Re: [ovs-dev] [PATCH ovn] northd: Fix receiving ARP reply on non-resident chassis.

Wed, 03 Dec 2025 00:36:32 -0800 

On 02.12.2025 19:19, Dumitru Ceara wrote
> On 12/1/25 10:37 PM, Alexandra Rukomoinikova wrote:
>> Since [0], external ARP request/reply processing is performed only
>> on the HA chassis.
>>
>> In cases where the full processing of ARP request happens on chassis
>> that doesn't host DGP - ARP reply won't  be received.
>> This happens for instance in the following setup, with vif1 and ext on hv1
>> and lr-pub on hv2.
>> vif1 --- ls1 --- lr --- pub -+- ln
>>                               +- ext
>> To fix this, the restrictions are now applied only to requests.
>>
>> [0] 1b4058b9162c ("northd: Process external arps on ha chassis.")
>>
>> Reported-at: 
>> https://mail.openvswitch.org/pipermail/ovs-dev/2025-December/428133.html
>> Fixes: 1b4058b9162c ("northd: Process external arps on ha chassis.")
>> Signed-off-by: Alexandra Rukomoinikova <[email protected]>
>> ---
> Hi Alexandra,
>
> Thanks for the quick fix!  Applied to main to unblock the CI.
>
> However, I think we might need two more follow ups:
> 1. ovn-northd.at updated tests that check the flows that set
> REGBIT_EXT_ARP in S_SWITCH_IN_CHECK_PORT_SEC.
>
> 2. do we need IPv6 support too (not only in tests but also for
> processing ND_NS only on ha chassis?
>
> Would you happen to have time to look into that too?
>
> Regards,
> Dumitru
Hi Dumitru, yes, I think we should provide similar behavior for IPv6, 
I'll do that and will add some missing mentioned tests, thanks!
>
>>   northd/northd.c | 3 +--
>>   1 file changed, 1 insertion(+), 2 deletions(-)
>>
>> diff --git a/northd/northd.c b/northd/northd.c
>> index ec219a0c7..8979d9ad6 100644
>> --- a/northd/northd.c
>> +++ b/northd/northd.c
>> @@ -9746,8 +9746,7 @@ build_lswitch_arp_chassis_resident(const struct 
>> ovn_datapath *od,
>>
>>           SSET_FOR_EACH (port_name, &inports) {
>>               ds_clear(&match);
>> -            ds_put_format(&match, "(arp.op == 1 || arp.op == 2) "
>> -                                  "&& inport == %s",
>> +            ds_put_format(&match, "arp.op == 1 && inport == %s",
>>                             port_name);
>>               ovn_lflow_add(lflows, od, S_SWITCH_IN_CHECK_PORT_SEC, 75,
>>                             ds_cstr(&match), REGBIT_EXT_ARP " = 1; next;",


-- 
regards,
Alexandra.

_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Reply via email to