Re: [ovs-dev] [PATCH v2 ovn] northd: do not centralize FIP traffic if redirect-type is set to fixed
On 3/22/23 10:13, Dumitru Ceara wrote: > On 9/30/22 12:43, Dumitru Ceara wrote: >> On 9/29/22 20:23, Mark Michelson wrote: >>> Thanks Lorenzo, >>> >>> Acked-by: Mark Michelson >> >> Thanks, Lorenzo and Mark! >> >> I applied this to the main branch. > > We received a request to backport this bug fix all the way down to > branch-21.12 (from Luis in CC). I'm planning to do that but I'll wait a > day or two to give people some time to raise any points they may have. > I backported this all the way down to branch-21.12. Regards, Dumitru ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH v2 ovn] northd: do not centralize FIP traffic if redirect-type is set to fixed
On 9/30/22 12:43, Dumitru Ceara wrote: > On 9/29/22 20:23, Mark Michelson wrote: >> Thanks Lorenzo, >> >> Acked-by: Mark Michelson > > Thanks, Lorenzo and Mark! > > I applied this to the main branch. We received a request to backport this bug fix all the way down to branch-21.12 (from Luis in CC). I'm planning to do that but I'll wait a day or two to give people some time to raise any points they may have. Regards, Dumitru ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH v2 ovn] northd: do not centralize FIP traffic if redirect-type is set to fixed
On 9/29/22 20:23, Mark Michelson wrote: > Thanks Lorenzo, > > Acked-by: Mark Michelson Thanks, Lorenzo and Mark! I applied this to the main branch. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH v2 ovn] northd: do not centralize FIP traffic if redirect-type is set to fixed
Thanks Lorenzo,
Acked-by: Mark Michelson
On 9/28/22 11:13, Lorenzo Bianconi wrote:
Keep FIP traffic distributed and do not centralize it even if the
CMS sets redirect-type option to bridged for distributed gateway port.
Tested-by: Jianlin Shi
Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=2007120
Signed-off-by: Lorenzo Bianconi
---
Changes since v1:
- add unit-test
- fix typos
---
northd/northd.c | 29 +
northd/northd.h | 2 ++
northd/ovn-northd.8.xml | 17 +
tests/ovn-northd.at | 37 +
4 files changed, 85 insertions(+)
diff --git a/northd/northd.c b/northd/northd.c
index 84440a47f..a60467963 100644
--- a/northd/northd.c
+++ b/northd/northd.c
@@ -2616,6 +2616,13 @@ join_logical_ports(struct northd_input *input_data,
op->od = od;
ovs_list_push_back(>port_list, >dp_node);
+if (!od->redirect_bridged) {
+const char *redirect_type =
+smap_get(>options, "redirect-type");
+od->redirect_bridged =
+redirect_type && !strcasecmp(redirect_type, "bridged");
+}
+
if (op->nbrp->ha_chassis_group ||
op->nbrp->n_gateway_chassis) {
/* Additional "derived" ovn_port crp represents the
@@ -13731,6 +13738,28 @@ build_lrouter_nat_defrag_and_lb(struct ovn_datapath
*od, struct hmap *lflows,
100, ds_cstr(match),
ds_cstr(actions),
>header_);
+if (od->redirect_bridged && distributed) {
+ds_clear(match);
+ds_put_format(
+match,
+"outport == %s && ip%s.src == %s "
+"&& is_chassis_resident(\"%s\")",
+od->l3dgw_ports[0]->json_key,
+is_v6 ? "6" : "4", nat->logical_ip,
+nat->logical_port);
+ds_clear(actions);
+if (is_v6) {
+ds_put_cstr(actions,
+"get_nd(outport, " REG_NEXT_HOP_IPV6 "); next;");
+} else {
+ds_put_cstr(actions,
+"get_arp(outport, " REG_NEXT_HOP_IPV4 "); next;");
+}
+ovn_lflow_add_with_hint(lflows, od,
+S_ROUTER_IN_ARP_RESOLVE, 90,
+ds_cstr(match), ds_cstr(actions),
+>header_);
+}
sset_add(_entries, nat->external_ip);
}
}
diff --git a/northd/northd.h b/northd/northd.h
index aa9a3ae6e..60601803f 100644
--- a/northd/northd.h
+++ b/northd/northd.h
@@ -229,6 +229,8 @@ struct ovn_datapath {
size_t n_nat_entries;
bool has_distributed_nat;
+/* router datapath has a logical port with redirect-type set to bridged. */
+bool redirect_bridged;
/* Set of nat external ips on the router. */
struct sset external_ips;
diff --git a/northd/ovn-northd.8.xml b/northd/ovn-northd.8.xml
index d9e9a7345..009a380bd 100644
--- a/northd/ovn-northd.8.xml
+++ b/northd/ovn-northd.8.xml
@@ -4053,6 +4053,23 @@ outport = P
+
+
+ If the router datapath runs a port with redirect-type
+ set to bridged, for each distributed NAT rule with IP
+ A in the
+ column
+ and logical port P in the
+ column
+ of table, a priority-90 flow
+ with the match outport == Q ip.src ===
+ A is_chassis_resident(P),
+ where Q is the distributed logical router port and
+ action get_arp(outport, reg0); next; for IPv4 and
+ get_nd(outport, xxreg0); next; for IPv6.
+
+
+
Traffic with IP destination an address owned by the router should be
diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at
index 093e01c6d..a210fc575 100644
--- a/tests/ovn-northd.at
+++ b/tests/ovn-northd.at
@@ -7861,3 +7861,40 @@ check_column "" sb:load_balancer datapaths name=lb0
AT_CLEANUP
])
+
+AT_SETUP([check fip flows with redirect-type bridged])
+AT_KEYWORDS([fip-redirect-type-bridged])
+ovn_start
+
+ovn-nbctl lr-add R1
+ovn-nbctl lrp-add R1 R1-S0 02:ac:10:01:00:01 10.0.0.1/24 1000::a/64
+ovn-nbctl lrp-add R1 R1-PUB 02:ac:20:01:01:01 172.16.0.1/24 3000::a/64
+ovn-nbctl lrp-set-gateway-chassis R1-PUB hv1 20
+
+ovn-nbctl ls-add S0
+ovn-nbctl lsp-add S0 S0-R1
+ovn-nbctl lsp-set-type S0-R1 router
+ovn-nbctl lsp-set-addresses S0-R1 02:ac:10:01:00:01
+ovn-nbctl lsp-set-options S0-R1 router-port=R1-S0
[ovs-dev] [PATCH v2 ovn] northd: do not centralize FIP traffic if redirect-type is set to fixed
Keep FIP traffic distributed and do not centralize it even if the
CMS sets redirect-type option to bridged for distributed gateway port.
Tested-by: Jianlin Shi
Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=2007120
Signed-off-by: Lorenzo Bianconi
---
Changes since v1:
- add unit-test
- fix typos
---
northd/northd.c | 29 +
northd/northd.h | 2 ++
northd/ovn-northd.8.xml | 17 +
tests/ovn-northd.at | 37 +
4 files changed, 85 insertions(+)
diff --git a/northd/northd.c b/northd/northd.c
index 84440a47f..a60467963 100644
--- a/northd/northd.c
+++ b/northd/northd.c
@@ -2616,6 +2616,13 @@ join_logical_ports(struct northd_input *input_data,
op->od = od;
ovs_list_push_back(>port_list, >dp_node);
+if (!od->redirect_bridged) {
+const char *redirect_type =
+smap_get(>options, "redirect-type");
+od->redirect_bridged =
+redirect_type && !strcasecmp(redirect_type, "bridged");
+}
+
if (op->nbrp->ha_chassis_group ||
op->nbrp->n_gateway_chassis) {
/* Additional "derived" ovn_port crp represents the
@@ -13731,6 +13738,28 @@ build_lrouter_nat_defrag_and_lb(struct ovn_datapath
*od, struct hmap *lflows,
100, ds_cstr(match),
ds_cstr(actions),
>header_);
+if (od->redirect_bridged && distributed) {
+ds_clear(match);
+ds_put_format(
+match,
+"outport == %s && ip%s.src == %s "
+"&& is_chassis_resident(\"%s\")",
+od->l3dgw_ports[0]->json_key,
+is_v6 ? "6" : "4", nat->logical_ip,
+nat->logical_port);
+ds_clear(actions);
+if (is_v6) {
+ds_put_cstr(actions,
+"get_nd(outport, " REG_NEXT_HOP_IPV6 "); next;");
+} else {
+ds_put_cstr(actions,
+"get_arp(outport, " REG_NEXT_HOP_IPV4 "); next;");
+}
+ovn_lflow_add_with_hint(lflows, od,
+S_ROUTER_IN_ARP_RESOLVE, 90,
+ds_cstr(match), ds_cstr(actions),
+>header_);
+}
sset_add(_entries, nat->external_ip);
}
}
diff --git a/northd/northd.h b/northd/northd.h
index aa9a3ae6e..60601803f 100644
--- a/northd/northd.h
+++ b/northd/northd.h
@@ -229,6 +229,8 @@ struct ovn_datapath {
size_t n_nat_entries;
bool has_distributed_nat;
+/* router datapath has a logical port with redirect-type set to bridged. */
+bool redirect_bridged;
/* Set of nat external ips on the router. */
struct sset external_ips;
diff --git a/northd/ovn-northd.8.xml b/northd/ovn-northd.8.xml
index d9e9a7345..009a380bd 100644
--- a/northd/ovn-northd.8.xml
+++ b/northd/ovn-northd.8.xml
@@ -4053,6 +4053,23 @@ outport = P
+
+
+ If the router datapath runs a port with redirect-type
+ set to bridged, for each distributed NAT rule with IP
+ A in the
+ column
+ and logical port P in the
+ column
+ of table, a priority-90 flow
+ with the match outport == Q ip.src ===
+ A is_chassis_resident(P),
+ where Q is the distributed logical router port and
+ action get_arp(outport, reg0); next; for IPv4 and
+ get_nd(outport, xxreg0); next; for IPv6.
+
+
+
Traffic with IP destination an address owned by the router should be
diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at
index 093e01c6d..a210fc575 100644
--- a/tests/ovn-northd.at
+++ b/tests/ovn-northd.at
@@ -7861,3 +7861,40 @@ check_column "" sb:load_balancer datapaths name=lb0
AT_CLEANUP
])
+
+AT_SETUP([check fip flows with redirect-type bridged])
+AT_KEYWORDS([fip-redirect-type-bridged])
+ovn_start
+
+ovn-nbctl lr-add R1
+ovn-nbctl lrp-add R1 R1-S0 02:ac:10:01:00:01 10.0.0.1/24 1000::a/64
+ovn-nbctl lrp-add R1 R1-PUB 02:ac:20:01:01:01 172.16.0.1/24 3000::a/64
+ovn-nbctl lrp-set-gateway-chassis R1-PUB hv1 20
+
+ovn-nbctl ls-add S0
+ovn-nbctl lsp-add S0 S0-R1
+ovn-nbctl lsp-set-type S0-R1 router
+ovn-nbctl lsp-set-addresses S0-R1 02:ac:10:01:00:01
+ovn-nbctl lsp-set-options S0-R1 router-port=R1-S0
+ovn-nbctl lsp-add S0 S0-P0
+ovn-nbctl lsp-set-addresses S0-P0 "50:54:00:00:00:03 10.0.0.3 1000::3"
+
+ovn-nbctl lr-nat-add R1
