From patchwork Thu Jan 16 15:37:14 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dumitru Ceara X-Patchwork-Id: 1224295 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.138; helo=whitealder.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=redhat.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=i4mbrbgn; dkim-atps=neutral Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47z7cG4rytz9sR1 for ; Fri, 17 Jan 2020 02:37:34 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id EACB686AB8; Thu, 16 Jan 2020 15:37:32 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oDEUnzXddQhG; Thu, 16 Jan 2020 15:37:26 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by whitealder.osuosl.org (Postfix) with ESMTP id 8407A86AFF; Thu, 16 Jan 2020 15:37:26 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 59A24C1D8B; Thu, 16 Jan 2020 15:37:26 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id A6AB4C1D8B for ; Thu, 16 Jan 2020 15:37:24 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 8FC4387B0E for ; Thu, 16 Jan 2020 15:37:24 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yA9he87cjG4T for ; Thu, 16 Jan 2020 15:37:22 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by hemlock.osuosl.org (Postfix) with ESMTPS id E2E5B85EE7 for ; Thu, 16 Jan 2020 15:37:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1579189040; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=qMxE1jXN/BhQDjaAKe8EYYSWl0CG1dGgbJQ5Lf3BiWs=; b=i4mbrbgnMiE/E1tKhlT/rp1Fb3VyPvL9136Okt4EXE5sHK+Ovu0XTTkjN/SXzqIc/gmXzG VsWG+KjZ3gTJG4/DCqTBR8+NbD5VJJQiPggzspnhO2dwM7WPaxe1ROhnoK4McFHDlqr/u/ dJUtOyc1sToYCo3TLfADBnYZz7bcB1c= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-173-E75GXAq9MD-WoXa55DvDAQ-1; Thu, 16 Jan 2020 10:37:19 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id BC68D94C74 for ; Thu, 16 Jan 2020 15:37:17 +0000 (UTC) Received: from dceara.remote.csb (ovpn-117-169.ams2.redhat.com [10.36.117.169]) by smtp.corp.redhat.com (Postfix) with ESMTP id 43AD91001902 for ; Thu, 16 Jan 2020 15:37:17 +0000 (UTC) From: Dumitru Ceara To: dev@openvswitch.org Date: Thu, 16 Jan 2020 16:37:14 +0100 Message-Id: <20200116153659.18804.90013.stgit@dceara.remote.csb> In-Reply-To: <20200116153647.18804.17834.stgit@dceara.remote.csb> References: <20200116153647.18804.17834.stgit@dceara.remote.csb> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-MC-Unique: E75GXAq9MD-WoXa55DvDAQ-1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Subject: [ovs-dev] [PATCH ovn 1/2] ovn-northd: Fix Pre-LB logical flows with IPv4 and IPv6. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" When both IPv4 and IPv6 load balancers were configured, the logical flows that send packets that need to be load balanced to conntrack (for defragmentation) were incorrectly trying to match on IPv6 fields. Fix this issue by using two address sets, one for IPv4 and the other for IPv6. Signed-off-by: Dumitru Ceara --- northd/ovn-northd.c | 29 +++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index b6dc809..4ac9668 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -4654,13 +4654,14 @@ build_pre_lb(struct ovn_datapath *od, struct hmap *lflows, ovn_lflow_add(lflows, od, S_SWITCH_IN_PRE_LB, 0, "1", "next;"); ovn_lflow_add(lflows, od, S_SWITCH_OUT_PRE_LB, 0, "1", "next;"); - struct sset all_ips = SSET_INITIALIZER(&all_ips); + struct sset all_ips_v4 = SSET_INITIALIZER(&all_ips_v4); + struct sset all_ips_v6 = SSET_INITIALIZER(&all_ips_v6); bool vip_configured = false; - int addr_family = AF_INET; for (int i = 0; i < od->nbs->n_load_balancer; i++) { struct nbrec_load_balancer *lb = od->nbs->load_balancer[i]; struct smap *vips = &lb->vips; struct smap_node *node; + int addr_family = AF_INET; SMAP_FOR_EACH (node, vips) { vip_configured = true; @@ -4674,8 +4675,10 @@ build_pre_lb(struct ovn_datapath *od, struct hmap *lflows, continue; } - if (!sset_contains(&all_ips, ip_address)) { - sset_add(&all_ips, ip_address); + if (addr_family == AF_INET) { + sset_add(&all_ips_v4, ip_address); + } else { + sset_add(&all_ips_v6, ip_address); } build_empty_lb_event_flow(od, lflows, node, ip_address, lb, @@ -4694,20 +4697,22 @@ build_pre_lb(struct ovn_datapath *od, struct hmap *lflows, /* 'REGBIT_CONNTRACK_DEFRAG' is set to let the pre-stateful table send * packet to conntrack for defragmentation. */ const char *ip_address; - SSET_FOR_EACH(ip_address, &all_ips) { - char *match; + SSET_FOR_EACH (ip_address, &all_ips_v4) { + char *match = xasprintf("ip && ip4.dst == %s", ip_address); + ovn_lflow_add(lflows, od, S_SWITCH_IN_PRE_LB, + 100, match, REGBIT_CONNTRACK_DEFRAG" = 1; next;"); + free(match); + } - if (addr_family == AF_INET) { - match = xasprintf("ip && ip4.dst == %s", ip_address); - } else { - match = xasprintf("ip && ip6.dst == %s", ip_address); - } + SSET_FOR_EACH (ip_address, &all_ips_v6) { + char *match = xasprintf("ip && ip6.dst == %s", ip_address); ovn_lflow_add(lflows, od, S_SWITCH_IN_PRE_LB, 100, match, REGBIT_CONNTRACK_DEFRAG" = 1; next;"); free(match); } - sset_destroy(&all_ips); + sset_destroy(&all_ips_v4); + sset_destroy(&all_ips_v6); if (vip_configured) { ovn_lflow_add(lflows, od, S_SWITCH_OUT_PRE_LB,