From patchwork Tue Apr 7 11:03:29 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Dumitru Ceara
X-Patchwork-Id: 1267353
Return-Path:
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized)
smtp.mailfrom=openvswitch.org (client-ip=140.211.166.137;
helo=fraxinus.osuosl.org;
envelope-from=ovs-dev-bounces@openvswitch.org;
receiver=)
Authentication-Results: ozlabs.org;
dmarc=fail (p=none dis=none) header.from=redhat.com
Authentication-Results: ozlabs.org;
dkim=fail reason="signature verification failed" (1024-bit key;
unprotected) header.d=redhat.com header.i=@redhat.com
header.a=rsa-sha256 header.s=mimecast20190719
header.b=AjlZZ5QO; dkim-atps=neutral
Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
bits)) (No client certificate requested)
by ozlabs.org (Postfix) with ESMTPS id 48xPfV5K2Tz9sSv
for ;
Tue, 7 Apr 2020 21:03:46 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
by fraxinus.osuosl.org (Postfix) with ESMTP id 63E0D86942;
Tue, 7 Apr 2020 11:03:44 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from fraxinus.osuosl.org ([127.0.0.1])
by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id nya4XKcMvlpm; Tue, 7 Apr 2020 11:03:43 +0000 (UTC)
Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56])
by fraxinus.osuosl.org (Postfix) with ESMTP id 967A5865AB;
Tue, 7 Apr 2020 11:03:43 +0000 (UTC)
Received: from lf-lists.osuosl.org (localhost [127.0.0.1])
by lists.linuxfoundation.org (Postfix) with ESMTP id 7B385C1AE2;
Tue, 7 Apr 2020 11:03:43 +0000 (UTC)
X-Original-To: dev@openvswitch.org
Delivered-To: ovs-dev@lists.linuxfoundation.org
Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136])
by lists.linuxfoundation.org (Postfix) with ESMTP id 44D42C0177
for ; Tue, 7 Apr 2020 11:03:41 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by silver.osuosl.org (Postfix) with ESMTP id 3894D2041C
for ; Tue, 7 Apr 2020 11:03:41 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from silver.osuosl.org ([127.0.0.1])
by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id lS+zH76gqhLQ for ;
Tue, 7 Apr 2020 11:03:38 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[205.139.110.120])
by silver.osuosl.org (Postfix) with ESMTPS id BB73320456
for ; Tue, 7 Apr 2020 11:03:37 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1586257416;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=H+awGgL3x8d+j1iebsr+DfgS/rb1RhyjzCRrvGvK1mQ=;
b=AjlZZ5QOBtCbpakbaLDJhR76LHlHpEXVDyE5dGdi4Wi1SwOggkyot5A7PZKUnFWHdMqGEo
rYfCAL0O7pd7mx2i1F6bop56OtuftjcIz9ibxG6h3YnTsSLuH22rPffUI0aN0nPfpabprw
dGjQ5gS7y60oLQL76A6qTwxRhaM6JSA=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-282-KMnUGFItPyK0YNdAQ7zuaw-1; Tue, 07 Apr 2020 07:03:34 -0400
X-MC-Unique: KMnUGFItPyK0YNdAQ7zuaw-1
Received: from smtp.corp.redhat.com
(int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 9099B107ACCC;
Tue, 7 Apr 2020 11:03:33 +0000 (UTC)
Received: from dceara.remote.csb (ovpn-114-88.ams2.redhat.com [10.36.114.88])
by smtp.corp.redhat.com (Postfix) with ESMTP id 69BBA5C1BB;
Tue, 7 Apr 2020 11:03:32 +0000 (UTC)
From: Dumitru Ceara
To: dev@openvswitch.org
Date: Tue, 7 Apr 2020 13:03:29 +0200
Message-Id: <20200407110320.7801.36179.stgit@dceara.remote.csb>
In-Reply-To: <20200407110242.7801.52004.stgit@dceara.remote.csb>
References: <20200407110242.7801.52004.stgit@dceara.remote.csb>
User-Agent: StGit/0.17.1-dirty
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Subject: [ovs-dev] [PATCH branch-2.12 1/4] ovn-controller: Consider
non-virtual ports first when updating bindings.
X-BeenThere: ovs-dev@openvswitch.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id:
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Errors-To: ovs-dev-bounces@openvswitch.org
Sender: "dev"
There's no guarantee SBREC_PORT_BINDING_TABLE_FOR_EACH will first
return the non-virtual ports and then virtual ports. In the case when a
virtual port is processed before its virtual_parent,
consider_local_datapath might not release it in the current
ovn-controller iteration even though the virtual_parent gets released.
Right now this doesn't trigger any functionality issue because releasing
the virtual_parent triggers a change in the SB DB which will wake up
ovn-controller and trigger a new computation which will also update the
virtual port.
However, this is suboptimal, and we can notice that often ovn-controller
gets the SB update notification before the "transaction successful"
notification. In such cases the incremental engine doesn't run
(ovnsb_idl_txn == NULL) and a full recompute is scheduled for the next
run. By batching the two SB updates in a single transaction we
lower the risk of this situation happening.
CC: Numan Siddique
Fixes: 054f4c85c413 ("Add a new logical switch port type - 'virtual'")
Signed-off-by: Dumitru Ceara
Acked-by: Mark Michelson
Signed-off-by: Numan Siddique
(cherry picked from OVN commit 5309099ec38cf41f4e41f1929c408741a3146dac)
---
ovn/controller/binding.c | 97 +++++++++++++++++++++++++++++++++-------------
1 file changed, 69 insertions(+), 28 deletions(-)
diff --git a/ovn/controller/binding.c b/ovn/controller/binding.c
index dfe002b..ef8445f 100644
--- a/ovn/controller/binding.c
+++ b/ovn/controller/binding.c
@@ -460,7 +460,12 @@ is_our_chassis(const struct sbrec_chassis *chassis_rec,
return our_chassis;
}
-static void
+/* Updates 'binding_rec' and if the port binding is local also updates the
+ * local datapaths and ports.
+ * Updates and returns the array of local virtual ports that will require
+ * additional processing.
+ */
+static const struct sbrec_port_binding **
consider_local_datapath(struct ovsdb_idl_txn *ovnsb_idl_txn,
struct ovsdb_idl_txn *ovs_idl_txn,
struct ovsdb_idl_index *sbrec_datapath_binding_by_key,
@@ -473,7 +478,9 @@ consider_local_datapath(struct ovsdb_idl_txn *ovnsb_idl_txn,
struct hmap *local_datapaths,
struct shash *lport_to_iface,
struct sset *local_lports,
- struct sset *local_lport_ids)
+ struct sset *local_lport_ids,
+ const struct sbrec_port_binding **vpbs,
+ size_t *n_vpbs, size_t *n_allocated_vpbs)
{
const struct ovsrec_interface *iface_rec
= shash_find_data(lport_to_iface, binding_rec->logical_port);
@@ -572,22 +579,11 @@ consider_local_datapath(struct ovsdb_idl_txn *ovnsb_idl_txn,
}
} else if (binding_rec->chassis == chassis_rec) {
if (!strcmp(binding_rec->type, "virtual")) {
- /* pinctrl module takes care of binding the ports
- * of type 'virtual'.
- * Release such ports if their virtual parents are no
- * longer claimed by this chassis. */
- const struct sbrec_port_binding *parent
- = lport_lookup_by_name(sbrec_port_binding_by_name,
- binding_rec->virtual_parent);
- if (!parent || parent->chassis != chassis_rec) {
- VLOG_INFO("Releasing lport %s from this chassis.",
- binding_rec->logical_port);
- if (binding_rec->encap) {
- sbrec_port_binding_set_encap(binding_rec, NULL);
- }
- sbrec_port_binding_set_chassis(binding_rec, NULL);
- sbrec_port_binding_set_virtual_parent(binding_rec, NULL);
+ if (*n_vpbs == *n_allocated_vpbs) {
+ vpbs = x2nrealloc(vpbs, n_allocated_vpbs, sizeof *vpbs);
}
+ vpbs[(*n_vpbs)] = binding_rec;
+ (*n_vpbs)++;
} else {
VLOG_INFO("Releasing lport %s from this chassis.",
binding_rec->logical_port);
@@ -606,6 +602,30 @@ consider_local_datapath(struct ovsdb_idl_txn *ovnsb_idl_txn,
vif_chassis);
}
}
+ return vpbs;
+}
+
+static void
+consider_local_virtual_port(struct ovsdb_idl_index *sbrec_port_binding_by_name,
+ const struct sbrec_chassis *chassis_rec,
+ const struct sbrec_port_binding *binding_rec)
+{
+ /* pinctrl module takes care of binding the ports of type 'virtual'.
+ * Release such ports if their virtual parents are no longer claimed by
+ * this chassis.
+ */
+ const struct sbrec_port_binding *parent =
+ lport_lookup_by_name(sbrec_port_binding_by_name,
+ binding_rec->virtual_parent);
+ if (!parent || parent->chassis != chassis_rec) {
+ VLOG_INFO("Releasing lport %s from this chassis.",
+ binding_rec->logical_port);
+ if (binding_rec->encap) {
+ sbrec_port_binding_set_encap(binding_rec, NULL);
+ }
+ sbrec_port_binding_set_chassis(binding_rec, NULL);
+ sbrec_port_binding_set_virtual_parent(binding_rec, NULL);
+ }
}
static void
@@ -662,20 +682,41 @@ binding_run(struct ovsdb_idl_txn *ovnsb_idl_txn,
&egress_ifaces);
}
+ /* Array to store pointers to local virtual ports. It is populated by
+ * consider_local_datapath.
+ */
+ const struct sbrec_port_binding **vpbs = NULL;
+ size_t n_vpbs = 0;
+ size_t n_allocated_vpbs = 0;
+
/* Run through each binding record to see if it is resident on this
* chassis and update the binding accordingly. This includes both
- * directly connected logical ports and children of those ports. */
+ * directly connected logical ports and children of those ports.
+ * Virtual ports are just added to vpbs array and will be processed
+ * later. This is special case for virtual ports is needed in order to
+ * make sure we update the virtual_parent port bindings first.
+ */
SBREC_PORT_BINDING_TABLE_FOR_EACH (binding_rec, port_binding_table) {
- consider_local_datapath(ovnsb_idl_txn, ovs_idl_txn,
- sbrec_datapath_binding_by_key,
- sbrec_port_binding_by_datapath,
- sbrec_port_binding_by_name,
- active_tunnels, chassis_rec, binding_rec,
- sset_is_empty(&egress_ifaces) ? NULL :
- &qos_map, local_datapaths, &lport_to_iface,
- local_lports, local_lport_ids);
-
- }
+ vpbs =
+ consider_local_datapath(ovnsb_idl_txn, ovs_idl_txn,
+ sbrec_datapath_binding_by_key,
+ sbrec_port_binding_by_datapath,
+ sbrec_port_binding_by_name,
+ active_tunnels, chassis_rec, binding_rec,
+ sset_is_empty(&egress_ifaces) ? NULL :
+ &qos_map, local_datapaths, &lport_to_iface,
+ local_lports, local_lport_ids,
+ vpbs, &n_vpbs, &n_allocated_vpbs);
+ }
+
+ /* Now also update the virtual ports in case their parent ports were
+ * updated above.
+ */
+ for (size_t i = 0; i < n_vpbs; i++) {
+ consider_local_virtual_port(sbrec_port_binding_by_name, chassis_rec,
+ vpbs[i]);
+ }
+ free(vpbs);
/* Run through each binding record to see if it is a localnet port
* on local datapaths discovered from above loop, and update the
From patchwork Tue Apr 7 11:03:43 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Dumitru Ceara
X-Patchwork-Id: 1267354
Return-Path:
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized)
smtp.mailfrom=openvswitch.org (client-ip=140.211.166.136;
helo=silver.osuosl.org;
envelope-from=ovs-dev-bounces@openvswitch.org;
receiver=)
Authentication-Results: ozlabs.org;
dmarc=fail (p=none dis=none) header.from=redhat.com
Authentication-Results: ozlabs.org;
dkim=fail reason="signature verification failed" (1024-bit key;
unprotected) header.d=redhat.com header.i=@redhat.com
header.a=rsa-sha256 header.s=mimecast20190719
header.b=QufI6Hn0; dkim-atps=neutral
Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
bits)) (No client certificate requested)
by ozlabs.org (Postfix) with ESMTPS id 48xPfr4Xscz9sSq
for ;
Tue, 7 Apr 2020 21:04:04 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
by silver.osuosl.org (Postfix) with ESMTP id BC7FD235BE;
Tue, 7 Apr 2020 11:04:02 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from silver.osuosl.org ([127.0.0.1])
by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id Pe6WIyb0R19j; Tue, 7 Apr 2020 11:03:54 +0000 (UTC)
Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56])
by silver.osuosl.org (Postfix) with ESMTP id 6B13322098;
Tue, 7 Apr 2020 11:03:54 +0000 (UTC)
Received: from lf-lists.osuosl.org (localhost [127.0.0.1])
by lists.linuxfoundation.org (Postfix) with ESMTP id 4FCB2C1D8D;
Tue, 7 Apr 2020 11:03:54 +0000 (UTC)
X-Original-To: dev@openvswitch.org
Delivered-To: ovs-dev@lists.linuxfoundation.org
Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133])
by lists.linuxfoundation.org (Postfix) with ESMTP id A20A0C1AE2
for ; Tue, 7 Apr 2020 11:03:52 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by hemlock.osuosl.org (Postfix) with ESMTP id 915A187E9E
for ; Tue, 7 Apr 2020 11:03:52 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from hemlock.osuosl.org ([127.0.0.1])
by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id XK3RlTcxd8it for ;
Tue, 7 Apr 2020 11:03:51 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com
[205.139.110.61])
by hemlock.osuosl.org (Postfix) with ESMTPS id 682AA87E8A
for ; Tue, 7 Apr 2020 11:03:51 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1586257430;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=K7CR77VgIFlMBK7tElwVfQ7yinV3jmj1B9tEn3v+u6E=;
b=QufI6Hn0IVBCImgPr7DcWDRLrkAOYHdHfd/mdr/ZOcnrTttszasUW/0qALTJZdv279Bs9O
XF1W3g4YvCiFy2Wqvwka0/+qsN+8rpv9yJi/HdnrPSeiB5/3jlHWR/o0AtvBfq0d35O7H3
xvDxD1D8Qj6p+44s2vSN26VW6Njwrag=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-226-xTGa5VGOPpKriK4wjE9bAw-1; Tue, 07 Apr 2020 07:03:47 -0400
X-MC-Unique: xTGa5VGOPpKriK4wjE9bAw-1
Received: from smtp.corp.redhat.com
(int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id AE1548017F3;
Tue, 7 Apr 2020 11:03:46 +0000 (UTC)
Received: from dceara.remote.csb (ovpn-114-88.ams2.redhat.com [10.36.114.88])
by smtp.corp.redhat.com (Postfix) with ESMTP id E8427CDBCA;
Tue, 7 Apr 2020 11:03:45 +0000 (UTC)
From: Dumitru Ceara
To: dev@openvswitch.org
Date: Tue, 7 Apr 2020 13:03:43 +0200
Message-Id: <20200407110338.7801.33311.stgit@dceara.remote.csb>
In-Reply-To: <20200407110242.7801.52004.stgit@dceara.remote.csb>
References: <20200407110242.7801.52004.stgit@dceara.remote.csb>
User-Agent: StGit/0.17.1-dirty
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Subject: [ovs-dev] [PATCH branch-2.12 2/4] Fix virtual port binding when the
parents are scheduled in the same chassis
X-BeenThere: ovs-dev@openvswitch.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id:
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Errors-To: ovs-dev-bounces@openvswitch.org
Sender: "dev"
From: Numan Siddique
If a virtual port has 2 parents and if both of them are scheduled
on the same chassis, then virtual port binding doesn't work.
For virtual port binding we have the below logical flows:
inport == p1 && !is_chassis_resident("vip-port") && arp .. actions=bind_vport(vip-port); next;
inport == p2 && !is_chassis_resident("vip-port") && arp .. actions=bind_vport(vip-port); next;
Since we have !is_chassis_resident, as soon as p1 binds the port, the corresponding OF flows
for both the logical flows above are deleted. Because of this, when p2 becomes the
parent of vip-port it can't bind it.
This patch fixes this issue by removing this condition.
Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=1762341
Acked-by: Dumitru Ceara
Signed-off-by: Numan Siddique
(cherry picked from OVN commit 4fae57bdb9749b2fb3e6727112e87026d2b02b87)
---
ovn/northd/ovn-northd.8.xml | 2 +-
ovn/northd/ovn-northd.c | 3 +--
tests/ovn.at | 39 ++++++++++++++++++++++++++++++++-------
3 files changed, 34 insertions(+), 10 deletions(-)
diff --git a/ovn/northd/ovn-northd.8.xml b/ovn/northd/ovn-northd.8.xml
index 6d2fbe3..aea20c5 100644
--- a/ovn/northd/ovn-northd.8.xml
+++ b/ovn/northd/ovn-northd.8.xml
@@ -575,7 +575,7 @@
column with the match
-inport == P && !is_chassis_resident(V) && ((arp.op == 1 && arp.spa == VIP && arp.tpa == VIP) || (arp.op == 2 && arp.spa == VIP))
+inport == P && && ((arp.op == 1 && arp.spa == VIP && arp.tpa == VIP) || (arp.op == 2 && arp.spa == VIP))
diff --git a/ovn/northd/ovn-northd.c b/ovn/northd/ovn-northd.c
index a079ca3..8b2c0a4 100644
--- a/ovn/northd/ovn-northd.c
+++ b/ovn/northd/ovn-northd.c
@@ -4922,11 +4922,10 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports,
ds_clear(&match);
ds_put_format(&match, "inport == \"%s\" && "
- "!is_chassis_resident(%s) && "
"((arp.op == 1 && arp.spa == %s && "
"arp.tpa == %s) || (arp.op == 2 && "
"arp.spa == %s))",
- vparent, op->json_key, virtual_ip, virtual_ip,
+ vparent, virtual_ip, virtual_ip,
virtual_ip);
ds_clear(&actions);
ds_put_format(&actions,
diff --git a/tests/ovn.at b/tests/ovn.at
index df8c47a..e8125cc 100644
--- a/tests/ovn.at
+++ b/tests/ovn.at
@@ -14500,7 +14500,7 @@ ovn-nbctl lsp-set-addresses sw0-vir "50:54:00:00:00:10 10.0.0.10"
ovn-nbctl lsp-set-port-security sw0-vir "50:54:00:00:00:10 10.0.0.10"
ovn-nbctl lsp-set-type sw0-vir virtual
ovn-nbctl set logical_switch_port sw0-vir options:virtual-ip=10.0.0.10
-ovn-nbctl set logical_switch_port sw0-vir options:virtual-parents=sw0-p1,sw0-p2
+ovn-nbctl set logical_switch_port sw0-vir options:virtual-parents=sw0-p1,sw0-p2,sw0-p3
ovn-nbctl lsp-add sw0 sw0-p1
ovn-nbctl lsp-set-addresses sw0-p1 "50:54:00:00:00:03 10.0.0.3"
@@ -14512,7 +14512,7 @@ ovn-nbctl lsp-set-port-security sw0-p2 "50:54:00:00:00:04 10.0.0.4 10.0.0.10"
ovn-nbctl lsp-add sw0 sw0-p3
ovn-nbctl lsp-set-addresses sw0-p3 "50:54:00:00:00:05 10.0.0.5"
-ovn-nbctl lsp-set-port-security sw0-p3 "50:54:00:00:00:05 10.0.0.5"
+ovn-nbctl lsp-set-port-security sw0-p3 "50:54:00:00:00:05 10.0.0.5 10.0.0.10"
# Create the second logical switch with one port
ovn-nbctl ls-add sw1
@@ -14543,8 +14543,9 @@ ovn-nbctl --wait=hv sync
ovn-sbctl dump-flows sw0 | grep ls_in_arp_rsp | grep bind_vport > lflows.txt
AT_CHECK([cat lflows.txt], [0], [dnl
- table=11(ls_in_arp_rsp ), priority=100 , match=(inport == "sw0-p1" && !is_chassis_resident("sw0-vir") && ((arp.op == 1 && arp.spa == 10.0.0.10 && arp.tpa == 10.0.0.10) || (arp.op == 2 && arp.spa == 10.0.0.10))), action=(bind_vport("sw0-vir", inport); next;)
- table=11(ls_in_arp_rsp ), priority=100 , match=(inport == "sw0-p2" && !is_chassis_resident("sw0-vir") && ((arp.op == 1 && arp.spa == 10.0.0.10 && arp.tpa == 10.0.0.10) || (arp.op == 2 && arp.spa == 10.0.0.10))), action=(bind_vport("sw0-vir", inport); next;)
+ table=11(ls_in_arp_rsp ), priority=100 , match=(inport == "sw0-p1" && ((arp.op == 1 && arp.spa == 10.0.0.10 && arp.tpa == 10.0.0.10) || (arp.op == 2 && arp.spa == 10.0.0.10))), action=(bind_vport("sw0-vir", inport); next;)
+ table=11(ls_in_arp_rsp ), priority=100 , match=(inport == "sw0-p2" && ((arp.op == 1 && arp.spa == 10.0.0.10 && arp.tpa == 10.0.0.10) || (arp.op == 2 && arp.spa == 10.0.0.10))), action=(bind_vport("sw0-vir", inport); next;)
+ table=11(ls_in_arp_rsp ), priority=100 , match=(inport == "sw0-p3" && ((arp.op == 1 && arp.spa == 10.0.0.10 && arp.tpa == 10.0.0.10) || (arp.op == 2 && arp.spa == 10.0.0.10))), action=(bind_vport("sw0-vir", inport); next;)
])
ovn-sbctl dump-flows lr0 | grep lr_in_arp_resolve | grep "reg0 == 10.0.0.10" \
@@ -14592,6 +14593,29 @@ AT_CHECK([cat lflows.txt], [0], [dnl
table=9 (lr_in_arp_resolve ), priority=100 , match=(outport == "lr0-sw0" && reg0 == 10.0.0.10), action=(eth.dst = 50:54:00:00:00:03; next;)
])
+# From sw0-p3 send GARP for 10.0.0.10. hv1 should claim sw0-vir
+# and sw0-p3 should be its virtual_parent.
+eth_src=505400000005
+eth_dst=ffffffffffff
+spa=$(ip_to_hex 10 0 0 10)
+tpa=$(ip_to_hex 10 0 0 10)
+send_garp 1 2 $eth_src $eth_dst $spa $tpa
+
+OVS_WAIT_UNTIL([test x$(ovn-sbctl --bare --columns chassis find port_binding \
+logical_port=sw0-vir) = x$hv1_ch_uuid], [0], [])
+
+OVS_WAIT_UNTIL([test x$(ovn-sbctl --bare --columns virtual_parent find port_binding \
+logical_port=sw0-vir) = xsw0-p3])
+
+ovn-sbctl dump-flows lr0 | grep lr_in_arp_resolve | grep "reg0 == 10.0.0.10" \
+> lflows.txt
+
+# There should be an arp resolve flow to resolve the virtual_ip with the
+# sw0-p2's MAC.
+AT_CHECK([cat lflows.txt], [0], [dnl
+ table=9 (lr_in_arp_resolve ), priority=100 , match=(outport == "lr0-sw0" && reg0 == 10.0.0.10), action=(eth.dst = 50:54:00:00:00:05; next;)
+])
+
# send the garp from sw0-p2 (in hv2). hv2 should claim sw0-vir
# and sw0-p2 shpuld be its virtual_parent.
eth_src=505400000004
@@ -14610,7 +14634,7 @@ ovn-sbctl dump-flows lr0 | grep lr_in_arp_resolve | grep "reg0 == 10.0.0.10" \
> lflows.txt
# There should be an arp resolve flow to resolve the virtual_ip with the
-# sw0-p2's MAC.
+# sw0-p3's MAC.
AT_CHECK([cat lflows.txt], [0], [dnl
table=9 (lr_in_arp_resolve ), priority=100 , match=(outport == "lr0-sw0" && reg0 == 10.0.0.10), action=(eth.dst = 50:54:00:00:00:04; next;)
])
@@ -14655,7 +14679,7 @@ AT_CHECK([cat lflows.txt], [0], [dnl
])
# Now send arp reply from sw0-p2. hv2 should claim sw0-vir
-# and sw0-p2 shpuld be its virtual_parent.
+# and sw0-p2 should be its virtual_parent.
eth_src=505400000004
eth_dst=ffffffffffff
spa=$(ip_to_hex 10 0 0 10)
@@ -14698,7 +14722,8 @@ ovn-nbctl --wait=hv set logical_switch_port sw0-vir options:virtual-ip=10.0.0.10
ovn-sbctl dump-flows sw0 | grep ls_in_arp_rsp | grep bind_vport > lflows.txt
AT_CHECK([cat lflows.txt], [0], [dnl
- table=11(ls_in_arp_rsp ), priority=100 , match=(inport == "sw0-p1" && !is_chassis_resident("sw0-vir") && ((arp.op == 1 && arp.spa == 10.0.0.10 && arp.tpa == 10.0.0.10) || (arp.op == 2 && arp.spa == 10.0.0.10))), action=(bind_vport("sw0-vir", inport); next;)
+ table=11(ls_in_arp_rsp ), priority=100 , match=(inport == "sw0-p1" && ((arp.op == 1 && arp.spa == 10.0.0.10 && arp.tpa == 10.0.0.10) || (arp.op == 2 && arp.spa == 10.0.0.10))), action=(bind_vport("sw0-vir", inport); next;)
+ table=11(ls_in_arp_rsp ), priority=100 , match=(inport == "sw0-p3" && ((arp.op == 1 && arp.spa == 10.0.0.10 && arp.tpa == 10.0.0.10) || (arp.op == 2 && arp.spa == 10.0.0.10))), action=(bind_vport("sw0-vir", inport); next;)
])
ovn-nbctl --wait=hv remove logical_switch_port sw0-vir options virtual-parents
From patchwork Tue Apr 7 11:04:00 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Dumitru Ceara
X-Patchwork-Id: 1267356
Return-Path:
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized)
smtp.mailfrom=openvswitch.org (client-ip=140.211.166.133;
helo=hemlock.osuosl.org;
envelope-from=ovs-dev-bounces@openvswitch.org;
receiver=)
Authentication-Results: ozlabs.org;
dmarc=fail (p=none dis=none) header.from=redhat.com
Authentication-Results: ozlabs.org;
dkim=fail reason="signature verification failed" (1024-bit key;
unprotected) header.d=redhat.com header.i=@redhat.com
header.a=rsa-sha256 header.s=mimecast20190719
header.b=DX+b3+ur; dkim-atps=neutral
Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
bits)) (No client certificate requested)
by ozlabs.org (Postfix) with ESMTPS id 48xPgL3bJlz9sSr
for ;
Tue, 7 Apr 2020 21:04:30 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
by hemlock.osuosl.org (Postfix) with ESMTP id E9F3088031;
Tue, 7 Apr 2020 11:04:28 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from hemlock.osuosl.org ([127.0.0.1])
by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id QRRceCevoUaY; Tue, 7 Apr 2020 11:04:28 +0000 (UTC)
Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56])
by hemlock.osuosl.org (Postfix) with ESMTP id 2359887F92;
Tue, 7 Apr 2020 11:04:28 +0000 (UTC)
Received: from lf-lists.osuosl.org (localhost [127.0.0.1])
by lists.linuxfoundation.org (Postfix) with ESMTP id 0BE3AC0177;
Tue, 7 Apr 2020 11:04:28 +0000 (UTC)
X-Original-To: dev@openvswitch.org
Delivered-To: ovs-dev@lists.linuxfoundation.org
Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136])
by lists.linuxfoundation.org (Postfix) with ESMTP id 197BBC0177
for ; Tue, 7 Apr 2020 11:04:27 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by silver.osuosl.org (Postfix) with ESMTP id F0E6222011
for ; Tue, 7 Apr 2020 11:04:26 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from silver.osuosl.org ([127.0.0.1])
by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id hVn2uRxjGEwy for ;
Tue, 7 Apr 2020 11:04:18 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com
[205.139.110.61])
by silver.osuosl.org (Postfix) with ESMTPS id 8FD462210F
for ; Tue, 7 Apr 2020 11:04:15 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1586257454;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=dfE0cRojASYQWVWVP8CQ6BwdRaNklkBYLuJ31gnl2To=;
b=DX+b3+ur0pJkku0nxP17xEl1lApmmUaopC+05D34wfouM1IlzrQar99TXOvi4eHAcIgvw5
cMf/ei6sQrFIXUxeFNz27tLhfp6f13CQQJzqLbVA6hzgyiarb0SALstWYU2tQ+FBMZ/Fy5
RxsCCr/WO0kvy4ViCKFwv3zV+/UFkGk=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-60-KFOlbrlkNDimuiMqDQEWGA-1; Tue, 07 Apr 2020 07:04:04 -0400
X-MC-Unique: KFOlbrlkNDimuiMqDQEWGA-1
Received: from smtp.corp.redhat.com
(int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 33A7B13F7;
Tue, 7 Apr 2020 11:04:03 +0000 (UTC)
Received: from dceara.remote.csb (ovpn-114-88.ams2.redhat.com [10.36.114.88])
by smtp.corp.redhat.com (Postfix) with ESMTP id 6FE47D766D;
Tue, 7 Apr 2020 11:04:02 +0000 (UTC)
From: Dumitru Ceara
To: dev@openvswitch.org
Date: Tue, 7 Apr 2020 13:04:00 +0200
Message-Id: <20200407110352.7801.19403.stgit@dceara.remote.csb>
In-Reply-To: <20200407110242.7801.52004.stgit@dceara.remote.csb>
References: <20200407110242.7801.52004.stgit@dceara.remote.csb>
User-Agent: StGit/0.17.1-dirty
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Subject: [ovs-dev] [PATCH branch-2.12 3/4] ovn-controller: Fix potential
segfault with "virtual" port bindings.
X-BeenThere: ovs-dev@openvswitch.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id:
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Errors-To: ovs-dev-bounces@openvswitch.org
Sender: "dev"
Even though ovn-controller tries to set port_binding->chassis to NULL
every time port_binding->virtual_parent is set to NULL for bindings of
type="virtual", there's no way to enforce that an operator doesn't
manually clear the "virtual_parent" column in the Southbound database.
In such scenario ovn-controller would crash because of trying to
dereference the NULL port_binding->virtual_parent column.
Add an extra check and release "virtual" port bindings that have
"virtual_parent" NULL.
Reported-at: https://bugzilla.redhat.com/1818844
CC: Numan Siddique
Fixes: 054f4c85c413 ("Add a new logical switch port type - 'virtual'")
Signed-off-by: Dumitru Ceara
Signed-off-by: Numan Siddique
(cherry picked from OVN commit 1d0c6732d0e49f7f89f5e6a00ac9cdf6d3117e8d)
---
ovn/controller/binding.c | 26 +++++++++++++++-----------
tests/ovn.at | 18 ++++++++++++++++++
2 files changed, 33 insertions(+), 11 deletions(-)
diff --git a/ovn/controller/binding.c b/ovn/controller/binding.c
index ef8445f..3f411f0 100644
--- a/ovn/controller/binding.c
+++ b/ovn/controller/binding.c
@@ -610,22 +610,26 @@ consider_local_virtual_port(struct ovsdb_idl_index *sbrec_port_binding_by_name,
const struct sbrec_chassis *chassis_rec,
const struct sbrec_port_binding *binding_rec)
{
+ if (binding_rec->virtual_parent) {
+ const struct sbrec_port_binding *parent =
+ lport_lookup_by_name(sbrec_port_binding_by_name,
+ binding_rec->virtual_parent);
+ if (parent && parent->chassis == chassis_rec) {
+ return;
+ }
+ }
+
/* pinctrl module takes care of binding the ports of type 'virtual'.
* Release such ports if their virtual parents are no longer claimed by
* this chassis.
*/
- const struct sbrec_port_binding *parent =
- lport_lookup_by_name(sbrec_port_binding_by_name,
- binding_rec->virtual_parent);
- if (!parent || parent->chassis != chassis_rec) {
- VLOG_INFO("Releasing lport %s from this chassis.",
- binding_rec->logical_port);
- if (binding_rec->encap) {
- sbrec_port_binding_set_encap(binding_rec, NULL);
- }
- sbrec_port_binding_set_chassis(binding_rec, NULL);
- sbrec_port_binding_set_virtual_parent(binding_rec, NULL);
+ VLOG_INFO("Releasing lport %s from this chassis.",
+ binding_rec->logical_port);
+ if (binding_rec->encap) {
+ sbrec_port_binding_set_encap(binding_rec, NULL);
}
+ sbrec_port_binding_set_chassis(binding_rec, NULL);
+ sbrec_port_binding_set_virtual_parent(binding_rec, NULL);
}
static void
diff --git a/tests/ovn.at b/tests/ovn.at
index e8125cc..fc76927 100644
--- a/tests/ovn.at
+++ b/tests/ovn.at
@@ -14593,6 +14593,24 @@ AT_CHECK([cat lflows.txt], [0], [dnl
table=9 (lr_in_arp_resolve ), priority=100 , match=(outport == "lr0-sw0" && reg0 == 10.0.0.10), action=(eth.dst = 50:54:00:00:00:03; next;)
])
+# Forcibly clear virtual_parent. ovn-controller should release the binding
+# gracefully.
+pb_uuid=$(ovn-sbctl --bare --columns _uuid find port_binding logical_port=sw0-vir)
+ovn-sbctl clear port_binding $pb_uuid virtual_parent
+
+OVS_WAIT_UNTIL([test x$(ovn-sbctl --bare --columns chassis find port_binding \
+logical_port=sw0-vir) = x])
+
+# From sw0-p0 resend GARP for 10.0.0.10. hv1 should reclaim sw0-vir
+# and sw0-p1 should be its virtual_parent.
+send_garp 1 1 $eth_src $eth_dst $spa $tpa
+
+OVS_WAIT_UNTIL([test x$(ovn-sbctl --bare --columns chassis find port_binding \
+logical_port=sw0-vir) = x$hv1_ch_uuid], [0], [])
+
+AT_CHECK([test x$(ovn-sbctl --bare --columns virtual_parent find port_binding \
+logical_port=sw0-vir) = xsw0-p1])
+
# From sw0-p3 send GARP for 10.0.0.10. hv1 should claim sw0-vir
# and sw0-p3 should be its virtual_parent.
eth_src=505400000005
From patchwork Tue Apr 7 11:04:12 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Dumitru Ceara
X-Patchwork-Id: 1267355
Return-Path:
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized)
smtp.mailfrom=openvswitch.org (client-ip=140.211.166.136;
helo=silver.osuosl.org;
envelope-from=ovs-dev-bounces@openvswitch.org;
receiver=)
Authentication-Results: ozlabs.org;
dmarc=fail (p=none dis=none) header.from=redhat.com
Authentication-Results: ozlabs.org;
dkim=fail reason="signature verification failed" (1024-bit key;
unprotected) header.d=redhat.com header.i=@redhat.com
header.a=rsa-sha256 header.s=mimecast20190719
header.b=cBtHEL92; dkim-atps=neutral
Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
bits)) (No client certificate requested)
by ozlabs.org (Postfix) with ESMTPS id 48xPgK2lQ6z9sSq
for ;
Tue, 7 Apr 2020 21:04:29 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
by silver.osuosl.org (Postfix) with ESMTP id CF6C522177;
Tue, 7 Apr 2020 11:04:27 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from silver.osuosl.org ([127.0.0.1])
by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id Ts-joIxpfyPn; Tue, 7 Apr 2020 11:04:24 +0000 (UTC)
Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56])
by silver.osuosl.org (Postfix) with ESMTP id 7BB1520486;
Tue, 7 Apr 2020 11:04:24 +0000 (UTC)
Received: from lf-lists.osuosl.org (localhost [127.0.0.1])
by lists.linuxfoundation.org (Postfix) with ESMTP id 60AAAC1AE2;
Tue, 7 Apr 2020 11:04:24 +0000 (UTC)
X-Original-To: dev@openvswitch.org
Delivered-To: ovs-dev@lists.linuxfoundation.org
Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133])
by lists.linuxfoundation.org (Postfix) with ESMTP id 8E01DC0177
for ; Tue, 7 Apr 2020 11:04:22 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by hemlock.osuosl.org (Postfix) with ESMTP id 7C35A87E62
for ; Tue, 7 Apr 2020 11:04:22 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from hemlock.osuosl.org ([127.0.0.1])
by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id ath+PxUOi9-Q for ;
Tue, 7 Apr 2020 11:04:22 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com
[205.139.110.61])
by hemlock.osuosl.org (Postfix) with ESMTPS id D002F879A3
for ; Tue, 7 Apr 2020 11:04:21 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1586257460;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=VAXl1NBasWC7TRLdtXL63dKhrRxeKcCTrkqTtma38kI=;
b=cBtHEL92A8Et5CVvLKr3ptxeXp8OqlD6EFbIK2YdItiLgqrxhstv8fSbLiDmoZIZBNoB2Y
KNeAWEr6OXeQfAEKK7Ub4WpRGEGRp/oyN1aqQw4W78VwgRAvLdt9BJ+0WamgsWzSNPqxD8
OxxL1f14RZ0oGth9LAz4wkoTvFeF80E=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-318-66YuIBA7N_uKz0UU8rBz4A-1; Tue, 07 Apr 2020 07:04:16 -0400
X-MC-Unique: 66YuIBA7N_uKz0UU8rBz4A-1
Received: from smtp.corp.redhat.com
(int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id C463913F7;
Tue, 7 Apr 2020 11:04:15 +0000 (UTC)
Received: from dceara.remote.csb (ovpn-114-88.ams2.redhat.com [10.36.114.88])
by smtp.corp.redhat.com (Postfix) with ESMTP id 1E342C0D84;
Tue, 7 Apr 2020 11:04:14 +0000 (UTC)
From: Dumitru Ceara
To: dev@openvswitch.org
Date: Tue, 7 Apr 2020 13:04:12 +0200
Message-Id: <20200407110408.7801.39822.stgit@dceara.remote.csb>
In-Reply-To: <20200407110242.7801.52004.stgit@dceara.remote.csb>
References: <20200407110242.7801.52004.stgit@dceara.remote.csb>
User-Agent: StGit/0.17.1-dirty
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Subject: [ovs-dev] [PATCH branch-2.12 4/4] ovn-controller: Skip vport
bindings done through OVS external_ids:iface-id.
X-BeenThere: ovs-dev@openvswitch.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id:
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Errors-To: ovs-dev-bounces@openvswitch.org
Sender: "dev"
Port bindings of type "virtual" should not have an associated OVS port
in the integration bridge. If this is the case, it's a misconfig and
ovn-controller should ignore it.
If such a situation is detected, ovn-controller will also log a warning
message to inform the user about the wrong configuration.
Reported-at: https://bugzilla.redhat.com/1818844
CC: Numan Siddique
Fixes: 054f4c85c413 ("Add a new logical switch port type - 'virtual'")
Signed-off-by: Dumitru Ceara
Signed-off-by: Numan Siddique
(cherry picked from OVN commit 1cadfb515124e6bf394c4e22a459ed7722c7a0d5)
---
ovn/controller/binding.c | 12 ++++++++++++
tests/ovn.at | 20 ++++++++++++++++++++
2 files changed, 32 insertions(+)
diff --git a/ovn/controller/binding.c b/ovn/controller/binding.c
index 3f411f0..32018cd 100644
--- a/ovn/controller/binding.c
+++ b/ovn/controller/binding.c
@@ -435,6 +435,18 @@ is_our_chassis(const struct sbrec_chassis *chassis_rec,
const struct ovsrec_interface *iface_rec
= shash_find_data(lport_to_iface, binding_rec->logical_port);
+ /* Ports of type "virtual" should never be explicitly bound to an OVS
+ * port in the integration bridge. If that's the case, ignore the binding
+ * and log a warning.
+ */
+ if (iface_rec && !strcmp(binding_rec->type, "virtual")) {
+ static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(5, 1);
+ VLOG_WARN_RL(&rl,
+ "Virtual port %s should not be bound to OVS port %s",
+ binding_rec->logical_port, iface_rec->name);
+ return false;
+ }
+
bool our_chassis = false;
if (iface_rec
|| (binding_rec->parent_port && binding_rec->parent_port[0] &&
diff --git a/tests/ovn.at b/tests/ovn.at
index fc76927..0162029 100644
--- a/tests/ovn.at
+++ b/tests/ovn.at
@@ -14477,6 +14477,11 @@ ovs-vsctl -- add-port br-int hv1-vif2 -- \
options:tx_pcap=hv1/vif2-tx.pcap \
options:rxq_pcap=hv1/vif2-rx.pcap \
ofport-request=2
+ovs-vsctl -- add-port br-int hv1-vif3 -- \
+ set interface hv1-vif3 \
+ options:tx_pcap=hv1/vif3-tx.pcap \
+ options:rxq_pcap=hv1/vif3-rx.pcap \
+ ofport-request=3
sim_add hv2
as hv2
@@ -14570,6 +14575,21 @@ logical_port=sw0-vir) = x], [0], [])
AT_CHECK([test x$(ovn-sbctl --bare --columns virtual_parent find port_binding \
logical_port=sw0-vir) = x])
+# Try to bind sw0-vir directly to an OVS port. This should be ignored by
+# ovn-controller.
+as hv1
+ovs-vsctl set interface hv1-vif3 external-ids:iface-id=sw0-vir
+
+AT_CHECK([test x$(ovn-sbctl --bare --columns chassis find port_binding \
+logical_port=sw0-vir) = x], [0], [])
+
+# Cleanup hv1-vif3.
+as hv1
+ovs-vsctl del-port hv1-vif3
+
+AT_CHECK([test x$(ovn-sbctl --bare --columns chassis find port_binding \
+logical_port=sw0-vir) = x], [0], [])
+
# From sw0-p0 send GARP for 10.0.0.10. hv1 should claim sw0-vir
# and sw0-p1 should be its virtual_parent.
eth_src=505400000003