@@ -2692,7 +2692,9 @@ outport = <var>P</var>;
<code>Logical_Switch_Port</code> table. For router ports
connected to other logical routers, MAC bindings can be known
statically from the <code>mac</code> and <code>networks</code>
- column in the <code>Logical_Router_Port</code> table.
+ column in the <code>Logical_Router_Port</code> table. (Note: these
+ flows are NOT installed for routers that have
+ <code>options:dynamic_neigh_only</code> set to <code>true</code>)
</p>
<p>
@@ -9821,6 +9821,12 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
continue;
}
+ if (peer->od->nbr &&
+ smap_get_bool(&peer->od->nbr->options,
+ "dynamic_neigh_only", false)) {
+ continue;
+ }
+
if (!find_lrp_member_ip(peer, ip_s)) {
continue;
}
@@ -9857,6 +9863,12 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
continue;
}
+ if (peer->od->nbr &&
+ smap_get_bool(&peer->od->nbr->options,
+ "dynamic_neigh_only", false)) {
+ continue;
+ }
+
if (!find_lrp_member_ip(peer, ip_s)) {
continue;
}
@@ -9954,6 +9966,12 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
continue;
}
+ if (peer->od->nbr &&
+ smap_get_bool(&peer->od->nbr->options,
+ "dynamic_neigh_only", false)) {
+ continue;
+ }
+
if (!find_lrp_member_ip(peer, vip)) {
continue;
}
@@ -1840,6 +1840,18 @@
connected to the logical router. Default: False.
</p>
</column>
+ <column name="options" key="dynamic_neigh_only" type='{"type": "boolean"}'>
+ <p>
+ If set to <code>true</code>, the router will resolve neighbours' MAC
+ addresses only by dynamic ARP/ND, instead of prepopulating static
+ mappings for all neighbours in the ARP/ND Resolution stage. This
+ reduces number of flows, but requires ARP/ND messages to resolve
+ the IP-MAC bindings when needed. It is <code>false</code> by
+ default. It is recommended to set to <code>true</code> when a large
+ number of logical routers are connected to the same logical switch
+ but most of them never need to send traffic between each other.
+ </p>
+ </column>
</group>
<group title="Common Columns">
Support option:dynamic_neigh_only for logical routers, so that in particular use cases static neighbor flows are not prepopulated, to avoid flow exploding problem reported for ovn-kubernetes large scale setup. Reported-by: Girish Moodalbail <gmoodalbail@gmail.com> Reported-at: https://mail.openvswitch.org/pipermail/ovs-discuss/2020-May/049995.html Signed-off-by: Han Zhou <hzhou@ovn.org> --- northd/ovn-northd.8.xml | 4 +++- northd/ovn-northd.c | 18 ++++++++++++++++++ ovn-nb.xml | 12 ++++++++++++ 3 files changed, 33 insertions(+), 1 deletion(-)