From patchwork Fri Mar 15 15:23:27 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lorenzo Bianconi X-Patchwork-Id: 1912590 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=C47IaA4h; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::133; helo=smtp2.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org) Received: from smtp2.osuosl.org (smtp2.osuosl.org [IPv6:2605:bc80:3010::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Tx7Lp2mlrz1yWn for ; Sat, 16 Mar 2024 02:23:46 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 82CF5403CA; Fri, 15 Mar 2024 15:23:44 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W-C3BV-EgdoK; Fri, 15 Mar 2024 15:23:43 +0000 (UTC) X-Comment: SPF check N/A for local connections - client-ip=140.211.9.56; helo=lists.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver= DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 63DF840102 Authentication-Results: smtp2.osuosl.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=C47IaA4h Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp2.osuosl.org (Postfix) with ESMTPS id 63DF840102; Fri, 15 Mar 2024 15:23:43 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 36F3CC0077; Fri, 15 Mar 2024 15:23:43 +0000 (UTC) X-Original-To: ovs-dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 1FCE8C0037 for ; Fri, 15 Mar 2024 15:23:42 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 017F260E8E for ; Fri, 15 Mar 2024 15:23:42 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i4DN5LlthCyh for ; Fri, 15 Mar 2024 15:23:40 +0000 (UTC) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=170.10.129.124; helo=us-smtp-delivery-124.mimecast.com; envelope-from=lorenzo.bianconi@redhat.com; receiver= DMARC-Filter: OpenDMARC Filter v1.4.2 smtp3.osuosl.org 859F460629 Authentication-Results: smtp3.osuosl.org; dmarc=pass (p=none dis=none) header.from=redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 859F460629 Authentication-Results: smtp3.osuosl.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=C47IaA4h Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by smtp3.osuosl.org (Postfix) with ESMTPS id 859F460629 for ; Fri, 15 Mar 2024 15:23:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1710516218; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=UOW/IfsooiylAQmKHdUuf4niqRwVePMKEp5xjbjY0IU=; b=C47IaA4hvRjqOACIOvAy26VqEXNZ4vaO4jZyH4ojrCLO2eemEsKERJ+wISl8cnaqZRxT7F eUAad2jLTtOO1NEnkyTNRTccvOhSkgNrCecmOLeC04sVk5mCLQh9LJvWxFo7x3CDoY0igw rpqlz0qpHVUT9jLcpMzXKbIACvMRtEw= Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-53-2Gqb48LyPB6lKT9ITldYdA-1; Fri, 15 Mar 2024 11:23:37 -0400 X-MC-Unique: 2Gqb48LyPB6lKT9ITldYdA-1 Received: by mail-wm1-f70.google.com with SMTP id 5b1f17b1804b1-40e53200380so11174205e9.3 for ; Fri, 15 Mar 2024 08:23:37 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710516216; x=1711121016; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=UOW/IfsooiylAQmKHdUuf4niqRwVePMKEp5xjbjY0IU=; b=N9RRSKJP1kSMufXKy6vq/DjCuLb9+unmW+x2w4WhV52oQDnXKly21eeDaldfSfUGcp AAWT2QHKjJJYWh6LIHYRx5l3ieCpnC6RzqtJHdid3eyil+5f8maO9slql/0Iw1WeapOS svV1YPIHfLj/Ab3gIOMkooWE/0I9XuZHqzc82Npr8I6o/fASurNJKpJaN39A8EC4eFAr rclvXNXZNh1ICUri10u962IeFhg6OoOe036TbaAnuGqtlW6CJ2aFdXa5JcjH9ClYSpbt fdGHWpqNiG946gY+WzAJAEjss0HcOxNgZ+u+3LaOuOMybhk0wk6+ZFDYHaVliWa8BYm9 cdmQ== X-Gm-Message-State: AOJu0Yy3uqqbEGSnGJjO/mal6AE94iISXpcSkxmdQ85u5r3RO4A5sRaY IpL1rfv4iBvFKIaKOAcTh0hZTAzfiuFd2oMZdROmNfjtmjHs4yXToW/FUla/uw1iRidOGCIrzPD XP4fwPimHq/bcUA7TsE0siSj5vfEaG6F9pZcKO2/aHBsObxCYZv3MIKICE1aaFqE4OhPRa5wwkF jrOtwlRORaBi93zFOFiuPeqG8+Wjj/QjdvdQC0YPAQN0Kaqd2QaA== X-Received: by 2002:a05:600c:35cc:b0:414:204:df50 with SMTP id r12-20020a05600c35cc00b004140204df50mr1331139wmq.4.1710516215884; Fri, 15 Mar 2024 08:23:35 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEIpnv6G1WUMlzyahY3DHzBnXNSoSi1TzWbmKx6UAasigOZuC+PVVafAVm5HcfyjeSLb++plA== X-Received: by 2002:a05:600c:35cc:b0:414:204:df50 with SMTP id r12-20020a05600c35cc00b004140204df50mr1331118wmq.4.1710516215394; Fri, 15 Mar 2024 08:23:35 -0700 (PDT) Received: from localhost (net-109-116-3-58.cust.vodafonedsl.it. [109.116.3.58]) by smtp.gmail.com with ESMTPSA id p16-20020a05600c469000b00413eb5aa694sm6100127wmo.38.2024.03.15.08.23.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Mar 2024 08:23:35 -0700 (PDT) From: Lorenzo Bianconi To: ovs-dev@openvswitch.org Date: Fri, 15 Mar 2024 16:23:27 +0100 Message-ID: X-Mailer: git-send-email 2.44.0 MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Cc: dceara@redhat.com Subject: [ovs-dev] [PATCH ovn] ovn-ic: Avoid igmp/mld traffic flooding. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" Avoid recirculating IGMP/MLD packets more than one time from stage ls_out_pre_lb in the egress pipeline to ovn table 37 in order to avoid packet looping for ovn-ic deployment. Acked-by: Mohammad Heib Signed-off-by: Lorenzo Bianconi --- controller/pinctrl.c | 2 ++ include/ovn/logical-fields.h | 3 +++ lib/logical-fields.c | 4 ++++ northd/northd.c | 11 +++++++---- 4 files changed, 16 insertions(+), 4 deletions(-) diff --git a/controller/pinctrl.c b/controller/pinctrl.c index 98b29de9f..ba4775e20 100644 --- a/controller/pinctrl.c +++ b/controller/pinctrl.c @@ -660,6 +660,8 @@ pinctrl_forward_pkt(struct rconn *swconn, int64_t dp_key, put_load(dp_key, MFF_LOG_DATAPATH, 0, 64, &ofpacts); put_load(in_port_key, MFF_LOG_INPORT, 0, 32, &ofpacts); put_load(out_port_key, MFF_LOG_OUTPORT, 0, 32, &ofpacts); + /* Avoid re-injecting packet already consumed. */ + put_load(1, MFF_LOG_FLAGS, MLF_IGMP_IGMP_SPOOF_INJECT_BIT, 1, &ofpacts); struct ofpact_resubmit *resubmit = ofpact_put_RESUBMIT(&ofpacts); resubmit->in_port = OFPP_CONTROLLER; diff --git a/include/ovn/logical-fields.h b/include/ovn/logical-fields.h index ce79b501c..84c287e0a 100644 --- a/include/ovn/logical-fields.h +++ b/include/ovn/logical-fields.h @@ -82,6 +82,7 @@ enum mff_log_flags_bits { MLF_LOCALNET_BIT = 15, MLF_RX_FROM_TUNNEL_BIT = 16, MLF_ICMP_SNAT_BIT = 17, + MLF_IGMP_IGMP_SPOOF_INJECT_BIT = 18, }; /* MFF_LOG_FLAGS_REG flag assignments */ @@ -137,6 +138,8 @@ enum mff_log_flags { MLF_RX_FROM_TUNNEL = (1 << MLF_RX_FROM_TUNNEL_BIT), MLF_ICMP_SNAT = (1 << MLF_ICMP_SNAT_BIT), + + MLF_IGMP_IGMP_SPOOF = (1 << MLF_IGMP_IGMP_SPOOF_INJECT_BIT), }; /* OVN logical fields diff --git a/lib/logical-fields.c b/lib/logical-fields.c index 20219a67a..7e60c7c86 100644 --- a/lib/logical-fields.c +++ b/lib/logical-fields.c @@ -139,6 +139,10 @@ ovn_init_symtab(struct shash *symtab) flags_str); snprintf(flags_str, sizeof flags_str, "flags[%d]", MLF_RX_FROM_TUNNEL_BIT); expr_symtab_add_subfield(symtab, "flags.tunnel_rx", NULL, flags_str); + snprintf(flags_str, sizeof flags_str, "flags[%d]", + MLF_IGMP_IGMP_SPOOF_INJECT_BIT); + expr_symtab_add_subfield(symtab, "flags.igmp_loopback", NULL, + flags_str); /* Connection tracking state. */ expr_symtab_add_field_scoped(symtab, "ct_mark", MFF_CT_MARK, NULL, false, diff --git a/northd/northd.c b/northd/northd.c index 1839b7d8b..2c860082d 100644 --- a/northd/northd.c +++ b/northd/northd.c @@ -6089,7 +6089,8 @@ build_interconn_mcast_snoop_flows(struct ovn_datapath *od, continue; } /* Punt IGMP traffic to controller. */ - char *match = xasprintf("inport == %s && igmp", op->json_key); + char *match = xasprintf("inport == %s && igmp && " + "flags.igmp_loopback == 0", op->json_key); ovn_lflow_metered(lflows, od, S_SWITCH_OUT_PRE_LB, 120, match, "clone { igmp; }; next;", copp_meter_get(COPP_IGMP, od->nbs->copp, @@ -6098,7 +6099,8 @@ build_interconn_mcast_snoop_flows(struct ovn_datapath *od, free(match); /* Punt MLD traffic to controller. */ - match = xasprintf("inport == %s && (mldv1 || mldv2)", op->json_key); + match = xasprintf("inport == %s && (mldv1 || mldv2) && " + "flags.igmp_loopback == 0", op->json_key); ovn_lflow_metered(lflows, od, S_SWITCH_OUT_PRE_LB, 120, match, "clone { igmp; }; next;", copp_meter_get(COPP_IGMP, od->nbs->copp, @@ -9285,14 +9287,15 @@ build_lswitch_destination_lookup_bmcast(struct ovn_datapath *od, ds_put_cstr(actions, "igmp;"); /* Punt IGMP traffic to controller. */ ovn_lflow_metered(lflows, od, S_SWITCH_IN_L2_LKUP, 100, - "igmp", ds_cstr(actions), + "flags.igmp_loopback == 0 && igmp", ds_cstr(actions), copp_meter_get(COPP_IGMP, od->nbs->copp, meter_groups), lflow_ref); /* Punt MLD traffic to controller. */ ovn_lflow_metered(lflows, od, S_SWITCH_IN_L2_LKUP, 100, - "mldv1 || mldv2", ds_cstr(actions), + "flags.igmp_loopback == 0 && (mldv1 || mldv2)", + ds_cstr(actions), copp_meter_get(COPP_IGMP, od->nbs->copp, meter_groups), lflow_ref);