From patchwork Tue Nov 9 22:29:55 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Valerio X-Patchwork-Id: 1553183 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=SrgsBWRA; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::136; helo=smtp3.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Received: from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HpjNH5lbyz9sPf for ; Wed, 10 Nov 2021 09:30:07 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 83CEC608F4; Tue, 9 Nov 2021 22:30:05 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yImqGJ77ZyoO; Tue, 9 Nov 2021 22:30:04 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [IPv6:2605:bc80:3010:104::8cd3:938]) by smtp3.osuosl.org (Postfix) with ESMTPS id B4DF0608EC; Tue, 9 Nov 2021 22:30:03 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 7F033C0012; Tue, 9 Nov 2021 22:30:03 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 57F66C000E for ; Tue, 9 Nov 2021 22:30:02 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 44486401B1 for ; Tue, 9 Nov 2021 22:30:02 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp2.osuosl.org (amavisd-new); dkim=pass (1024-bit key) header.d=redhat.com Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q7-mxOdM9cXu for ; Tue, 9 Nov 2021 22:30:01 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by smtp2.osuosl.org (Postfix) with ESMTPS id 58722403CD for ; Tue, 9 Nov 2021 22:30:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1636496999; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=OuFf0D93tTmnCQO6B0dC4xS65tTvdFbbOTKY0bGugtY=; b=SrgsBWRA5WeBZJvskmGEpj+i61JfZY3PFfK16aLrfb4cR61ZKjOC3jObDnj8EnFEsL6fQ0 Z5Nd9bU3qEa0hWLKXY97G/kTfkpehKJgmcQzcBBJxpCqaziP+RmbPVdjXaXOPXQyaTT9y1 iqpglEV/oZnblhNHj7g+A0Sg4HbIryQ= Received: from mail-wr1-f71.google.com (mail-wr1-f71.google.com [209.85.221.71]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-600-TZU7-u1HOiKx7ZRQl1fFdg-1; Tue, 09 Nov 2021 17:29:58 -0500 X-MC-Unique: TZU7-u1HOiKx7ZRQl1fFdg-1 Received: by mail-wr1-f71.google.com with SMTP id y4-20020adfd084000000b00186b16950f3so39119wrh.14 for ; Tue, 09 Nov 2021 14:29:58 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:subject:from:to:cc:date:message-id:in-reply-to :references:user-agent:mime-version:content-transfer-encoding; bh=OuFf0D93tTmnCQO6B0dC4xS65tTvdFbbOTKY0bGugtY=; b=QiTNOgqfTOZiIKzIm/LJ2HJfuMjIpJbntc1Bjb+04fswm5C/XdAO8Pv3WIHqWvwgVK 8TG7qEhH1Aa0FJjqlOsOfYMzdwDhB0Mb1odEbOKEDhN6hQoCtU0f3EfuWId7NRqFqhaF 0cGrV++VKknp6PJ/LfQdrAhqtn+gCPHmJk3lapZtg8dm3HEwrQfNjOI766/Xar+Ha5Qn KWDQ6DJPcLFL24KrOLVfSTAQJQyS/ZAT4S4aaGvTkAoQiwB8hajpgJoamZr0SiZpO6tV lWZRdJKnqyXMlP2JdF0wAaq0obmi+RPq6rimRnbI1V4/5Maoxo/bG7rLwskbJWnOTilC PM2w== X-Gm-Message-State: AOAM532DP9f8ooYSouLoPvf//FeoYfGByqrVUE8mKUW4ThPkLWR/8SDd CenvBNKm5/smO9ZXBaMtVd9zxwuRUMkob7PMRSpYnG0nmZ71Ys5XGEcHc57mKugDtLnFTsuSD8r YhJXQhDiuQtvFZBJQMcYLi8UZvIyI6CXnRZAr4aHWgJqfD/HwCVaW+uzStnyt28ls X-Received: by 2002:a5d:530e:: with SMTP id e14mr13849787wrv.12.1636496997131; Tue, 09 Nov 2021 14:29:57 -0800 (PST) X-Google-Smtp-Source: ABdhPJwLZRBClDKqkGg1O455AWktceGewMeyKDirmnKBk3qBBhJuhyENpSMDHAMPa9AIofZbyW2YUQ== X-Received: by 2002:a5d:530e:: with SMTP id e14mr13849760wrv.12.1636496996903; Tue, 09 Nov 2021 14:29:56 -0800 (PST) Received: from localhost (net-5-88-23-84.cust.vodafonedsl.it. [5.88.23.84]) by smtp.gmail.com with ESMTPSA id t8sm3563585wmn.44.2021.11.09.14.29.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 09 Nov 2021 14:29:56 -0800 (PST) From: Paolo Valerio To: dev@openvswitch.org Date: Tue, 09 Nov 2021 23:29:55 +0100 Message-ID: <163649699558.1456179.16443930785440726574.stgit@fed.void> In-Reply-To: <163649698390.1456179.6935508376718804388.stgit@fed.void> References: <163649698390.1456179.6935508376718804388.stgit@fed.void> User-Agent: StGit/0.23 MIME-Version: 1.0 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=pvalerio@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Cc: fbl@redhat.com, i.maximets@ovn.org Subject: [ovs-dev] [PATCH 1/4] Native tunnel: Read/write expires atomically. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" Expires is modified in different threads (revalidator, pmd-rx, bfd-tx). It's better to use atomics for such potentially parallel write. Signed-off-by: Paolo Valerio --- v2: - modified commit description - added _MS suffix to NEIGH_ENTRY_DEFAULT_IDLE_TIME - renamed local variable expired -> expires - turned relaxed load/store to acq/rel --- lib/tnl-neigh-cache.c | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) diff --git a/lib/tnl-neigh-cache.c b/lib/tnl-neigh-cache.c index 5bda4af7e..1e6cc31db 100644 --- a/lib/tnl-neigh-cache.c +++ b/lib/tnl-neigh-cache.c @@ -32,6 +32,7 @@ #include "errno.h" #include "flow.h" #include "netdev.h" +#include "ovs-atomic.h" #include "ovs-thread.h" #include "packets.h" #include "openvswitch/poll-loop.h" @@ -44,14 +45,13 @@ #include "openvswitch/vlog.h" -/* In seconds */ -#define NEIGH_ENTRY_DEFAULT_IDLE_TIME (15 * 60) +#define NEIGH_ENTRY_DEFAULT_IDLE_TIME_MS (15 * 60 * 1000) struct tnl_neigh_entry { struct cmap_node cmap_node; struct in6_addr ip; struct eth_addr mac; - time_t expires; /* Expiration time. */ + atomic_llong expires; /* Expiration time in ms. */ char br_name[IFNAMSIZ]; }; @@ -64,6 +64,16 @@ tnl_neigh_hash(const struct in6_addr *ip) return hash_bytes(ip->s6_addr, 16, 0); } +static bool +tnl_neigh_expired(struct tnl_neigh_entry *neigh) +{ + long long expires; + + atomic_read_explicit(&neigh->expires, &expires, memory_order_acquire); + + return expires <= time_msec(); +} + static struct tnl_neigh_entry * tnl_neigh_lookup__(const char br_name[IFNAMSIZ], const struct in6_addr *dst) { @@ -73,11 +83,13 @@ tnl_neigh_lookup__(const char br_name[IFNAMSIZ], const struct in6_addr *dst) hash = tnl_neigh_hash(dst); CMAP_FOR_EACH_WITH_HASH (neigh, cmap_node, hash, &table) { if (ipv6_addr_equals(&neigh->ip, dst) && !strcmp(neigh->br_name, br_name)) { - if (neigh->expires <= time_now()) { + if (tnl_neigh_expired(neigh)) { return NULL; } - neigh->expires = time_now() + NEIGH_ENTRY_DEFAULT_IDLE_TIME; + atomic_store_explicit(&neigh->expires, time_msec() + + NEIGH_ENTRY_DEFAULT_IDLE_TIME_MS, + memory_order_release); return neigh; } } @@ -121,7 +133,8 @@ tnl_neigh_set__(const char name[IFNAMSIZ], const struct in6_addr *dst, struct tnl_neigh_entry *neigh = tnl_neigh_lookup__(name, dst); if (neigh) { if (eth_addr_equals(neigh->mac, mac)) { - neigh->expires = time_now() + NEIGH_ENTRY_DEFAULT_IDLE_TIME; + atomic_store_relaxed(&neigh->expires, time_msec() + + NEIGH_ENTRY_DEFAULT_IDLE_TIME_MS); ovs_mutex_unlock(&mutex); return; } @@ -133,7 +146,8 @@ tnl_neigh_set__(const char name[IFNAMSIZ], const struct in6_addr *dst, neigh->ip = *dst; neigh->mac = mac; - neigh->expires = time_now() + NEIGH_ENTRY_DEFAULT_IDLE_TIME; + atomic_store_relaxed(&neigh->expires, time_msec() + + NEIGH_ENTRY_DEFAULT_IDLE_TIME_MS); ovs_strlcpy(neigh->br_name, name, sizeof neigh->br_name); cmap_insert(&table, &neigh->cmap_node, tnl_neigh_hash(&neigh->ip)); ovs_mutex_unlock(&mutex); @@ -208,7 +222,7 @@ tnl_neigh_cache_run(void) ovs_mutex_lock(&mutex); CMAP_FOR_EACH(neigh, cmap_node, &table) { - if (neigh->expires <= time_now()) { + if (tnl_neigh_expired(neigh)) { tnl_neigh_delete(neigh); changed = true; } @@ -319,7 +333,7 @@ tnl_neigh_cache_show(struct unixctl_conn *conn, int argc OVS_UNUSED, ds_put_format(&ds, ETH_ADDR_FMT" %s", ETH_ADDR_ARGS(neigh->mac), neigh->br_name); - if (neigh->expires <= time_now()) { + if (tnl_neigh_expired(neigh)) { ds_put_format(&ds, " STALE"); } ds_put_char(&ds, '\n'); From patchwork Tue Nov 9 22:30:02 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Valerio X-Patchwork-Id: 1553184 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=IfO0mWx3; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::137; helo=smtp4.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HpjNX1twLz9sCD for ; Wed, 10 Nov 2021 09:30:20 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id E1DCA40499; Tue, 9 Nov 2021 22:30:17 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6pqeuJh5weOb; Tue, 9 Nov 2021 22:30:15 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [IPv6:2605:bc80:3010:104::8cd3:938]) by smtp4.osuosl.org (Postfix) with ESMTPS id 8DD514046D; Tue, 9 Nov 2021 22:30:14 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 589DBC001F; Tue, 9 Nov 2021 22:30:14 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 3B3D9C0012 for ; Tue, 9 Nov 2021 22:30:13 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id E63A1608FE for ; Tue, 9 Nov 2021 22:30:10 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp3.osuosl.org (amavisd-new); dkim=pass (1024-bit key) header.d=redhat.com Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8YncLNXF78V5 for ; Tue, 9 Nov 2021 22:30:10 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by smtp3.osuosl.org (Postfix) with ESMTPS id C6070608F0 for ; Tue, 9 Nov 2021 22:30:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1636497008; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=4SEbGlGGuvOJMX5WX0fgO4M3mwRqm2zAJLpU+u4l13s=; b=IfO0mWx3SaBA68N68mrBcarT2zPSjnMIPjnqJ8va0mLokT5LCmhsHLcgXH8ZQpryAyPitd xmK35lR0Pcbcmy21/EuTK+KQ99uXqol2PThFhVPPN9RbAuZM8/L0N/kP2P0Tt7mys0kkH5 yhrdxEsMo7NSRLEcMWAgSzxaBK/ksvQ= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-155-AdAlZzQ-OmSQhSKMJkywlQ-1; Tue, 09 Nov 2021 17:30:05 -0500 X-MC-Unique: AdAlZzQ-OmSQhSKMJkywlQ-1 Received: by mail-wm1-f71.google.com with SMTP id 145-20020a1c0197000000b0032efc3eb9bcso2098657wmb.0 for ; Tue, 09 Nov 2021 14:30:04 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:subject:from:to:cc:date:message-id:in-reply-to :references:user-agent:mime-version:content-transfer-encoding; bh=4SEbGlGGuvOJMX5WX0fgO4M3mwRqm2zAJLpU+u4l13s=; b=xK7ajTsuRnAIgi/570KblQJ6R7dOgAZjQh92oAkhPoub6WLzTPA88Diya0S98tdgmB YnT9YFWm/K4jYI8xNOPDpDNvrs4rcqExWdobFIxUhgmJrINIXoOND4+IsJCkm6+bVTeV OlimFA5leBcMUTIpxBZf3KrIvCtX/+lY2oU+n2mLdmI0yO95Z0o90tqHT0/oZ3SMjYS6 DqT3A+acokMtKy+9U6CA2wjXyMHzAtExujrGu4lJLKw4wl7Hw8tGqD+aNB781AUgbze5 uOrT7+ebIwItdvSKOiCjxxoa1rqFwPmZsBqUpEIgq7gDx6hQtIRccH1i1D78Nqz74NAC eA0A== X-Gm-Message-State: AOAM530qleL3YwwjMRGoKOfUtZ4xQSjBcOhXNsEGZb7Sdug+PcR48PSy /0o48WW77P0ohpy0nEH4J8zrsWqCAfAyisqqBSP1YHkErHsgAxu+4UcoljhjqH0dQs91fmeHJPq vDuWM2J3e0nBb1H6rUXc9XJRVpttBefOrFNcoq8OeYHVoV5s11VaWQ3ixiLfnL7a/ X-Received: by 2002:a05:600c:4fcc:: with SMTP id o12mr11597187wmq.110.1636497003584; Tue, 09 Nov 2021 14:30:03 -0800 (PST) X-Google-Smtp-Source: ABdhPJys8JmW0h1Q0U21js/BOAX+fI4oZ6pCU4DliCrpLTyBt4bnuFFRpJBXSDxriYjH1nNjdKFtOQ== X-Received: by 2002:a05:600c:4fcc:: with SMTP id o12mr11597153wmq.110.1636497003216; Tue, 09 Nov 2021 14:30:03 -0800 (PST) Received: from localhost (net-5-88-23-84.cust.vodafonedsl.it. [5.88.23.84]) by smtp.gmail.com with ESMTPSA id z6sm21620211wrm.93.2021.11.09.14.30.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 09 Nov 2021 14:30:02 -0800 (PST) From: Paolo Valerio To: dev@openvswitch.org Date: Tue, 09 Nov 2021 23:30:02 +0100 Message-ID: <163649700199.1456179.5301428587335090134.stgit@fed.void> In-Reply-To: <163649698390.1456179.6935508376718804388.stgit@fed.void> References: <163649698390.1456179.6935508376718804388.stgit@fed.void> User-Agent: StGit/0.23 MIME-Version: 1.0 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=pvalerio@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Cc: fbl@redhat.com, i.maximets@ovn.org Subject: [ovs-dev] [PATCH 2/4] Native tunnel: Add tnl/neigh/aging command. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" with the command is now possible to change the aging time of the cache entries. For the existing entries the aging time is updated only if the current expiration is greater than the new one. In any case, the next refresh will set it to the new value. This is intended mostly for debugging purpose. Signed-off-by: Paolo Valerio --- v2: - fixed NEIGH_ENTRY_MAX_AGEING_TIME (turned to seconds) correcting a leftover. - turned relaxed atomics to acq/rel. - added range checks to tunnel-push-pop.at. It was useless to duplicate the test for both ipv6 and ipv4, so only the latter includes it. - slightly modified the NEWS entry. --- NEWS | 2 + lib/tnl-neigh-cache.c | 79 +++++++++++++++++++++++++++++++++++---- ofproto/ofproto-tnl-unixctl.man | 9 ++++ tests/tunnel-push-pop-ipv6.at | 30 +++++++++++++++ tests/tunnel-push-pop.at | 47 +++++++++++++++++++++++ 5 files changed, 158 insertions(+), 9 deletions(-) diff --git a/NEWS b/NEWS index 434ee570f..1aa233a0d 100644 --- a/NEWS +++ b/NEWS @@ -16,6 +16,8 @@ Post-v2.16.0 - ovs-dpctl and 'ovs-appctl dpctl/': * New commands 'cache-get-size' and 'cache-set-size' that allows to get or configure linux kernel datapath cache sizes. + - ovs-appctl: + * New command tnl/neigh/aging to read/write the neigh aging time. v2.16.0 - 16 Aug 2021 diff --git a/lib/tnl-neigh-cache.c b/lib/tnl-neigh-cache.c index 1e6cc31db..a4d56e4cc 100644 --- a/lib/tnl-neigh-cache.c +++ b/lib/tnl-neigh-cache.c @@ -46,6 +46,7 @@ #define NEIGH_ENTRY_DEFAULT_IDLE_TIME_MS (15 * 60 * 1000) +#define NEIGH_ENTRY_MAX_AGING_TIME 3600 struct tnl_neigh_entry { struct cmap_node cmap_node; @@ -57,6 +58,7 @@ struct tnl_neigh_entry { static struct cmap table = CMAP_INITIALIZER; static struct ovs_mutex mutex = OVS_MUTEX_INITIALIZER; +static atomic_uint32_t neigh_aging; static uint32_t tnl_neigh_hash(const struct in6_addr *ip) @@ -74,6 +76,15 @@ tnl_neigh_expired(struct tnl_neigh_entry *neigh) return expires <= time_msec(); } +static uint32_t +tnl_neigh_get_aging(void) +{ + unsigned int aging; + + atomic_read_explicit(&neigh_aging, &aging, memory_order_acquire); + return aging; +} + static struct tnl_neigh_entry * tnl_neigh_lookup__(const char br_name[IFNAMSIZ], const struct in6_addr *dst) { @@ -88,7 +99,7 @@ tnl_neigh_lookup__(const char br_name[IFNAMSIZ], const struct in6_addr *dst) } atomic_store_explicit(&neigh->expires, time_msec() + - NEIGH_ENTRY_DEFAULT_IDLE_TIME_MS, + tnl_neigh_get_aging(), memory_order_release); return neigh; } @@ -134,7 +145,7 @@ tnl_neigh_set__(const char name[IFNAMSIZ], const struct in6_addr *dst, if (neigh) { if (eth_addr_equals(neigh->mac, mac)) { atomic_store_relaxed(&neigh->expires, time_msec() + - NEIGH_ENTRY_DEFAULT_IDLE_TIME_MS); + tnl_neigh_get_aging()); ovs_mutex_unlock(&mutex); return; } @@ -147,7 +158,7 @@ tnl_neigh_set__(const char name[IFNAMSIZ], const struct in6_addr *dst, neigh->ip = *dst; neigh->mac = mac; atomic_store_relaxed(&neigh->expires, time_msec() + - NEIGH_ENTRY_DEFAULT_IDLE_TIME_MS); + tnl_neigh_get_aging()); ovs_strlcpy(neigh->br_name, name, sizeof neigh->br_name); cmap_insert(&table, &neigh->cmap_node, tnl_neigh_hash(&neigh->ip)); ovs_mutex_unlock(&mutex); @@ -273,6 +284,45 @@ tnl_neigh_cache_flush(struct unixctl_conn *conn, int argc OVS_UNUSED, unixctl_command_reply(conn, "OK"); } +static void +tnl_neigh_cache_aging(struct unixctl_conn *conn, int argc, + const char *argv[], void *aux OVS_UNUSED) +{ + long long int new_exp, curr_exp; + struct tnl_neigh_entry *neigh; + uint32_t aging; + + if (argc == 1) { + struct ds ds = DS_EMPTY_INITIALIZER; + ds_put_format(&ds, "%"PRIu32, tnl_neigh_get_aging() / 1000); + unixctl_command_reply(conn, ds_cstr(&ds)); + ds_destroy(&ds); + + return; + } + + if (!ovs_scan(argv[1], "%"SCNu32, &aging) || + !aging || aging > NEIGH_ENTRY_MAX_AGING_TIME) { + unixctl_command_reply_error(conn, "bad aging value"); + return; + } + + aging *= 1000; + atomic_store_explicit(&neigh_aging, aging, memory_order_release); + new_exp = time_msec() + aging; + + CMAP_FOR_EACH (neigh, cmap_node, &table) { + atomic_read_explicit(&neigh->expires, &curr_exp, + memory_order_acquire); + if (new_exp < curr_exp) { + atomic_store_explicit(&neigh->expires, new_exp, + memory_order_release); + } + } + + unixctl_command_reply(conn, "OK"); +} + static int lookup_any(const char *host_name, struct in6_addr *address) { @@ -347,10 +397,21 @@ tnl_neigh_cache_show(struct unixctl_conn *conn, int argc OVS_UNUSED, void tnl_neigh_cache_init(void) { - unixctl_command_register("tnl/arp/show", "", 0, 0, tnl_neigh_cache_show, NULL); - unixctl_command_register("tnl/arp/set", "BRIDGE IP MAC", 3, 3, tnl_neigh_cache_add, NULL); - unixctl_command_register("tnl/arp/flush", "", 0, 0, tnl_neigh_cache_flush, NULL); - unixctl_command_register("tnl/neigh/show", "", 0, 0, tnl_neigh_cache_show, NULL); - unixctl_command_register("tnl/neigh/set", "BRIDGE IP MAC", 3, 3, tnl_neigh_cache_add, NULL); - unixctl_command_register("tnl/neigh/flush", "", 0, 0, tnl_neigh_cache_flush, NULL); + atomic_init(&neigh_aging, NEIGH_ENTRY_DEFAULT_IDLE_TIME_MS); + unixctl_command_register("tnl/arp/show", "", 0, 0, + tnl_neigh_cache_show, NULL); + unixctl_command_register("tnl/arp/set", "BRIDGE IP MAC", 3, 3, + tnl_neigh_cache_add, NULL); + unixctl_command_register("tnl/arp/flush", "", 0, 0, + tnl_neigh_cache_flush, NULL); + unixctl_command_register("tnl/arp/aging", "[SECS]", 0, 1, + tnl_neigh_cache_aging, NULL); + unixctl_command_register("tnl/neigh/show", "", 0, 0, + tnl_neigh_cache_show, NULL); + unixctl_command_register("tnl/neigh/set", "BRIDGE IP MAC", 3, 3, + tnl_neigh_cache_add, NULL); + unixctl_command_register("tnl/neigh/flush", "", 0, 0, + tnl_neigh_cache_flush, NULL); + unixctl_command_register("tnl/neigh/aging", "[SECS]", 0, 1, + tnl_neigh_cache_aging, NULL); } diff --git a/ofproto/ofproto-tnl-unixctl.man b/ofproto/ofproto-tnl-unixctl.man index c70cca539..13a465119 100644 --- a/ofproto/ofproto-tnl-unixctl.man +++ b/ofproto/ofproto-tnl-unixctl.man @@ -27,6 +27,15 @@ to \fImac\fR. .IP "\fBtnl/arp/flush\fR" Flush ARP table. . +.IP "\fBtnl/neigh/aging [\fIseconds\fB]\fR" +.IP "\fBtnl/arp/aging [\fIseconds\fB]\fR" +Changes the aging time. The accepted values of \fIseconds\fR are +between 1 and 3600. The new entries will get the value as specified in +\fIseconds\fR. For the existing entries, the aging time is updated +only if the current expiration is greater than \fIseconds\fR. +.IP +If used without arguments, it prints the current aging value. +. .IP "\fBtnl/egress_port_range [num1] [num2]\fR" Set range for UDP source port used for UDP based Tunnels. For example VxLAN. If case of zero arguments this command prints diff --git a/tests/tunnel-push-pop-ipv6.at b/tests/tunnel-push-pop-ipv6.at index 59723e63b..327c0e61e 100644 --- a/tests/tunnel-push-pop-ipv6.at +++ b/tests/tunnel-push-pop-ipv6.at @@ -255,6 +255,36 @@ AT_CHECK([cat p0.pcap.txt | grep 93aa55aa55000086dd6000000000203aff2001cafe | un 3333ff000093aa55aa55000086dd6000000000203aff2001cafe000000000000000000000088ff0200000000000000000001ff00009387004d46000000002001cafe0000000000000000000000930101aa55aa550000 ]) +dnl Set the aging time to 5 seconds +AT_CHECK([ovs-appctl tnl/neigh/aging 5], [0], [OK +]) + +dnl Read the current aging time +AT_CHECK([ovs-appctl tnl/neigh/aging], [0], [5 +]) + +dnl Add an entry +AT_CHECK([ovs-appctl tnl/neigh/set br0 2001:cafe::92 aa:bb:cc:00:00:01], [0], [OK +]) + +AT_CHECK([ovs-appctl tnl/neigh/show | grep br0 | sort], [0], [dnl +2001:cafe::92 aa:bb:cc:00:00:01 br0 +]) + +ovs-appctl time/warp 5000 + +dnl Check the entry has been removed +AT_CHECK([ovs-appctl tnl/neigh/show | grep br0 | sort], [0], [dnl +]) + +dnl Restore the aging time to 900s (default) +AT_CHECK([ovs-appctl tnl/neigh/aging 900], [0], [OK +]) + +dnl Read the current aging time +AT_CHECK([ovs-appctl tnl/neigh/aging], [0], [900 +]) + dnl Check ARP Snoop AT_CHECK([ovs-appctl netdev-dummy/receive p0 'in_port(1),eth(src=f8:bc:12:44:34:c8,dst=aa:55:aa:55:00:00),eth_type(0x86dd),ipv6(src=2001:cafe::92,dst=2001:cafe::88,label=0,proto=58,tclass=0,hlimit=255,frag=no),icmpv6(type=136,code=0),nd(target=2001:cafe::92,sll=00:00:00:00:00:00,tll=f8:bc:12:44:34:c8)']) diff --git a/tests/tunnel-push-pop.at b/tests/tunnel-push-pop.at index 636465397..1f6249b20 100644 --- a/tests/tunnel-push-pop.at +++ b/tests/tunnel-push-pop.at @@ -270,6 +270,53 @@ AT_CHECK([cat p0.pcap.txt | grep 101025d | uniq], [0], [dnl ffffffffffffaa55aa55000008060001080006040001aa55aa550000010102580000000000000101025d ]) +dnl Check input range +AT_CHECK([ovs-appctl tnl/neigh/aging 0], [2], [], [dnl +bad aging value +ovs-appctl: ovs-vswitchd: server returned an error +]) + +AT_CHECK([ovs-appctl tnl/neigh/aging 3601], [2], [], [dnl +bad aging value +ovs-appctl: ovs-vswitchd: server returned an error +]) + +AT_CHECK([ovs-appctl tnl/neigh/aging 1], [0], [OK +]) + +AT_CHECK([ovs-appctl tnl/neigh/aging 3600], [0], [OK +]) + +dnl Set the aging time to 5 seconds +AT_CHECK([ovs-appctl tnl/neigh/aging 5], [0], [OK +]) + +dnl Read the current aging time +AT_CHECK([ovs-appctl tnl/neigh/aging], [0], [5 +]) + +dnl Add an entry +AT_CHECK([ovs-appctl tnl/neigh/set br0 1.1.2.92 aa:bb:cc:00:00:01], [0], [OK +]) + +AT_CHECK([ovs-appctl tnl/neigh/show | grep br0 | sort], [0], [dnl +1.1.2.92 aa:bb:cc:00:00:01 br0 +]) + +ovs-appctl time/warp 5000 + +dnl Check the entry has been removed +AT_CHECK([ovs-appctl tnl/neigh/show | grep br0 | sort], [0], [dnl +]) + +dnl Restore the aging time to 900s (default) +AT_CHECK([ovs-appctl tnl/neigh/aging 900], [0], [OK +]) + +dnl Read the current aging time +AT_CHECK([ovs-appctl tnl/neigh/aging], [0], [900 +]) + dnl Check ARP Snoop AT_CHECK([ovs-appctl netdev-dummy/receive p0 'recirc_id(0),in_port(1),eth(src=f8:bc:12:44:34:c8,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0806),arp(sip=1.1.2.92,tip=1.1.2.88,op=2,sha=f8:bc:12:44:34:c8,tha=00:00:00:00:00:00)']) From patchwork Tue Nov 9 22:30:08 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Valerio X-Patchwork-Id: 1553185 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=Q0Lm9qvw; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.136; helo=smtp3.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HpjNd6X2nz9sCD for ; Wed, 10 Nov 2021 09:30:25 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 19C36608DF; Tue, 9 Nov 2021 22:30:24 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hisX5Uuv5JTM; Tue, 9 Nov 2021 22:30:23 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp3.osuosl.org (Postfix) with ESMTPS id 4EA0A60A3B; Tue, 9 Nov 2021 22:30:22 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 180B2C0021; Tue, 9 Nov 2021 22:30:22 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138]) by lists.linuxfoundation.org (Postfix) with ESMTP id 101D7C0012 for ; Tue, 9 Nov 2021 22:30:21 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id D426B81951 for ; Tue, 9 Nov 2021 22:30:13 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp1.osuosl.org (amavisd-new); dkim=pass (1024-bit key) header.d=redhat.com Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LxDR8TFTDBi8 for ; Tue, 9 Nov 2021 22:30:13 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by smtp1.osuosl.org (Postfix) with ESMTPS id 171D98194A for ; Tue, 9 Nov 2021 22:30:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1636497012; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=EfN5swx21JRJKVcAe8vRWo3Y7K26RaYKlvCCA/wNr3I=; b=Q0Lm9qvwa7ozd2ZA5Iz5lZfZmqWJOP/dbXqksHnpuLVZnhqFJSVXGizMk1RjtMxbGsyki7 kyRhvwNhDXzanzVG2mpL9w816z8HVdXRs34gmYx0kUMnitfh0cxhr2nCGVWR1P17fnhhqt vq8T7WJEMRLEEUdZXGgP4ADZiVHmfF4= Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-247-7ETusQkrMQmIzjZEmvh-RA-1; Tue, 09 Nov 2021 17:30:11 -0500 X-MC-Unique: 7ETusQkrMQmIzjZEmvh-RA-1 Received: by mail-wr1-f69.google.com with SMTP id v17-20020adfedd1000000b0017c5e737b02so37931wro.18 for ; Tue, 09 Nov 2021 14:30:10 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:subject:from:to:cc:date:message-id:in-reply-to :references:user-agent:mime-version:content-transfer-encoding; bh=EfN5swx21JRJKVcAe8vRWo3Y7K26RaYKlvCCA/wNr3I=; b=o1bhDH9+aIr6KDsE4FWaLRrdRREes9CvE5zOO0eEgcJPrrFw8T7yNXUpPdRNoj46wt m+zLfOc6B9wJvIjeDd701RNn4W/pwUzBQaIoq9s297tTJoNzUCxTqBy/0i/rYpwrWQTj peMPWUJkvF64fW6e+ehfDHlB5I9VtVaJ0HA13qbWGv/U1FNbfp19RKzRaD662kxYPCZe 9ivPDhJr8vTqQZJfIwUiNhzzFo4cAFznP5MU4JhrBjCjSWpvA9WuJSBFhGwpnthMniZ/ +eCbNNR7tvMDI3D0V1RVFJZnGESU6jvYqjb7CeNa8LMloc8F+HdmE4ez76+uKBWSrzPc U8kQ== X-Gm-Message-State: AOAM533ZnJBl9fliss7B3xRLJppUTxgPDNcICok6TAJgbUXM5f9wSgbG 6lPi7N3TAFynxrnibcjrvGRII9IfTHR6Roq3Ahyf0yK0CttfFbIbb7K5c1Uoc7MgkT5dmC6t1TV 0n2hn94zhjuuBGgAT2iekI9IwvLxih7aA9o98tHiQb+ea1Lw/c8NL8XUc4QO18e+4 X-Received: by 2002:a1c:cc0f:: with SMTP id h15mr11362221wmb.37.1636497009620; Tue, 09 Nov 2021 14:30:09 -0800 (PST) X-Google-Smtp-Source: ABdhPJwkCr0BuLORWXDZtMWrWu44HKkdDS7XvrarcJr/FQyNW4c3tJl7lZrhM6PuksZC7tGwyAIPDQ== X-Received: by 2002:a1c:cc0f:: with SMTP id h15mr11362186wmb.37.1636497009358; Tue, 09 Nov 2021 14:30:09 -0800 (PST) Received: from localhost (net-5-88-23-84.cust.vodafonedsl.it. [5.88.23.84]) by smtp.gmail.com with ESMTPSA id h1sm3769631wmb.7.2021.11.09.14.30.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 09 Nov 2021 14:30:09 -0800 (PST) From: Paolo Valerio To: dev@openvswitch.org Date: Tue, 09 Nov 2021 23:30:08 +0100 Message-ID: <163649700835.1456179.5887498794534040460.stgit@fed.void> In-Reply-To: <163649698390.1456179.6935508376718804388.stgit@fed.void> References: <163649698390.1456179.6935508376718804388.stgit@fed.void> User-Agent: StGit/0.23 MIME-Version: 1.0 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=pvalerio@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Cc: fbl@redhat.com, i.maximets@ovn.org Subject: [ovs-dev] [PATCH 3/4] Native tunnel: Do not refresh the entry while revalidating. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" This is a minor issue but visible e.g. when you try to flush the neigh cache while the ARP flow is still present in the datapath, triggering the revalidation of the datapath flows which subsequently refreshes/adds the entry in the cache. Signed-off-by: Paolo Valerio --- v2: - renamed update -> allow_update --- lib/tnl-neigh-cache.c | 20 +++++++++++++------- lib/tnl-neigh-cache.h | 2 +- ofproto/ofproto-dpif-xlate.c | 3 ++- 3 files changed, 16 insertions(+), 9 deletions(-) diff --git a/lib/tnl-neigh-cache.c b/lib/tnl-neigh-cache.c index a4d56e4cc..5f2d4be75 100644 --- a/lib/tnl-neigh-cache.c +++ b/lib/tnl-neigh-cache.c @@ -174,7 +174,7 @@ tnl_arp_set(const char name[IFNAMSIZ], ovs_be32 dst, static int tnl_arp_snoop(const struct flow *flow, struct flow_wildcards *wc, - const char name[IFNAMSIZ]) + const char name[IFNAMSIZ], bool allow_update) { /* Snoop normal ARP replies and gratuitous ARP requests/replies only */ if (!is_arp(flow) @@ -184,13 +184,17 @@ tnl_arp_snoop(const struct flow *flow, struct flow_wildcards *wc, return EINVAL; } - tnl_arp_set(name, FLOW_WC_GET_AND_MASK_WC(flow, wc, nw_src), flow->arp_sha); + memset(&wc->masks.nw_src, 0xff, sizeof wc->masks.nw_src); + + if (allow_update) { + tnl_arp_set(name, flow->nw_src, flow->arp_sha); + } return 0; } static int tnl_nd_snoop(const struct flow *flow, struct flow_wildcards *wc, - const char name[IFNAMSIZ]) + const char name[IFNAMSIZ], bool allow_update) { if (!is_nd(flow, wc) || flow->tp_src != htons(ND_NEIGHBOR_ADVERT)) { return EINVAL; @@ -209,20 +213,22 @@ tnl_nd_snoop(const struct flow *flow, struct flow_wildcards *wc, memset(&wc->masks.ipv6_dst, 0xff, sizeof wc->masks.ipv6_dst); memset(&wc->masks.nd_target, 0xff, sizeof wc->masks.nd_target); - tnl_neigh_set__(name, &flow->nd_target, flow->arp_tha); + if (allow_update) { + tnl_neigh_set__(name, &flow->nd_target, flow->arp_tha); + } return 0; } int tnl_neigh_snoop(const struct flow *flow, struct flow_wildcards *wc, - const char name[IFNAMSIZ]) + const char name[IFNAMSIZ], bool allow_update) { int res; - res = tnl_arp_snoop(flow, wc, name); + res = tnl_arp_snoop(flow, wc, name, allow_update); if (res != EINVAL) { return res; } - return tnl_nd_snoop(flow, wc, name); + return tnl_nd_snoop(flow, wc, name, allow_update); } void diff --git a/lib/tnl-neigh-cache.h b/lib/tnl-neigh-cache.h index e4b42b059..59804ea3e 100644 --- a/lib/tnl-neigh-cache.h +++ b/lib/tnl-neigh-cache.h @@ -32,7 +32,7 @@ #include "util.h" int tnl_neigh_snoop(const struct flow *flow, struct flow_wildcards *wc, - const char dev_name[IFNAMSIZ]); + const char dev_name[IFNAMSIZ], bool allow_update); int tnl_neigh_lookup(const char dev_name[IFNAMSIZ], const struct in6_addr *dst, struct eth_addr *mac); void tnl_neigh_cache_init(void); diff --git a/ofproto/ofproto-dpif-xlate.c b/ofproto/ofproto-dpif-xlate.c index 9d336bc6a..9cf414ee8 100644 --- a/ofproto/ofproto-dpif-xlate.c +++ b/ofproto/ofproto-dpif-xlate.c @@ -4097,7 +4097,8 @@ terminate_native_tunnel(struct xlate_ctx *ctx, struct flow *flow, (flow->dl_type == htons(ETH_TYPE_ARP) || flow->nw_proto == IPPROTO_ICMPV6) && is_neighbor_reply_correct(ctx, flow)) { - tnl_neigh_snoop(flow, wc, ctx->xbridge->name); + tnl_neigh_snoop(flow, wc, ctx->xbridge->name, + ctx->xin->allow_side_effects); } } From patchwork Tue Nov 9 22:30:14 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Valerio X-Patchwork-Id: 1553186 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=Je0XS6JF; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::138; helo=smtp1.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Received: from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HpjNy0JDtz9sCD for ; Wed, 10 Nov 2021 09:30:41 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id B0CBA81A29; Tue, 9 Nov 2021 22:30:39 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hKehqvpBSonk; Tue, 9 Nov 2021 22:30:38 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp1.osuosl.org (Postfix) with ESMTPS id B1C3381985; Tue, 9 Nov 2021 22:30:37 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 86B76C000E; Tue, 9 Nov 2021 22:30:37 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138]) by lists.linuxfoundation.org (Postfix) with ESMTP id 10BC3C000E for ; Tue, 9 Nov 2021 22:30:36 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id DE9EC81959 for ; Tue, 9 Nov 2021 22:30:20 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KmawS6R-Jfb2 for ; Tue, 9 Nov 2021 22:30:20 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by smtp1.osuosl.org (Postfix) with ESMTPS id D9EB3819B8 for ; Tue, 9 Nov 2021 22:30:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1636497018; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=5wgjYxBvmlE/aFbBvRqROM0cgRl1RoyTv2dlK/qXr3s=; b=Je0XS6JFmL6r5MHBU4np5gKiaHfTJoTynAzY0nk+KhzgYYE6RzCcpP6HN3tznxmh+mXMEh aKRijgJW/xHSwSyLzom8LikZT6J3l5oqDlVekw4/2NLXTG5hxqYFUzisIXWaKewnU56pAi SS07TNpzsJdtdrwKJXFFosudUyUeFVk= Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-452-lSuZhtPGM2Wz-cTJpIiAsA-1; Tue, 09 Nov 2021 17:30:17 -0500 X-MC-Unique: lSuZhtPGM2Wz-cTJpIiAsA-1 Received: by mail-wm1-f72.google.com with SMTP id 145-20020a1c0197000000b0032efc3eb9bcso2098966wmb.0 for ; Tue, 09 Nov 2021 14:30:17 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:subject:from:to:cc:date:message-id:in-reply-to :references:user-agent:mime-version:content-transfer-encoding; bh=5wgjYxBvmlE/aFbBvRqROM0cgRl1RoyTv2dlK/qXr3s=; b=CEvLbaDVpZ7Vf/IGAgoSyh8E26cCWK2nov41HSLoHgrAaneo37A7zHEl5EHlXP+lJ6 d2XIaS7L3WP9BHvVzT06AVqDGzpv+jQZPUJfkNqZZ2nmHJ9QczDWSv+BsJlBH8R2eIbT nX922fF/nUkTC6cbNQX/wM+furrsVzNbx/4G+Sq5+ij0rrKqaQ4WP/2n2GfAp0ZmMGm0 qxFBSWWoI2j2h+YCPNx2tGqmq59km4T24TUKTCHQCI8nMjUKAlJuv/c+uCEQe/Xaxf53 GG3UCeRlt5mIMxtBx3Ncy1AqlljXHg5v/fNXI+OkxUgMWsKGrXG/RO5h/QfrylTf9yhF Ck4g== X-Gm-Message-State: AOAM530AXdIP9Jpz9uwKCeXoDAkndEe4sI9bMAcmNWUM7E69CObMaw/A DDRFARQKzVbTg5hdAcn4qu1eE48GqCsmR9r2KwYzicPD3CkZPCNhIRFpakKPPqxtBJ5kHKeFpvp bX2r09gl+qmHixifNQCIQACbLC0eTSrSWYhhALGMib3H3QUXk/BDoY3wHC/wFdWxR X-Received: by 2002:adf:ec90:: with SMTP id z16mr14316525wrn.247.1636497015835; Tue, 09 Nov 2021 14:30:15 -0800 (PST) X-Google-Smtp-Source: ABdhPJxpKf34Omrvl1tL6r2IdDTaVz4XIArxMF7Tg+Fpwz9tZFtbG7VkjqtR2Rjbid3CBkpsxdbNwA== X-Received: by 2002:adf:ec90:: with SMTP id z16mr14316475wrn.247.1636497015466; Tue, 09 Nov 2021 14:30:15 -0800 (PST) Received: from localhost (net-5-88-23-84.cust.vodafonedsl.it. [5.88.23.84]) by smtp.gmail.com with ESMTPSA id h3sm20967733wrv.69.2021.11.09.14.30.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 09 Nov 2021 14:30:15 -0800 (PST) From: Paolo Valerio To: dev@openvswitch.org Date: Tue, 09 Nov 2021 23:30:14 +0100 Message-ID: <163649701444.1456179.17563123632140577500.stgit@fed.void> In-Reply-To: <163649698390.1456179.6935508376718804388.stgit@fed.void> References: <163649698390.1456179.6935508376718804388.stgit@fed.void> User-Agent: StGit/0.23 MIME-Version: 1.0 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=pvalerio@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Cc: fbl@redhat.com, i.maximets@ovn.org Subject: [ovs-dev] [PATCH 4/4] Tunnel: Snoop ingress packets and update neigh cache if needed. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" In case of native tunnel with bfd enabled, if the MAC address of the remote end's interface changes (e.g. because it got rebooted, and the MAC address is allocated dynamically), the BFD session will never be re-established. This happens because the local tunnel neigh entry doesn't get updated, and the local end keeps sending BFD packets with the old destination MAC address. This was not an issue until b23ddcc57d41 ("tnl-neigh-cache: tighten arp and nd snooping.") because ARP requests were snooped as well avoiding the problem. Fix this by snooping the incoming packets in the slow path, and updating the neigh cache accordingly. Signed-off-by: Paolo Valerio Fixes: b23ddcc57d41 ("tnl-neigh-cache: tighten arp and nd snooping.") Acked-by: Gaetan Rivet --- v2: - fixed typo in the commit description - added Acked-by tag (Gaetan) --- lib/tnl-neigh-cache.c | 12 ++++++------ lib/tnl-neigh-cache.h | 2 ++ ofproto/ofproto-dpif-xlate.c | 14 ++++++++++++++ tests/tunnel-push-pop-ipv6.at | 36 ++++++++++++++++++++++++++++++++++++ tests/tunnel-push-pop.at | 35 +++++++++++++++++++++++++++++++++++ 5 files changed, 93 insertions(+), 6 deletions(-) diff --git a/lib/tnl-neigh-cache.c b/lib/tnl-neigh-cache.c index 5f2d4be75..caff2d6dd 100644 --- a/lib/tnl-neigh-cache.c +++ b/lib/tnl-neigh-cache.c @@ -136,9 +136,9 @@ tnl_neigh_delete(struct tnl_neigh_entry *neigh) ovsrcu_postpone(neigh_entry_free, neigh); } -static void -tnl_neigh_set__(const char name[IFNAMSIZ], const struct in6_addr *dst, - const struct eth_addr mac) +void +tnl_neigh_set(const char name[IFNAMSIZ], const struct in6_addr *dst, + const struct eth_addr mac) { ovs_mutex_lock(&mutex); struct tnl_neigh_entry *neigh = tnl_neigh_lookup__(name, dst); @@ -169,7 +169,7 @@ tnl_arp_set(const char name[IFNAMSIZ], ovs_be32 dst, const struct eth_addr mac) { struct in6_addr dst6 = in6_addr_mapped_ipv4(dst); - tnl_neigh_set__(name, &dst6, mac); + tnl_neigh_set(name, &dst6, mac); } static int @@ -214,7 +214,7 @@ tnl_nd_snoop(const struct flow *flow, struct flow_wildcards *wc, memset(&wc->masks.nd_target, 0xff, sizeof wc->masks.nd_target); if (allow_update) { - tnl_neigh_set__(name, &flow->nd_target, flow->arp_tha); + tnl_neigh_set(name, &flow->nd_target, flow->arp_tha); } return 0; } @@ -364,7 +364,7 @@ tnl_neigh_cache_add(struct unixctl_conn *conn, int argc OVS_UNUSED, return; } - tnl_neigh_set__(br_name, &ip6, mac); + tnl_neigh_set(br_name, &ip6, mac); unixctl_command_reply(conn, "OK"); } diff --git a/lib/tnl-neigh-cache.h b/lib/tnl-neigh-cache.h index 59804ea3e..877bca312 100644 --- a/lib/tnl-neigh-cache.h +++ b/lib/tnl-neigh-cache.h @@ -33,6 +33,8 @@ int tnl_neigh_snoop(const struct flow *flow, struct flow_wildcards *wc, const char dev_name[IFNAMSIZ], bool allow_update); +void tnl_neigh_set(const char name[IFNAMSIZ], const struct in6_addr *dst, + const struct eth_addr mac); int tnl_neigh_lookup(const char dev_name[IFNAMSIZ], const struct in6_addr *dst, struct eth_addr *mac); void tnl_neigh_cache_init(void); diff --git a/ofproto/ofproto-dpif-xlate.c b/ofproto/ofproto-dpif-xlate.c index 9cf414ee8..23f446c37 100644 --- a/ofproto/ofproto-dpif-xlate.c +++ b/ofproto/ofproto-dpif-xlate.c @@ -4099,6 +4099,20 @@ terminate_native_tunnel(struct xlate_ctx *ctx, struct flow *flow, is_neighbor_reply_correct(ctx, flow)) { tnl_neigh_snoop(flow, wc, ctx->xbridge->name, ctx->xin->allow_side_effects); + } else if (*tnl_port != ODPP_NONE && + ctx->xin->allow_side_effects && + (flow->dl_type == htons(ETH_TYPE_IP) || + flow->dl_type == htons(ETH_TYPE_IPV6))) { + struct eth_addr mac = flow->dl_src; + struct in6_addr s_ip6; + + if (flow->dl_type == htons(ETH_TYPE_IP)) { + in6_addr_set_mapped_ipv4(&s_ip6, flow->nw_src); + } else { + s_ip6 = flow->ipv6_src; + } + + tnl_neigh_set(ctx->xbridge->name, &s_ip6, mac); } } diff --git a/tests/tunnel-push-pop-ipv6.at b/tests/tunnel-push-pop-ipv6.at index 327c0e61e..3f58e3e8f 100644 --- a/tests/tunnel-push-pop-ipv6.at +++ b/tests/tunnel-push-pop-ipv6.at @@ -462,6 +462,42 @@ AT_CHECK([ovs-appctl dpif/dump-flows int-br | grep 'in_port(6081)'], [0], [dnl tunnel(tun_id=0x7b,ipv6_src=2001:cafe::92,ipv6_dst=2001:cafe::88,geneve({class=0xffff,type=0x80,len=4,0xa/0xf}{class=0xffff,type=0,len=4}),flags(-df-csum+key)),recirc_id(0),in_port(6081),packet_type(ns=0,id=0),eth_type(0x0800),ipv4(frag=no), packets:0, bytes:0, used:never, actions:userspace(pid=0,controller(reason=1,dont_send=0,continuation=0,recirc_id=3,rule_cookie=0,controller_id=0,max_len=65535)) ]) +dnl Receive VXLAN with different MAC and verify that the neigh cache gets updated +AT_CHECK([ovs-appctl netdev-dummy/receive p0 'aa55aa550000f8bc1244cafe86dd60000000003a11402001cafe0000000000000000000000922001cafe000000000000000000000088c85312b5003abc700c00000300007b00ffffffffffff00000000000008004500001c0001000040117cce7f0000017f0000010035003500080172']) + +ovs-appctl time/warp 1000 +ovs-appctl time/warp 1000 + +dnl Check VXLAN tunnel push +AT_CHECK([ovs-ofctl add-flow int-br action=2]) +AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth(src=36:b1:ee:7c:01:01,dst=36:b1:ee:7c:01:02),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout]) +AT_CHECK([tail -1 stdout], [0], + [Datapath actions: clone(tnl_push(tnl_port(4789),header(size=70,type=4,eth(dst=f8:bc:12:44:ca:fe,src=aa:55:aa:55:00:00,dl_type=0x86dd),ipv6(src=2001:cafe::88,dst=2001:cafe::92,label=0,proto=17,tclass=0x0,hlimit=64),udp(src=0,dst=4789,csum=0xffff),vxlan(flags=0x8000000,vni=0x7b)),out_port(100)),1) +]) + +AT_CHECK([ovs-appctl tnl/arp/show | tail -n+3 | sort], [0], [dnl +2001:cafe::92 f8:bc:12:44:ca:fe br0 +2001:cafe::93 f8:bc:12:44:34:b7 br0 +]) + +dnl Restore and check the cache entries +AT_CHECK([ovs-appctl netdev-dummy/receive p0 'aa55aa550000f8bc124434b686dd60000000003a11402001cafe0000000000000000000000922001cafe000000000000000000000088c85312b5003abc700c00000300007b00ffffffffffff00000000000008004500001c0001000040117cce7f0000017f0000010035003500080172']) + +ovs-appctl time/warp 1000 +ovs-appctl time/warp 1000 + +dnl Check VXLAN tunnel push +AT_CHECK([ovs-ofctl add-flow int-br action=2]) +AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth(src=36:b1:ee:7c:01:01,dst=36:b1:ee:7c:01:02),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout]) +AT_CHECK([tail -1 stdout], [0], + [Datapath actions: clone(tnl_push(tnl_port(4789),header(size=70,type=4,eth(dst=f8:bc:12:44:34:b6,src=aa:55:aa:55:00:00,dl_type=0x86dd),ipv6(src=2001:cafe::88,dst=2001:cafe::92,label=0,proto=17,tclass=0x0,hlimit=64),udp(src=0,dst=4789,csum=0xffff),vxlan(flags=0x8000000,vni=0x7b)),out_port(100)),1) +]) + +AT_CHECK([ovs-appctl tnl/arp/show | tail -n+3 | sort], [0], [dnl +2001:cafe::92 f8:bc:12:44:34:b6 br0 +2001:cafe::93 f8:bc:12:44:34:b7 br0 +]) + ovs-appctl time/warp 10000 AT_CHECK([ovs-vsctl del-port int-br t3 \ diff --git a/tests/tunnel-push-pop.at b/tests/tunnel-push-pop.at index 1f6249b20..3a10c30fd 100644 --- a/tests/tunnel-push-pop.at +++ b/tests/tunnel-push-pop.at @@ -569,6 +569,41 @@ AT_CHECK([ovs-appctl dpif/dump-flows int-br | grep 'in_port(6081)'], [0], [dnl tunnel(tun_id=0x7b,src=1.1.2.92,dst=1.1.2.88,geneve({class=0xffff,type=0x80,len=4,0xa/0xf}{class=0xffff,type=0,len=4}),flags(-df-csum+key)),recirc_id(0),in_port(6081),packet_type(ns=0,id=0),eth_type(0x0800),ipv4(frag=no), packets:0, bytes:0, used:never, actions:userspace(pid=0,controller(reason=1,dont_send=0,continuation=0,recirc_id=2,rule_cookie=0,controller_id=0,max_len=65535)) ]) +dnl Receive VXLAN with different MAC and verify that the neigh cache gets updated +AT_CHECK([ovs-appctl netdev-dummy/receive p0 'aa55aa550000f8bc1244cafe08004500004e00010000401173e90101025c01010258c85312b5003a8cd40c00000300007b00ffffffffffff00000000000008004500001c0001000040117cce7f0000017f0000010035003500080172']) + +ovs-appctl time/warp 1000 +ovs-appctl time/warp 1000 + +dnl Check VXLAN tunnel push +AT_CHECK([ovs-ofctl add-flow int-br action=2]) +AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth(src=36:b1:ee:7c:01:01,dst=36:b1:ee:7c:01:02),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout]) +AT_CHECK([tail -1 stdout], [0], + [Datapath actions: clone(tnl_push(tnl_port(4789),header(size=50,type=4,eth(dst=f8:bc:12:44:ca:fe,src=aa:55:aa:55:00:00,dl_type=0x0800),ipv4(src=1.1.2.88,dst=1.1.2.92,proto=17,tos=0,ttl=64,frag=0x4000),udp(src=0,dst=4789,csum=0x0),vxlan(flags=0x8000000,vni=0x7b)),out_port(100)),1) +]) + +AT_CHECK([ovs-appctl tnl/neigh/show | tail -n+3 | sort], [0], [dnl +1.1.2.92 f8:bc:12:44:ca:fe br0 +1.1.2.93 f8:bc:12:44:34:b7 br0 +]) + +dnl Restore and check the cache entries +AT_CHECK([ovs-appctl netdev-dummy/receive p0 'aa55aa550000f8bc124434b608004500004e00010000401173e90101025c01010258c85312b5003a8cd40c00000300007b00ffffffffffff00000000000008004500001c0001000040117cce7f0000017f0000010035003500080172']) + +ovs-appctl time/warp 1000 +ovs-appctl time/warp 1000 + +dnl Check VXLAN tunnel push +AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth(src=36:b1:ee:7c:01:01,dst=36:b1:ee:7c:01:02),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout]) +AT_CHECK([tail -1 stdout], [0], + [Datapath actions: clone(tnl_push(tnl_port(4789),header(size=50,type=4,eth(dst=f8:bc:12:44:34:b6,src=aa:55:aa:55:00:00,dl_type=0x0800),ipv4(src=1.1.2.88,dst=1.1.2.92,proto=17,tos=0,ttl=64,frag=0x4000),udp(src=0,dst=4789,csum=0x0),vxlan(flags=0x8000000,vni=0x7b)),out_port(100)),1) +]) + +AT_CHECK([ovs-appctl tnl/neigh/show | tail -n+3 | sort], [0], [dnl +1.1.2.92 f8:bc:12:44:34:b6 br0 +1.1.2.93 f8:bc:12:44:34:b7 br0 +]) + ovs-appctl time/warp 10000 AT_CHECK([ovs-vsctl del-port int-br t3 \