diff mbox series

[ovs-dev] ofproto-dpif-xlate: do not unwildcard source address if not needed

Message ID 20200517034003.2632-1-xnhp0320@gmail.com
State New
Headers show
Series [ovs-dev] ofproto-dpif-xlate: do not unwildcard source address if not needed | expand

Commit Message

hepeng.0320 May 17, 2020, 3:40 a.m. UTC
From: hepeng <hepeng.0320@bytedance.com>

if the tunnel is specified as "remote_ip=flow", we can try to generate a megaflow
which ignores all source address, such as source mac, source IP address
in the outter header of the packet. This can reduce the number of
megaflows and avoid expensive upcall and improve the performance.

Signed-off-by: hepeng <hepeng.0320@bytedance.com>
---
 include/openvswitch/flow.h    |  2 ++
 ofproto/ofproto-dpif-xlate.c  | 16 +++++++++++-
 ofproto/tunnel.c              | 17 +++++++++++++
 ofproto/tunnel.h              |  3 ++-
 tests/packet-type-aware.at    |  2 +-
 tests/tunnel-push-pop-ipv6.at |  2 +-
 tests/tunnel-push-pop.at      | 46 ++++++++++++++++++++++++++++++++++-
 7 files changed, 83 insertions(+), 5 deletions(-)
diff mbox series

Patch

diff --git a/include/openvswitch/flow.h b/include/openvswitch/flow.h
index 3054015d9..a4c810e63 100644
--- a/include/openvswitch/flow.h
+++ b/include/openvswitch/flow.h
@@ -204,6 +204,8 @@  struct flow_wildcards {
     ((WC)->masks.FIELD |= (MASK))
 #define WC_UNMASK_FIELD(WC, FIELD) \
     memset(&(WC)->masks.FIELD, 0, sizeof (WC)->masks.FIELD)
+#define WC_FIELD_MASKED(WC, FIELD) \
+    ((WC)->masks.FIELD != 0)
 
 void flow_wildcards_init_catchall(struct flow_wildcards *);
 
diff --git a/ofproto/ofproto-dpif-xlate.c b/ofproto/ofproto-dpif-xlate.c
index 80fba84cb..986dcdee6 100644
--- a/ofproto/ofproto-dpif-xlate.c
+++ b/ofproto/ofproto-dpif-xlate.c
@@ -4088,7 +4088,17 @@  terminate_native_tunnel(struct xlate_ctx *ctx, struct flow *flow,
     /* XXX: Write better Filter for tunnel port. We can use in_port
      * in tunnel-port flow to avoid these checks completely. */
     if (ovs_native_tunneling_is_on(ctx->xbridge->ofproto)) {
-        *tnl_port = tnl_port_map_lookup(flow, wc);
+        /* Check if the wc contains source info, if not,
+         * erase all source info including smac and sip.
+         */
+        if (!WC_FIELD_MASKED(wc, nw_src)) {
+            *tnl_port = tnl_port_map_lookup(flow, wc);
+            if (*tnl_port != ODPP_NONE && !WC_FIELD_MASKED(wc, nw_src)) {
+                memset(&wc->masks.dl_src, 0, sizeof wc->masks.dl_src);
+            }
+        } else {
+            *tnl_port = tnl_port_map_lookup(flow, wc);
+        }
 
         /* If no tunnel port was found and it's about an ARP or ICMPv6 packet,
          * do tunnel neighbor snooping. */
@@ -7636,6 +7646,10 @@  xlate_actions(struct xlate_in *xin, struct xlate_out *xout)
         ctx.xin->xport_uuid = in_port->uuid;
     }
 
+    if (in_port && in_port->is_tunnel) {
+        tnl_wc_init_by_port(in_port->ofport, ctx.wc);
+    }
+
     if (flow->packet_type != htonl(PT_ETH) && in_port &&
         in_port->pt_mode == NETDEV_PT_LEGACY_L3 && ctx.table_id == 0) {
         /* Add dummy Ethernet header to non-L2 packet if it's coming from a
diff --git a/ofproto/tunnel.c b/ofproto/tunnel.c
index 03f0ab765..892f3aa5f 100644
--- a/ofproto/tunnel.c
+++ b/ofproto/tunnel.c
@@ -300,6 +300,23 @@  tnl_port_del(const struct ofport_dpif *ofport, odp_port_t odp_port)
     fat_rwlock_unlock(&rwlock);
 }
 
+void
+tnl_wc_init_by_port(const struct ofport_dpif *ofport,
+                    struct flow_wildcards *wc)
+{
+    struct tnl_port *tnl_port;
+
+    fat_rwlock_rdlock(&rwlock);
+    tnl_port = tnl_find_ofport(ofport);
+    if (tnl_port) {
+        if (tnl_port->match.ip_dst_flow) {
+            WC_UNMASK_FIELD(wc, tunnel.ip_src);
+            WC_UNMASK_FIELD(wc, tunnel.ipv6_src);
+        }
+    }
+    fat_rwlock_unlock(&rwlock);
+}
+
 /* Looks in the table of tunnels for a tunnel matching the metadata in 'flow'.
  * Returns the 'ofport' corresponding to the new in_port, or a null pointer if
  * none is found.
diff --git a/ofproto/tunnel.h b/ofproto/tunnel.h
index 323f3fa03..166190875 100644
--- a/ofproto/tunnel.h
+++ b/ofproto/tunnel.h
@@ -45,7 +45,8 @@  bool tnl_process_ecn(struct flow *);
 odp_port_t tnl_port_send(const struct ofport_dpif *, struct flow *,
                          struct flow_wildcards *wc);
 const char *tnl_port_get_type(const struct ofport_dpif *tnl_port);
-
+void tnl_wc_init_by_port(const struct ofport_dpif *ofport,
+                         struct flow_wildcards *wc);
 /* Returns true if 'flow' should be submitted to tnl_port_receive(). */
 static inline bool
 tnl_port_should_receive(const struct flow *flow)
diff --git a/tests/packet-type-aware.at b/tests/packet-type-aware.at
index 540cf98f3..9c16d1289 100644
--- a/tests/packet-type-aware.at
+++ b/tests/packet-type-aware.at
@@ -1019,7 +1019,7 @@  ovs-appctl time/warp 1000
 AT_CHECK([
     ovs-appctl dpctl/dump-flows --names dummy@ovs-dummy | strip_used | grep -v ipv6 | sort
 ], [0], [flow-dump from the main thread:
-recirc_id(0),in_port(p0),packet_type(ns=0,id=0),eth(src=aa:bb:cc:00:00:02,dst=aa:bb:cc:00:00:01),eth_type(0x0800),ipv4(dst=20.0.0.1,proto=47,frag=no), packets:3, bytes:378, used:0.0s, actions:tnl_pop(gre_sys)
+recirc_id(0),in_port(p0),packet_type(ns=0,id=0),eth(dst=aa:bb:cc:00:00:01),eth_type(0x0800),ipv4(dst=20.0.0.1,proto=47,frag=no), packets:3, bytes:378, used:0.0s, actions:tnl_pop(gre_sys)
 tunnel(src=20.0.0.2,dst=20.0.0.1,flags(-df-csum)),recirc_id(0),in_port(gre_sys),packet_type(ns=1,id=0x8847),eth_type(0x8847),mpls(label=999/0x0,tc=0/0,ttl=64/0x0,bos=1/1), packets:3, bytes:264, used:0.0s, actions:push_eth(src=00:00:00:00:00:00,dst=00:00:00:00:00:00),pop_mpls(eth_type=0x800),recirc(0x1)
 tunnel(src=20.0.0.2,dst=20.0.0.1,flags(-df-csum)),recirc_id(0x1),in_port(gre_sys),packet_type(ns=0,id=0),eth(dst=00:00:00:00:00:00),eth_type(0x0800),ipv4(ttl=64,frag=no), packets:3, bytes:294, used:0.0s, actions:set(ipv4(ttl=63)),int-br
 ])
diff --git a/tests/tunnel-push-pop-ipv6.at b/tests/tunnel-push-pop-ipv6.at
index 59723e63b..dbe72f7e7 100644
--- a/tests/tunnel-push-pop-ipv6.at
+++ b/tests/tunnel-push-pop-ipv6.at
@@ -429,7 +429,7 @@  AT_CHECK([ovs-ofctl dump-ports int-br | grep 'port  5'], [0], [dnl
   port  5: rx pkts=1, bytes=98, drop=?, errs=?, frame=?, over=?, crc=?
 ])
 AT_CHECK([ovs-appctl dpif/dump-flows int-br | grep 'in_port(6081)'], [0], [dnl
-tunnel(tun_id=0x7b,ipv6_src=2001:cafe::92,ipv6_dst=2001:cafe::88,geneve({class=0xffff,type=0x80,len=4,0xa/0xf}{class=0xffff,type=0,len=4}),flags(-df-csum+key)),recirc_id(0),in_port(6081),packet_type(ns=0,id=0),eth_type(0x0800),ipv4(frag=no), packets:0, bytes:0, used:never, actions:userspace(pid=0,controller(reason=1,dont_send=0,continuation=0,recirc_id=3,rule_cookie=0,controller_id=0,max_len=65535))
+tunnel(tun_id=0x7b,ipv6_dst=2001:cafe::88,geneve({class=0xffff,type=0x80,len=4,0xa/0xf}{class=0xffff,type=0,len=4}),flags(-df-csum+key)),recirc_id(0),in_port(6081),packet_type(ns=0,id=0),eth_type(0x0800),ipv4(frag=no), packets:0, bytes:0, used:never, actions:userspace(pid=0,controller(reason=1,dont_send=0,continuation=0,recirc_id=3,rule_cookie=0,controller_id=0,max_len=65535))
 ])
 
 ovs-appctl time/warp 10000
diff --git a/tests/tunnel-push-pop.at b/tests/tunnel-push-pop.at
index 48c5de9d1..b35c2eab2 100644
--- a/tests/tunnel-push-pop.at
+++ b/tests/tunnel-push-pop.at
@@ -519,7 +519,7 @@  AT_CHECK([ovs-ofctl dump-ports int-br | grep 'port  5'], [0], [dnl
   port  5: rx pkts=1, bytes=98, drop=?, errs=?, frame=?, over=?, crc=?
 ])
 AT_CHECK([ovs-appctl dpif/dump-flows int-br | grep 'in_port(6081)'], [0], [dnl
-tunnel(tun_id=0x7b,src=1.1.2.92,dst=1.1.2.88,geneve({class=0xffff,type=0x80,len=4,0xa/0xf}{class=0xffff,type=0,len=4}),flags(-df-csum+key)),recirc_id(0),in_port(6081),packet_type(ns=0,id=0),eth_type(0x0800),ipv4(frag=no), packets:0, bytes:0, used:never, actions:userspace(pid=0,controller(reason=1,dont_send=0,continuation=0,recirc_id=2,rule_cookie=0,controller_id=0,max_len=65535))
+tunnel(tun_id=0x7b,dst=1.1.2.88,geneve({class=0xffff,type=0x80,len=4,0xa/0xf}{class=0xffff,type=0,len=4}),flags(-df-csum+key)),recirc_id(0),in_port(6081),packet_type(ns=0,id=0),eth_type(0x0800),ipv4(frag=no), packets:0, bytes:0, used:never, actions:userspace(pid=0,controller(reason=1,dont_send=0,continuation=0,recirc_id=2,rule_cookie=0,controller_id=0,max_len=65535))
 ])
 
 ovs-appctl time/warp 10000
@@ -645,3 +645,47 @@  NXST_FLOW reply:
 
 OVS_VSWITCHD_STOP
 AT_CLEANUP
+
+AT_SETUP([tunnel_push_pop - specify tun_src when remote_ip=flow])
+
+OVS_VSWITCHD_START([add-port br0 p0 -- set Interface p0 type=dummy ofport_request=1 other-config:hwaddr=aa:55:aa:55:00:00])
+AT_CHECK([ovs-vsctl add-br int-br -- set bridge int-br datapath_type=dummy], [0])
+AT_CHECK([ovs-vsctl add-port int-br t1 -- set Interface t1 type=gre \
+                       options:remote_ip=flow options:key=flow options:seq=true ofport_request=3], [0])
+
+AT_CHECK([ovs-appctl dpif/show], [0], [dnl
+dummy@ovs-dummy: hit:0 missed:0
+  br0:
+    br0 65534/100: (dummy-internal)
+    p0 1/1: (dummy)
+  int-br:
+    int-br 65534/2: (dummy-internal)
+    t1 3/3: (gre: key=flow, remote_ip=flow, seq=true)
+])
+
+AT_CHECK([ovs-appctl netdev-dummy/ip4addr br0 1.1.2.88/24], [0], [OK
+])
+AT_CHECK([ovs-appctl ovs/route/add 1.1.2.92/24 br0], [0], [OK
+])
+AT_CHECK([ovs-ofctl add-flow br0 'arp,priority=1,action=normal'])
+
+dnl Use arp reply to achieve tunnel next hop mac binding
+AT_CHECK([ovs-appctl netdev-dummy/receive p0 'recirc_id(0),in_port(1),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x0806),arp(sip=1.1.2.92,tip=1.1.2.88,op=2,sha=f8:bc:12:44:34:b6,tha=00:00:00:00:00:00)'])
+
+AT_CHECK([ovs-appctl tnl/neigh/show | tail -n+3 | sort], [0], [dnl
+1.1.2.92                                      f8:bc:12:44:34:b6   br0
+])
+
+AT_CHECK([ovs-ofctl add-flow br0 'ip,ip_proto=47,nw_tos=0,eth_src=aa:55:aa:55:00:00,eth_dst=f8:bc:12:44:34:b6,ip_src=1.1.2.88,ip_dst=1.1.2.92,priority=99,action=normal'])
+
+dnl add a flow specifying tun_src
+AT_CHECK([ovs-ofctl add-flow int-br 'tun_src=1.1.2.92,in_port=3,action=drop'])
+
+AT_CHECK([ovs-appctl ofproto/trace int-br 'tun_src=1.1.2.92,tun_dst=1.1.2.88,tun_id=456,in_port=3'], [0], [stdout])
+AT_CHECK([tail -2 stdout], [0],
+  [Megaflow: recirc_id=0,eth,tun_id=0x1c8,tun_src=1.1.2.92,tun_dst=1.1.2.88,tun_tos=0,tun_flags=-df-csum-key,in_port=3,dl_type=0x0000
+Datapath actions: drop
+])
+
+OVS_VSWITCHD_STOP
+AT_CLEANUP