. -check ovn-nbctl --ecmp-symmetric-reply --policy="src-ip" lr-route-add GW 10.0.0.0/24 172.16.0.2 -check ovn-nbctl --ecmp-symmetric-reply --policy="src-ip" lr-route-add GW 10.0.0.0/24 172.16.0.3 +check ovn-nbctl --ecmp-symmetric-reply --policy="src-ip" lr-route-add GW 10.0.0.0/16 172.16.0.2 +check ovn-nbctl --ecmp-symmetric-reply --policy="src-ip" lr-route-add GW 10.0.0.0/16 172.16.0.3 wait_for_ports_up check ovn-nbctl --wait=hv sync @@ -29714,12 +29796,12 @@ check ovn-nbctl ls-add join check ovn-nbctl ls-add ext # Connect ls1 to DR -check ovn-nbctl lrp-add DR dr-ls1 00:00:01:01:02:03 1001::1/64 +check ovn-nbctl lrp-add DR dr-ls1 00:00:01:01:02:03 1001:0:0:1::1/64 check ovn-nbctl lsp-add ls1 ls1-dr -- set Logical_Switch_Port ls1-dr \ type=router options:router-port=dr-ls1 addresses='"00:00:01:01:02:03"' # Connect ls2 to DR -check ovn-nbctl lrp-add DR dr-ls2 00:00:01:01:02:04 1001::2/64 +check ovn-nbctl lrp-add DR dr-ls2 00:00:01:01:02:04 1001:0:0:2::1/64 check ovn-nbctl lsp-add ls2 ls2-dr -- set Logical_Switch_Port ls2-dr \ type=router options:router-port=dr-ls2 addresses='"00:00:01:01:02:04"' @@ -29742,8 +29824,8 @@ check ovn-nbctl lr-route-add GW 1001::/64 2001::1 check ovn-nbctl --policy="src-ip" lr-route-add DR 1001::0/64 2001::2 # Now add some ECMP routes to the GW router. -check ovn-nbctl --ecmp-symmetric-reply --policy="src-ip" lr-route-add GW 1001::/64 7001::2 -check ovn-nbctl --ecmp-symmetric-reply --policy="src-ip" lr-route-add GW 1001::/64 7001::3 +check ovn-nbctl --ecmp-symmetric-reply --policy="src-ip" lr-route-add GW 1001::/48 7001::2 +check ovn-nbctl --ecmp-symmetric-reply --policy="src-ip" lr-route-add GW 1001::/48 7001::3 wait_for_ports_up check ovn-nbctl --wait=hv sync @@ -30034,7 +30116,9 @@ as hv1 ovn-appctl -t ovn-controller debug/resume # Make sure ovn-controller runs fine. OVS_WAIT_UNTIL([test x$(as hv1 ovn-appctl -t ovn-controller debug/status) = "xrunning"]) -OVN_CLEANUP([hv1]) +# ls is not local to hv1 since ovn-nbctl --wait=sb lsp-del lsp +OVN_CLEANUP([hv1 +ignored_dp=ls]) AT_CLEANUP ]) @@ -30683,15 +30767,26 @@ OVS_WAIT_UNTIL([ test_arp_response 000030303233 $(ip_to_hex 172 16 0 200) hv1 hv2 hv3 test_arp_response 000030303233 $(ip_to_hex 172 16 0 201) hv1 hv2 hv3 +# In OVN_CLEANUP we recompute to check whether I-P created flows are correct. +# However, with gw_router on hv1, public on hv1 has two peer ports. +# There is one flow (in table OFTABLE_PHY_TO_LOG, priority 180) replacing chassis mac with router +# port mac for east west traffic. If there are two peer ports, then recompute is not +# deterministic as new src mac might be from any of the two router ports. +# Hence ignore differences on table=OFTABLE_PHY_TO_LOG for now. +# gw_router was at some point in time scheduled on hv3. Hence, gw_router and it's +# connected routers and ports became local datapaths to hv3. They are not removed +# as OVN does not remove datapaths from local datapaths. OVN_CLEANUP([hv1 /parse MAC binding/d /unknown logical port/d +ignored_tables=OFTABLE_PHY_TO_LOG ],[hv2 /parse MAC binding/d /unknown logical port/d ],[hv3 /parse MAC binding/d /unknown logical port/d +ignored_dp=gw_router, lr1, join, sw3 ]) AT_CLEANUP @@ -30947,7 +31042,9 @@ ovs-vsctl set interface hv1-vif1 external_ids:iface-id=foo OVS_WAIT_UNTIL([test 0 = `as hv1 ovs-ofctl dump-flows br-int | \ grep conjunction | wc -l`]) -OVN_CLEANUP([hv1]) +# ls1 is not local to hv1 since ovs-vsctl set interface hv1-vif1 external_ids:iface-id=foo +OVN_CLEANUP([hv1 +ignored_dp=ls1]) AT_CLEANUP ]) @@ -32183,7 +32280,9 @@ wait_column "false" Port_Binding up logical_port=lsp2 wait_column "false" Port_Binding up logical_port=lsp1 wait_column "false" nb:Logical_Switch_Port up name=lsp1 -OVN_CLEANUP([hv1]) +# ls not local to hv1 since lsp1 and lsp2 w/o iface-id +OVN_CLEANUP([hv1 +ignored_dp=ls]) AT_CLEANUP ]) @@ -32997,7 +33096,9 @@ wait_column "false" nb:Logical_Switch_Port up name=vm1 wait_column "false" nb:Logical_Switch_Port up name=vm-cont1 wait_column "false" nb:Logical_Switch_Port up name=vm-cont2 -OVN_CLEANUP([hv1]) +# ls is not local to hv1 since vm1 as a child port of some non existent lport +OVN_CLEANUP([hv1 +ignored_dp=ls]) AT_CLEANUP ]) @@ -33095,7 +33196,9 @@ AT_CHECK([kill -0 $(cat hv1/ovn-controller.pid)]) wait_column "false" nb:Logical_Switch_Port up name=vm1 -OVN_CLEANUP([hv1]) +# ls not local to hv1 since as hv1 ovs-vsctl set Interface vm1 external_ids:iface-id=foo +OVN_CLEANUP([hv1 +ignored_dp=ls]) AT_CLEANUP ]) @@ -33173,7 +33276,10 @@ check ovn-nbctl --wait=hv sync # Make sure that ovn-controller has not asserted. AT_CHECK([kill -0 $(cat hv1/ovn-controller.pid)]) -OVN_CLEANUP([hv1]) +# ls1 not local since ovn-nbctl lsp-add ls1 lsp1 +OVN_CLEANUP([hv1 +ignored_dp=ls1 +]) AT_CLEANUP ]) @@ -33491,7 +33597,9 @@ primary lport : [[sw0p2]] ---------------------------------------- ]) -OVN_CLEANUP([hv1], [hv2]) +# sw0 not local to hv1 since sw0p1 as child port of non existent lport - foo and sw0p2 is on hv2 +OVN_CLEANUP([hv1 +ignored_dp=sw0], [hv2]) AT_CLEANUP ]) @@ -34387,16 +34495,25 @@ OVN_CLEANUP([hv1 ln1 ln2 ln3 +ignored_dp=S1,S2,S3 ],[hv2 ln2 -ln3],[hv3 +ln3 +ignored_dp=S2,S3 +],[hv3 ln1 -ln3],[hv4 +ln3 +ignored_dp=S1,S3 +],[hv4 ln1 -ln2],[hv5 +ln2 +ignored_dp=S1,S2 +],[hv5 ln1 ln2 -ln3]) +ln3 +ignored_dp=S1,S2,S3 +]) AT_CLEANUP ]) @@ -34632,7 +34749,7 @@ check ovn-nbctl ls-add sw0 check ovn-nbctl lsp-add sw0 sw0-port1 check ovn-nbctl lsp-set-addresses sw0-port1 "50:54:00:00:00:01 10.0.0.3" check ovn-nbctl lsp-add sw0 sw0-port2 -check ovn-nbctl lsp-set-addresses sw0-port2 "50:54:00:00:00:01 10.0.0.4" +check ovn-nbctl lsp-set-addresses sw0-port2 "50:54:00:00:00:02 10.0.0.4" check ovn-nbctl lsp-set-type sw0-port2 localport check ovn-nbctl lr-add lr0 @@ -34935,7 +35052,9 @@ OVS_WAIT_UNTIL([ grep -q "CMS requested plugging of lport lsp3" hv2/ovn-controller.log ]) -OVN_CLEANUP([hv1],[hv2 +# lsw0 not local as ports unplugged +OVN_CLEANUP([hv1 +ignored_dp=lsw0],[hv2 /CMS requested plugging of lport lsp3/d ]) AT_CLEANUP @@ -35484,7 +35603,11 @@ check_port_sec_offlows hv2 OFTABLE_CHK_IN_PORT_SEC check_port_sec_offlows hv2 OFTABLE_CHK_IN_PORT_SEC_ND check_port_sec_offlows hv2 OFTABLE_CHK_OUT_PORT_SEC -OVN_CLEANUP([hv1], [hv2]) +# sw0 not local to hv1 as sw0p2 and hv1-vif0 are deleted +# sw0 not local to hv2 as sw0p2 has been deleted. +OVN_CLEANUP([hv1 +ignored_dp=sw0], [hv2 +ignored_dp=sw0]) AT_CLEANUP ]) @@ -36017,7 +36140,8 @@ AT_CHECK([as hv1 ovn-appctl -t ovn-controller debug/dump-mac-bindings], [0], [dn Local MAC bindings: ]) -OVN_CLEANUP([hv1]) +OVN_CLEANUP([hv1 +ignored_dp=lr]) AT_CLEANUP ]) @@ -36366,7 +36490,10 @@ check ovn-nbctl --wait=hv sync check ovn-nbctl lsp-del lsp check ovn-nbctl lrp-del lrp check ovn-nbctl --wait=hv sync -OVN_CLEANUP([hv1]) + +# ro0 not local as lrp deleted +OVN_CLEANUP([hv1 +ignored_dp=ro0]) AT_CLEANUP ]) @@ -36451,7 +36578,10 @@ check ovn-nbctl --wait=hv lrp-add ro0 lrp 00:00:00:00:00:01 aef0:0:0:0:0:0:0:1/6 check ovn-nbctl --wait=hv lsp-del lsp check ovn-nbctl lrp-del lrp check ovn-nbctl --wait=hv sync -OVN_CLEANUP([hv1]) + +# ro0 not local as lrp deleted +OVN_CLEANUP([hv1 +ignored_dp=ro0]) AT_CLEANUP ]) @@ -38650,7 +38780,8 @@ wait_column "" Port_Binding chassis logical_port=lsp2 # ls1 should not be a local datapath in hv1 as vif1 iface-id has been removed. # Hence ln1 should not be a related port. OVN_CLEANUP([hv1 -ln1]) +ln1 +ignored_dp=ls1]) AT_CLEANUP ]) @@ -39836,7 +39967,9 @@ OVS_WAIT_FOR_OUTPUT([as hv1 ovs-ofctl dump-flows br-int table=OFTABLE_PHY_TO_LOG 1 ]) -OVN_CLEANUP([hv1]) +# lsw0 not local as lsp1 requested-chassis to differant chassis +OVN_CLEANUP([hv1 +ignored_dp=lsw0]) AT_CLEANUP ]) @@ -40283,10 +40416,9 @@ wake_up_controller hv2 as hv2 ovs-vsctl -- del-port br-int vif check ovn-nbctl --wait=hv sync -DUMP_FLOWS([hv1], [oflows2]) - -check diff oflows1 oflows2 -OVN_CLEANUP([hv1],[hv2]) +# ls0 not local datapath for hv2 as vif has been deleted, and there is no other local interface on br-int. +OVN_CLEANUP([hv1],[hv2 +ignored_dp=ls0]) AT_CLEANUP ]) @@ -40523,7 +40655,8 @@ OVS_WAIT_UNTIL([test $(as hv2 ovs-ofctl dump-flows br-int table=OFTABLE_OUTPUT_L # ls (and it's localnet ln) should not be local datapath to hv2 as multi was deleted. Still local datapath to hv1 due to lsp1. OVN_CLEANUP([hv1],[hv2 -ln]) +ln +ignored_dp=ls]) AT_CLEANUP ]) @@ -40941,7 +41074,9 @@ wait_for_ports_up multi check_column $remote_chassis Port_Binding chassis logical_port=multi check_column "[]" Port_Binding additional_chassis logical_port=multi -OVN_CLEANUP([hv1]) +# ls is not local datapaths anymore in hv1. +OVN_CLEANUP([hv1 +ignored_dp=ls]) AT_CLEANUP ]) -- 2.47.1 _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
