From patchwork Tue Jul 12 11:51:03 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gurucharan Shetty <guru@ovn.org>
X-Patchwork-Id: 647649
Return-Path: <dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from archives.nicira.com (archives.nicira.com [96.126.127.54])
	by ozlabs.org (Postfix) with ESMTP id 3rpwc55mnFz9sBX
	for <incoming@patchwork.ozlabs.org>;
	Wed, 13 Jul 2016 07:49:57 +1000 (AEST)
Received: from archives.nicira.com (localhost [127.0.0.1])
	by archives.nicira.com (Postfix) with ESMTP id EF289105AC;
	Tue, 12 Jul 2016 14:49:56 -0700 (PDT)
X-Original-To: dev@openvswitch.org
Delivered-To: dev@openvswitch.org
Received: from mx3v3.cudamail.com (mx3.cudamail.com [64.34.241.5])
	by archives.nicira.com (Postfix) with ESMTPS id 7183C10201
	for <dev@openvswitch.org>; Tue, 12 Jul 2016 14:49:55 -0700 (PDT)
Received: from bar6.cudamail.com (localhost [127.0.0.1])
	by mx3v3.cudamail.com (Postfix) with ESMTPS id 092CE162BDD
	for <dev@openvswitch.org>; Tue, 12 Jul 2016 15:49:55 -0600 (MDT)
X-ASG-Debug-ID: 1468360194-0b32375bf024f70001-byXFYA
Received: from mx3-pf2.cudamail.com ([192.168.14.1]) by bar6.cudamail.com
	with
	ESMTP id FU46z69HEw5TqoHv (version=TLSv1 cipher=DHE-RSA-AES256-SHA
	bits=256 verify=NO) for <dev@openvswitch.org>;
	Tue, 12 Jul 2016 15:49:54 -0600 (MDT)
X-Barracuda-Envelope-From: guru.ovn@gmail.com
X-Barracuda-RBL-Trusted-Forwarder: 192.168.14.1
Received: from unknown (HELO mail-pf0-f194.google.com) (209.85.192.194)
	by mx3-pf2.cudamail.com with ESMTPS (AES128-SHA encrypted);
	12 Jul 2016 21:49:54 -0000
Received-SPF: pass (mx3-pf2.cudamail.com: SPF record at _netblocks.google.com
	designates 209.85.192.194 as permitted sender)
X-Barracuda-Apparent-Source-IP: 209.85.192.194
X-Barracuda-RBL-IP: 209.85.192.194
Received: by mail-pf0-f194.google.com with SMTP id i6so1504680pfe.0
	for <dev@openvswitch.org>; Tue, 12 Jul 2016 14:49:54 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:from:to:subject:date:message-id;
	bh=7l54oL2WBleUAsPYbtRRhQKbpbtF2JPLV5myXMQOcZw=;
	b=LeB6sDuDJ12mfuSu/Sfh6JEA77L3J/5HkXaIiYPBbh5aeTF7Cxe3uspPl0kbfKvaHw
	2lLJu3JccwwN0RhjJrZTxRnq6bx+iuixKczeezuiv08JmlR0fAiiRWnlR1dDPeLgp6Sb
	oWQ+9+A55ZtsKj0FL65NcgCoy/Hy5tO4g1woPygUvEruqJaAFpOfHVQn3ejkk0D5sLg8
	kU1KV03zqYTkpjc4wa1zR/REcMNAZWKc3VoMlyBVt6CZ9jEkok5GDZBN7S6cMEwmjqpg
	hMPb2clEccZtLnDGSR8BGhQY+2EyfISOghjLVaNGNFN9QHPAM0qrq60lDck0hJ847T8A
	ShOA==
X-Gm-Message-State: 
 ALyK8tLlBLLjirosV63+B8suIx+RNPLmY5r9cZzmP4pnz5WSd/vVCLP0m7c8G9KL/r7uSg==
X-Received: by 10.98.109.134 with SMTP id i128mr47588655pfc.72.1468360193459;
	Tue, 12 Jul 2016 14:49:53 -0700 (PDT)
Received: from ubuntu.eng.vmware.com ([208.91.1.34])
	by smtp.gmail.com with ESMTPSA id
	o2sm529910pfg.10.2016.07.12.14.49.51 for <dev@openvswitch.org>
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Tue, 12 Jul 2016 14:49:52 -0700 (PDT)
X-CudaMail-Envelope-Sender: guru.ovn@gmail.com
From: Gurucharan Shetty <guru@ovn.org>
To: dev@openvswitch.org
X-CudaMail-Whitelist-To: dev@openvswitch.org
X-CudaMail-MID: CM-V2-711053099
X-CudaMail-DTE: 071216
X-CudaMail-Originating-IP: 209.85.192.194
Date: Tue, 12 Jul 2016 04:51:03 -0700
X-ASG-Orig-Subj: [##CM-V2-711053099##][PATCH] ovn-northd: Combine two NAT
	loops into one.
Message-Id: <1468324263-31836-1-git-send-email-guru@ovn.org>
X-Mailer: git-send-email 1.9.1
X-Barracuda-Connect: UNKNOWN[192.168.14.1]
X-Barracuda-Start-Time: 1468360194
X-Barracuda-Encrypted: DHE-RSA-AES256-SHA
X-Barracuda-URL: https://web.cudamail.com:443/cgi-mod/mark.cgi
X-ASG-Whitelist: Header =?UTF-8?B?eFwtY3VkYW1haWxcLXdoaXRlbGlzdFwtdG8=?=
X-Virus-Scanned: by bsmtpd at cudamail.com
X-Barracuda-BRTS-Status: 1
Subject: [ovs-dev] [PATCH] ovn-northd: Combine two NAT loops into one.
X-BeenThere: dev@openvswitch.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: <dev.openvswitch.org>
List-Unsubscribe: <http://openvswitch.org/mailman/options/dev>,
	<mailto:dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://openvswitch.org/pipermail/dev>
List-Post: <mailto:dev@openvswitch.org>
List-Help: <mailto:dev-request@openvswitch.org?subject=help>
List-Subscribe: <http://openvswitch.org/mailman/listinfo/dev>,
	<mailto:dev-request@openvswitch.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: dev-bounces@openvswitch.org
Sender: "dev" <dev-bounces@openvswitch.org>

It is wasteful to have two loops that go through all the NAT entries.

Signed-off-by: Gurucharan Shetty <guru@ovn.org>
---
 ovn/northd/ovn-northd.c | 45 +++++++++++++--------------------------------
 1 file changed, 13 insertions(+), 32 deletions(-)

diff --git a/ovn/northd/ovn-northd.c b/ovn/northd/ovn-northd.c
index f4b4435..f0319b2 100644
--- a/ovn/northd/ovn-northd.c
+++ b/ovn/northd/ovn-northd.c
@@ -2291,27 +2291,31 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
         free(match);
         free(actions);
 
-        /* ARP handling for external IP addresses.
-         *
-         * DNAT IP addresses are external IP addresses that need ARP
-         * handling. */
+        bool snat_ip_is_router_ip = false;
         for (int i = 0; i < op->od->nbr->n_nat; i++) {
             const struct nbrec_nat *nat;
 
             nat = op->od->nbr->nat[i];
 
-            if(!strcmp(nat->type, "snat")) {
-                continue;
-            }
-
             ovs_be32 ip;
             if (!ip_parse(nat->external_ip, &ip) || !ip) {
                 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(5, 1);
-                VLOG_WARN_RL(&rl, "bad ip address %s in dnat configuration "
+                VLOG_WARN_RL(&rl, "bad ip address %s in nat configuration "
                              "for router %s", nat->external_ip, op->key);
                 continue;
             }
 
+            if (!strcmp(nat->type, "snat")) {
+                if (ip == op->ip) {
+                    snat_ip_is_router_ip = true;
+                }
+                continue;
+            }
+
+            /* ARP handling for external IP addresses.
+             *
+             * DNAT IP addresses are external IP addresses that need ARP
+             * handling. */
             match = xasprintf(
                 "inport == %s && arp.tpa == "IP_FMT" && arp.op == 1",
                 op->json_key, IP_ARGS(ip));
@@ -2338,29 +2342,6 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
 
         /* Drop IP traffic to this router, unless the router ip is used as
          * SNAT ip. */
-        bool snat_ip_is_router_ip = false;
-        for (int i = 0; i < op->od->nbr->n_nat; i++) {
-            const struct nbrec_nat *nat;
-            ovs_be32 ip;
-
-            nat = op->od->nbr->nat[i];
-            if (strcmp(nat->type, "snat")) {
-                continue;
-            }
-
-            if (!ip_parse(nat->external_ip, &ip) || !ip) {
-                static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(5, 1);
-                VLOG_WARN_RL(&rl, "bad ip address %s in snat configuration "
-                         "for router %s", nat->external_ip, op->key);
-                continue;
-            }
-
-            if (ip == op->ip) {
-                snat_ip_is_router_ip = true;
-                break;
-            }
-        }
-
         if (!snat_ip_is_router_ip) {
             match = xasprintf("ip4.dst == "IP_FMT, IP_ARGS(op->ip));
             ovn_lflow_add(lflows, op->od, S_ROUTER_IN_IP_INPUT, 60, match,