Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/1528603/?format=api
{ "id": 1528603, "url": "http://patchwork.ozlabs.org/api/patches/1528603/?format=api", "web_url": "http://patchwork.ozlabs.org/project/ovn/patch/20210916000624.1609-4-odivlad@gmail.com/", "project": { "id": 68, "url": "http://patchwork.ozlabs.org/api/projects/68/?format=api", "name": "Open Virtual Network development", "link_name": "ovn", "list_id": "ovs-dev.openvswitch.org", "list_email": "ovs-dev@openvswitch.org", "web_url": "http://openvswitch.org/", "scm_url": "", "webscm_url": "", "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20210916000624.1609-4-odivlad@gmail.com>", "list_archive_url": null, "date": "2021-09-16T00:06:24", "name": "[ovs-dev,3/3] northd: support HW VTEP with stateful datapath", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "83be7f56b469af090bd5b1b158a4d7c877981908", "submitter": { "id": 80943, "url": "http://patchwork.ozlabs.org/api/people/80943/?format=api", "name": "Vladislav Odintsov", "email": "odivlad@gmail.com" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/ovn/patch/20210916000624.1609-4-odivlad@gmail.com/mbox/", "series": [ { "id": 262530, "url": "http://patchwork.ozlabs.org/api/series/262530/?format=api", "web_url": "http://patchwork.ozlabs.org/project/ovn/list/?series=262530", "date": "2021-09-16T00:06:21", "name": "controller-vtep: stateful datapath bugfix & add new test", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/262530/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/1528603/comments/", "check": "fail", "checks": "http://patchwork.ozlabs.org/api/patches/1528603/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<ovs-dev-bounces@openvswitch.org>", "X-Original-To": [ "incoming@patchwork.ozlabs.org", "dev@openvswitch.org" ], "Delivered-To": [ "patchwork-incoming@ozlabs.org", "ovs-dev@lists.linuxfoundation.org" ], "Authentication-Results": [ "ozlabs.org;\n\tdkim=fail reason=\"signature verification failed\" (2048-bit key;\n unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256\n header.s=20210112 header.b=J1aoAb7M;\n\tdkim-atps=neutral", "ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org\n (client-ip=140.211.166.137; helo=smtp4.osuosl.org;\n envelope-from=ovs-dev-bounces@openvswitch.org; receiver=<UNKNOWN>)", "smtp2.osuosl.org (amavisd-new);\n dkim=pass (2048-bit key) header.d=gmail.com" ], "Received": [ "from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest\n SHA256)\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 4H8y7g5zwWz9t0J\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 16 Sep 2021 10:07:11 +1000 (AEST)", "from localhost (localhost [127.0.0.1])\n\tby smtp4.osuosl.org (Postfix) with ESMTP id D7E67406BD;\n\tThu, 16 Sep 2021 00:07:09 +0000 (UTC)", "from smtp4.osuosl.org ([127.0.0.1])\n\tby localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)\n\twith ESMTP id Gd9vAK2JwKXo; Thu, 16 Sep 2021 00:07:09 +0000 (UTC)", "from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56])\n\tby smtp4.osuosl.org (Postfix) with ESMTPS id D5F9140714;\n\tThu, 16 Sep 2021 00:07:07 +0000 (UTC)", "from lf-lists.osuosl.org (localhost [127.0.0.1])\n\tby lists.linuxfoundation.org (Postfix) with ESMTP id B3B7CC0011;\n\tThu, 16 Sep 2021 00:07:07 +0000 (UTC)", "from smtp2.osuosl.org (smtp2.osuosl.org [IPv6:2605:bc80:3010::133])\n by lists.linuxfoundation.org (Postfix) with ESMTP id 85ED0C000D\n for <dev@openvswitch.org>; Thu, 16 Sep 2021 00:07:06 +0000 (UTC)", "from localhost (localhost [127.0.0.1])\n by smtp2.osuosl.org (Postfix) with ESMTP id A0BB140608\n for <dev@openvswitch.org>; Thu, 16 Sep 2021 00:06:59 +0000 (UTC)", "from smtp2.osuosl.org ([127.0.0.1])\n by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)\n with ESMTP id FivpbyJCtYJw for <dev@openvswitch.org>;\n Thu, 16 Sep 2021 00:06:58 +0000 (UTC)", "from mail-lf1-x133.google.com (mail-lf1-x133.google.com\n [IPv6:2a00:1450:4864:20::133])\n by smtp2.osuosl.org (Postfix) with ESMTPS id AD97F40625\n for <dev@openvswitch.org>; Thu, 16 Sep 2021 00:06:57 +0000 (UTC)", "by mail-lf1-x133.google.com with SMTP id k4so11233789lfj.7\n for <dev@openvswitch.org>; Wed, 15 Sep 2021 17:06:57 -0700 (PDT)", "from localhost.localdomain (109-252-131-59.dynamic.spd-mgts.ru.\n [109.252.131.59])\n by smtp.gmail.com with ESMTPSA id 207sm157486ljf.41.2021.09.15.17.06.55\n (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);\n Wed, 15 Sep 2021 17:06:55 -0700 (PDT)" ], "X-Virus-Scanned": [ "amavisd-new at osuosl.org", "amavisd-new at osuosl.org" ], "X-Greylist": "whitelisted by SQLgrey-1.8.0", "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;\n h=from:to:cc:subject:date:message-id:in-reply-to:references\n :mime-version:content-transfer-encoding;\n bh=2nn5T0K5i6Bg09dmlqiCiJPD3Pj9zsxlj+MIby0imwQ=;\n b=J1aoAb7M182l/s40p0kjBl+oA7gUwUq3Gv88IJIEFxGIrPn1Jg1/XKUOZciJ842eLp\n d83SXB1EPYPXWjvCQhkdL/b/NbRKj+qQGfoAdQWmOC74Cv8AS9fVN/e/U6qWPYlRqUYM\n zHfTU5D9o1MuNe0W3lRdIFeN54TbgbYrG/Jk1bNwxhtpZ/s7qqvu/490U2+4E5VqrMt5\n g9DvQuJOsBSwmEBv//mTihWouFAiIWNJbUHuKSlkJRgIGfVyGcxmrlgHMfAdfnuPxnVv\n hVsC3K4Nn/+e3HtfjgQVvIZ5Ppe/z37XnjJgkvlpclCMP8F2V9fCRpM3GREHd0c4z3Lz\n o1IA==", "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20210112;\n h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to\n :references:mime-version:content-transfer-encoding;\n bh=2nn5T0K5i6Bg09dmlqiCiJPD3Pj9zsxlj+MIby0imwQ=;\n b=Ir0cB1yx8b/7xlT7Fr424HelAvO9xT8D9zNqUUiLoZQOR5hSZoGws+XcwXhfC3one7\n 7X1I7N3mKRLr/Q83Xr9Y15FZOpKLLd5cK4wYMObHamE5ynrhfpa4kDoyPJrmsCrCAnlR\n 7wh3mW8yd1wyj5lKk+axymCa24LvqWFqo4rZtChbWrBL77swEzsAV4p12UCIq5lDjP+1\n i0sXo7CtdM18g+y+E/MmmH7pcifhJ9g6vcIx0oqd5AGcwYUoOaMiqKck3bpJPBRCHCQv\n 9xvM/wZplbPpWeOqOG7907a9IsOZsUdq9KfrSa6/Vc17eeRCDf93tcZ7t2+8k90Hv8gk\n cHcA==", "X-Gm-Message-State": "AOAM531Di7bYAhA7xwFt63VqTLWy0DIjf/YVxf9OYSad91UX0JfoAINy\n gVDuU8R78xflNma4WAYcC6RkcActNBc=", "X-Google-Smtp-Source": "\n ABdhPJzgABSaSc9SqFTlkrUOrH1A1qZdbm5wlJWvBKmZrTlYuQ376H8W7oJzhGSSf0NGbmNs5rgdnQ==", "X-Received": "by 2002:ac2:5fe9:: with SMTP id s9mr1871206lfg.600.1631750815504;\n Wed, 15 Sep 2021 17:06:55 -0700 (PDT)", "From": "Vladislav Odintsov <odivlad@gmail.com>", "To": "dev@openvswitch.org", "Date": "Thu, 16 Sep 2021 03:06:24 +0300", "Message-Id": "<20210916000624.1609-4-odivlad@gmail.com>", "X-Mailer": "git-send-email 2.30.0", "In-Reply-To": "<20210916000624.1609-1-odivlad@gmail.com>", "References": "<20210916000624.1609-1-odivlad@gmail.com>", "MIME-Version": "1.0", "Cc": "Vladislav Odintsov <odivlad@gmail.com>", "Subject": "[ovs-dev] [PATCH ovn 3/3] northd: support HW VTEP with stateful\n\tdatapath", "X-BeenThere": "ovs-dev@openvswitch.org", "X-Mailman-Version": "2.1.15", "Precedence": "list", "List-Id": "<ovs-dev.openvswitch.org>", "List-Unsubscribe": "<https://mail.openvswitch.org/mailman/options/ovs-dev>,\n <mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe>", "List-Archive": "<http://mail.openvswitch.org/pipermail/ovs-dev/>", "List-Post": "<mailto:ovs-dev@openvswitch.org>", "List-Help": "<mailto:ovs-dev-request@openvswitch.org?subject=help>", "List-Subscribe": "<https://mail.openvswitch.org/mailman/listinfo/ovs-dev>,\n <mailto:ovs-dev-request@openvswitch.org?subject=subscribe>", "Content-Type": "text/plain; charset=\"us-ascii\"", "Content-Transfer-Encoding": "7bit", "Errors-To": "ovs-dev-bounces@openvswitch.org", "Sender": "\"dev\" <ovs-dev-bounces@openvswitch.org>" }, "content": "A packet going from HW VTEP device to VIF port when arrives to\nhypervisor chassis should go through LS ingress pipeline to l2_lkp\nstage without any match. In l2_lkp stage an output port is\ndetermined and then packet passed to LS egress pipeline for futher\nprocessing and to VIF port delivery.\n\nPrior to this commit a packet, which was received from HW VTEP\ndevice was dropped in an LS ingress datapath, where stateful services\nwere defined (ACLs, LBs).\n\nTo fix this issue we add a special flag-bit which can be used in LS\npipelines, to check whether the packet came from HW VTEP devices.\nIn ls_in_pre_acl and ls_in_pre_lb we add new flow with priority 110\nto skip such packets.\n\nSigned-off-by: Vladislav Odintsov <odivlad@gmail.com>\n---\nPlease note: I've got no experience in DDLog and have no ability to extensively\n test these changes.\n Just local ./configure --with-ddlog=...; make; make check was run\n It seems, that only irrelevant to these changes tests were failed.\n---\n northd/ovn-northd.c | 14 ++++++++++++++\n northd/ovn_northd.dl | 33 +++++++++++++++++++++++++++++++--\n tests/ovn-northd.at | 2 ++\n 3 files changed, 47 insertions(+), 2 deletions(-)", "diff": "diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c\nindex 0ee2ba221..2a795d9e1 100644\n--- a/northd/ovn-northd.c\n+++ b/northd/ovn-northd.c\n@@ -236,6 +236,7 @@ enum ovn_stage {\n #define REGBIT_LKUP_FDB \"reg0[11]\"\n #define REGBIT_HAIRPIN_REPLY \"reg0[12]\"\n #define REGBIT_ACL_LABEL \"reg0[13]\"\n+#define REGBIT_FROM_RAMP \"reg0[14]\"\n \n #define REG_ORIG_DIP_IPV4 \"reg1\"\n #define REG_ORIG_DIP_IPV6 \"xxreg1\"\n@@ -5175,6 +5176,11 @@ build_lswitch_input_port_sec_op(\n if (queue_id) {\n ds_put_format(actions, \"set_queue(%s); \", queue_id);\n }\n+\n+ if (!strcmp(op->nbsp->type, \"vtep\")) {\n+ ds_put_format(actions, REGBIT_FROM_RAMP\" = 1; \");\n+ }\n+\n ds_put_cstr(actions, \"next;\");\n ovn_lflow_add_with_lport_and_hint(lflows, op->od, S_SWITCH_IN_PORT_SEC_L2,\n 50, ds_cstr(match), ds_cstr(actions),\n@@ -5422,6 +5428,10 @@ build_pre_acls(struct ovn_datapath *od, struct hmap *port_groups,\n \"nd || nd_rs || nd_ra || mldv1 || mldv2 || \"\n \"(udp && udp.src == 546 && udp.dst == 547)\", \"next;\");\n \n+ /* Do not send coming from RAMP switch packets to conntrack. */\n+ ovn_lflow_add(lflows, od, S_SWITCH_IN_PRE_ACL, 110,\n+ REGBIT_FROM_RAMP\" == 1\", \"next;\");\n+\n /* Ingress and Egress Pre-ACL Table (Priority 100).\n *\n * Regardless of whether the ACL is \"from-lport\" or \"to-lport\",\n@@ -5526,6 +5536,10 @@ build_pre_lb(struct ovn_datapath *od, struct hmap *lflows,\n ovn_lflow_add(lflows, od, S_SWITCH_OUT_PRE_LB, 110,\n \"eth.src == $svc_monitor_mac\", \"next;\");\n \n+ /* Do not send coming from RAMP switch packets to conntrack. */\n+ ovn_lflow_add(lflows, od, S_SWITCH_IN_PRE_LB, 110,\n+ REGBIT_FROM_RAMP\" == 1\", \"next;\");\n+\n /* Allow all packets to go to next tables by default. */\n ovn_lflow_add(lflows, od, S_SWITCH_IN_PRE_LB, 0, \"1\", \"next;\");\n ovn_lflow_add(lflows, od, S_SWITCH_OUT_PRE_LB, 0, \"1\", \"next;\");\ndiff --git a/northd/ovn_northd.dl b/northd/ovn_northd.dl\nindex d91f8111f..5b4ae980a 100644\n--- a/northd/ovn_northd.dl\n+++ b/northd/ovn_northd.dl\n@@ -1622,6 +1622,7 @@ function rEGBIT_ACL_HINT_BLOCK() : string = \"reg0[10]\"\n function rEGBIT_LKUP_FDB() : string = \"reg0[11]\"\n function rEGBIT_HAIRPIN_REPLY() : string = \"reg0[12]\"\n function rEGBIT_ACL_LABEL() : string = \"reg0[13]\"\n+function rEGBIT_FROM_RAMP() : string = \"reg0[14]\"\n \n function rEG_ORIG_DIP_IPV4() : string = \"reg1\"\n function rEG_ORIG_DIP_IPV6() : string = \"xxreg1\"\n@@ -2058,6 +2059,16 @@ for (&Switch(._uuid = ls_uuid, .has_stateful_acl = true)) {\n .io_port = None,\n .controller_meter = None);\n \n+ /* Do not send coming from RAMP switch packets to conntrack. */\n+ Flow(.logical_datapath = ls_uuid,\n+ .stage = s_SWITCH_IN_PRE_ACL(),\n+ .priority = 110,\n+ .__match = i\"${rEGBIT_FROM_RAMP()} == 1\",\n+ .actions = i\"next;\",\n+ .stage_hint = 0,\n+ .io_port = None,\n+ .controller_meter = None);\n+\n /* Ingress and Egress Pre-ACL Table (Priority 100).\n *\n * Regardless of whether the ACL is \"from-lport\" or \"to-lport\",\n@@ -2124,6 +2135,16 @@ for (&Switch(._uuid = ls_uuid)) {\n .io_port = None,\n .controller_meter = None);\n \n+ /* Do not send coming from RAMP switch packets to conntrack. */\n+ Flow(.logical_datapath = ls_uuid,\n+ .stage = s_SWITCH_IN_PRE_LB(),\n+ .priority = 110,\n+ .__match = i\"${rEGBIT_FROM_RAMP()} == 1\",\n+ .actions = i\"next;\",\n+ .stage_hint = 0,\n+ .io_port = None,\n+ .controller_meter = None);\n+\n /* Allow all packets to go to next tables by default. */\n Flow(.logical_datapath = ls_uuid,\n .stage = s_SWITCH_IN_PRE_LB(),\n@@ -3370,10 +3391,18 @@ for (&SwitchPort(.lsp = lsp, .sw = sw, .json_name = json_name, .ps_eth_addresses\n } else {\n i\"inport == ${json_name} && eth.src == {${ps_eth_addresses.join(\\\" \\\")}}\"\n } in\n- var actions = match (pbinding.options.get(\"qdisc_queue_id\")) {\n+ var actions = {\n+ var ramp = if (lsp.__type == \"vtep\") {\n+ i\"${rEGBIT_FROM_RAMP()} = 1; \"\n+ } else {\n+ i\"\"\n+ };\n+ var queue = match (pbinding.options.get(\"qdisc_queue_id\")) {\n None -> i\"next;\",\n Some{id} -> i\"set_queue(${id}); next;\"\n- } in\n+ };\n+ i\"${ramp}${queue}\"\n+ } in\n Flow(.logical_datapath = sw._uuid,\n .stage = s_SWITCH_IN_PORT_SEC_L2(),\n .priority = 50,\ndiff --git a/tests/ovn-northd.at b/tests/ovn-northd.at\nindex 26bb940aa..655e29b61 100644\n--- a/tests/ovn-northd.at\n+++ b/tests/ovn-northd.at\n@@ -3589,6 +3589,7 @@ check_stateful_flows() {\n table=6 (ls_in_pre_lb ), priority=110 , match=(eth.dst == $svc_monitor_mac), action=(next;)\n table=6 (ls_in_pre_lb ), priority=110 , match=(ip && inport == \"sw0-lr0\"), action=(next;)\n table=6 (ls_in_pre_lb ), priority=110 , match=(nd || nd_rs || nd_ra || mldv1 || mldv2), action=(next;)\n+ table=6 (ls_in_pre_lb ), priority=110 , match=(reg0[[14]] == 1), action=(next;)\n ])\n \n AT_CHECK([grep \"ls_in_pre_stateful\" sw0flows | sort], [0], [dnl\n@@ -3652,6 +3653,7 @@ AT_CHECK([grep \"ls_in_pre_lb\" sw0flows | sort], [0], [dnl\n table=6 (ls_in_pre_lb ), priority=110 , match=(eth.dst == $svc_monitor_mac), action=(next;)\n table=6 (ls_in_pre_lb ), priority=110 , match=(ip && inport == \"sw0-lr0\"), action=(next;)\n table=6 (ls_in_pre_lb ), priority=110 , match=(nd || nd_rs || nd_ra || mldv1 || mldv2), action=(next;)\n+ table=6 (ls_in_pre_lb ), priority=110 , match=(reg0[[14]] == 1), action=(next;)\n ])\n \n AT_CHECK([grep \"ls_in_pre_stateful\" sw0flows | sort], [0], [dnl\n", "prefixes": [ "ovs-dev", "3/3" ] }