From patchwork Fri Sep 4 23:09:51 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ben Pfaff X-Patchwork-Id: 514771 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from archives.nicira.com (li376-54.members.linode.com [96.126.127.54]) by ozlabs.org (Postfix) with ESMTP id E351014028F for ; Sat, 5 Sep 2015 09:10:00 +1000 (AEST) Received: from archives.nicira.com (localhost [127.0.0.1]) by archives.nicira.com (Postfix) with ESMTP id 0BB4310998; Fri, 4 Sep 2015 16:09:59 -0700 (PDT) X-Original-To: dev@openvswitch.org Delivered-To: dev@openvswitch.org Received: from mx1e4.cudamail.com (mx1.cudamail.com [69.90.118.67]) by archives.nicira.com (Postfix) with ESMTPS id 674D110996 for ; Fri, 4 Sep 2015 16:09:58 -0700 (PDT) Received: from bar5.cudamail.com (unknown [192.168.21.12]) by mx1e4.cudamail.com (Postfix) with ESMTPS id 8DE5A1E02D7 for ; Fri, 4 Sep 2015 17:09:57 -0600 (MDT) X-ASG-Debug-ID: 1441408195-09eadd06967db60001-byXFYA Received: from mx1-pf1.cudamail.com ([192.168.24.1]) by bar5.cudamail.com with ESMTP id CgvAtjiKxd890M2V (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 04 Sep 2015 17:09:55 -0600 (MDT) X-Barracuda-Envelope-From: blp@nicira.com X-Barracuda-RBL-Trusted-Forwarder: 192.168.24.1 Received: from unknown (HELO mail-pa0-f49.google.com) (209.85.220.49) by mx1-pf1.cudamail.com with ESMTPS (RC4-SHA encrypted); 4 Sep 2015 23:09:55 -0000 Received-SPF: unknown (mx1-pf1.cudamail.com: Multiple SPF records returned) X-Barracuda-RBL-Trusted-Forwarder: 209.85.220.49 Received: by pacfv12 with SMTP id fv12so37594676pac.2 for ; Fri, 04 Sep 2015 16:09:54 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-type:content-disposition:in-reply-to :user-agent; bh=kQA/TqG6CD4YALrg0J3e9qW3fTMO7Tq02zuKGiv3jl4=; b=ESj3wknSqW8a43OVk6bK5WANNBJm50kqeXdrQHqubW2YWdsq26XRjmF/FuM3P7BexR DyzUkqIJQzCIBsjUM4iHlB8FU0FmEYz0XOPuz7EmnKc19FkPwDhG3WUcBmnSIZV0fCb5 62h5pY8gS1oRiF47XhYPIcp+wV+FzG/X9J9+U7c4/AZkzhon1ZwEiGz5CUSWkplPxNZG GjadtACwKzNWtWcaiop5Ie4nwqMzrKZsxgeWVasuv43TymDh8rZihGFHvQ/7KfyPiOWe bEqLc8fgbXNwhVFOJ9kaKmudV+cSs5ypokJsaiv3fajTwKdxg6ifkvPhXfr93q5jO/CX d8Bg== X-Gm-Message-State: ALoCoQnWdMo5YwO5uxjUP9wzAdPyBb+XKUcWp/mt85V+wg7V623wF9ynJIeAz7pJPJp4QlTMmosZ X-Received: by 10.66.250.226 with SMTP id zf2mr13429517pac.20.1441408194157; Fri, 04 Sep 2015 16:09:54 -0700 (PDT) Received: from nicira.com ([208.91.2.4]) by smtp.gmail.com with ESMTPSA id w4sm3713425pdj.60.2015.09.04.16.09.52 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 04 Sep 2015 16:09:52 -0700 (PDT) Date: Fri, 4 Sep 2015 16:09:51 -0700 X-Barracuda-Apparent-Source-IP: 208.91.2.4 X-CudaMail-Envelope-Sender: blp@nicira.com From: Ben Pfaff To: Pravin Shelar X-CudaMail-Whitelist-To: dev@openvswitch.org X-CudaMail-MID: CM-E1-903075303 X-CudaMail-DTE: 090415 X-CudaMail-Originating-IP: 209.85.220.49 Message-ID: <20150904230951.GA22502@nicira.com> X-ASG-Orig-Subj: [##CM-E1-903075303##]Re: [ovs-dev] [PATCH] tnl-ports: Add destination IP and MAC address to the match. References: <1441252995-1445-1-git-send-email-pshelar@nicira.com> <20150904205032.GR24627@nicira.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) X-Barracuda-Connect: UNKNOWN[192.168.24.1] X-Barracuda-Start-Time: 1441408195 X-Barracuda-Encrypted: DHE-RSA-AES256-SHA X-Barracuda-URL: https://web.cudamail.com:443/cgi-mod/mark.cgi X-ASG-Whitelist: Header =?UTF-8?B?eFwtY3VkYW1haWxcLXdoaXRlbGlzdFwtdG8=?= X-Virus-Scanned: by bsmtpd at cudamail.com X-Barracuda-BRTS-Status: 1 Cc: "dev@openvswitch.org" Subject: Re: [ovs-dev] [PATCH] tnl-ports: Add destination IP and MAC address to the match. X-BeenThere: dev@openvswitch.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@openvswitch.org Sender: "dev" On Fri, Sep 04, 2015 at 02:02:56PM -0700, Pravin Shelar wrote: > On Fri, Sep 4, 2015 at 1:50 PM, Ben Pfaff wrote: > > On Wed, Sep 02, 2015 at 09:03:15PM -0700, Pravin B Shelar wrote: > >> Currently tnl-port table wildcard destination ip and mac addresses > >> for given tunnel packet. That could result accepting tunnel > >> packets destined for other hosts. Following patch adds > >> support for matching for ip and mac address. > >> IP address upates to tnl-port table are piggybacked on > >> ovs-router updates. > >> > >> Reported-by: Ben Pfaff > >> Signed-off-by: Pravin B Shelar > > > > When I substitute this for my patch "ovn-controller: Attach local_ip to > > each tunnel." in my series at > > https://github.com/blp/ovs-reviews/tree/ovn-sandbox4, or if I use the > > two together, I get tons of dropped packets in the test that that series > > adds. With just my patch, it passes consistently. > > > > I haven't read the code in this patch yet. I'll try to figure what's > > happening. > > > > I guess it is missing /32 route for the interface ip-address. > On Linux every net-device has this route set. for example if you > configure 1.1.1.1 on br0, there would be a route 1.1.1.1/32. This > route is used to configure tnl-port table ip-address. If that does not > exist then OVS will drop these packet. > So for ovs-dummy netdevices you need to explicitly set these entries > in ovs-router, so that tnl-port table can use it. You can have look at > diff for tests/tunnel-push-pop.at. OK, that's the problem then. Now it works. Tested-by: Ben Pfaff It seems weird that I need the same route with two different prefix lengths though. I think you should fold this into your patch to fix up ovs-sim: diff --git a/utilities/ovs-sim.in b/utilities/ovs-sim.in index 2d9d66d..7aa9c7f 100755 --- a/utilities/ovs-sim.in +++ b/utilities/ovs-sim.in @@ -293,6 +293,7 @@ EOF ovs-appctl netdev-dummy/ip4addr $bridge $ip/$masklen >/dev/null ovs-appctl ovs/route/add $ip/$masklen $bridge > /dev/null + ovs-appctl ovs/route/add $ip/32 $bridge > /dev/null ovs-vsctl \ -- set Open_vSwitch . external-ids:system-id=$sandbox \ -- set Open_vSwitch . external-ids:ovn-remote=unix:$sim_base/ovn-sb/ovn-sb.sock \