From patchwork Sun Mar 24 12:16:22 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cheng Li X-Patchwork-Id: 1915290 X-Patchwork-Delegate: horms@verge.net.au Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::137; helo=smtp4.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org) Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4V2Zn70ZLtz1yXy for ; Sun, 24 Mar 2024 23:16:57 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id BC44F40678; Sun, 24 Mar 2024 12:16:51 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id Zynnmry6Zg8y; Sun, 24 Mar 2024 12:16:50 +0000 (UTC) X-Comment: SPF check N/A for local connections - client-ip=140.211.9.56; helo=lists.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver= DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org D95B640668 Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp4.osuosl.org (Postfix) with ESMTPS id D95B640668; Sun, 24 Mar 2024 12:16:49 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 20F4BC0077; Sun, 24 Mar 2024 12:16:49 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by lists.linuxfoundation.org (Postfix) with ESMTP id 8DE45C0037 for ; Sun, 24 Mar 2024 12:16:48 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 6613B81E1C for ; Sun, 24 Mar 2024 12:16:48 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id WE0TQt1rtm6s for ; Sun, 24 Mar 2024 12:16:47 +0000 (UTC) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=182.42.152.55; helo=chinatelecom.cn; envelope-from=lic121@chinatelecom.cn; receiver= DMARC-Filter: OpenDMARC Filter v1.4.2 smtp1.osuosl.org 7AF6381E1B Authentication-Results: smtp1.osuosl.org; dmarc=none (p=none dis=none) header.from=chinatelecom.cn DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org 7AF6381E1B Received: from chinatelecom.cn (smtpnm6-09.21cn.com [182.42.152.55]) by smtp1.osuosl.org (Postfix) with ESMTP id 7AF6381E1B for ; Sun, 24 Mar 2024 12:16:44 +0000 (UTC) HMM_SOURCE_IP: 192.168.138.117:64287.747519393 HMM_ATTACHE_NUM: 0000 HMM_SOURCE_TYPE: SMTP Received: from clientip-125.69.9.194 (unknown [192.168.138.117]) by chinatelecom.cn (HERMES) with SMTP id C36DB111070A1; Sun, 24 Mar 2024 20:16:35 +0800 (CST) X-189-SAVE-TO-SEND: +lic121@chinatelecom.cn Received: from ([125.69.9.194]) by gateway-ssl-dep-77bc75f6c8-5v5w7 with ESMTP id 2896e4d398dd4ba0bcd98855b1fab6d4 for dev@openvswitch.org; Sun, 24 Mar 2024 20:16:38 CST X-Transaction-ID: 2896e4d398dd4ba0bcd98855b1fab6d4 X-Real-From: lic121@chinatelecom.cn X-Receive-IP: 125.69.9.194 X-MEDUSA-Status: 0 From: Cheng Li To: dev@openvswitch.org, i.maximets@ovn.org Date: Sun, 24 Mar 2024 12:16:22 +0000 Message-Id: <20240324121622.773630-1-lic121@chinatelecom.cn> X-Mailer: git-send-email 2.39.3 MIME-Version: 1.0 Subject: [ovs-dev] [PATCH v3] route-table: Filter route changes by interface. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" When ovs host is also a kubernets node, pod creation/deletion may trigger route changes. As a result, ovs run route_table_reset(). As ovs do not care the kubernetes pod routes, route_table_reset() is not neccessary. Signed-off-by: Cheng Li --- Notes: v2: Add function definition for bsd and stub. v3: Fix unused-parameter error. lib/route-table-bsd.c | 5 +++++ lib/route-table-stub.c | 5 +++++ lib/route-table.c | 41 ++++++++++++++++++++++++++++++--- lib/route-table.h | 1 + tests/system-route.at | 51 ++++++++++++++++++++++++++++++++++++++++++ vswitchd/bridge.c | 3 +++ vswitchd/vswitch.xml | 10 +++++++++ 7 files changed, 113 insertions(+), 3 deletions(-) diff --git a/lib/route-table-bsd.c b/lib/route-table-bsd.c index 34d42cfab..4762e2194 100644 --- a/lib/route-table-bsd.c +++ b/lib/route-table-bsd.c @@ -205,3 +205,8 @@ void route_table_wait(void) { } + +void +disable_notify_on_interfaces(const char *ifaces OVS_UNUSED) +{ +} diff --git a/lib/route-table-stub.c b/lib/route-table-stub.c index dd0b096d4..cc13c5191 100644 --- a/lib/route-table-stub.c +++ b/lib/route-table-stub.c @@ -48,3 +48,8 @@ void route_table_wait(void) { } + +void +disable_notify_on_interfaces(const char *ifaces OVS_UNUSED) +{ +} diff --git a/lib/route-table.c b/lib/route-table.c index f1fe32714..eeff509f0 100644 --- a/lib/route-table.c +++ b/lib/route-table.c @@ -33,6 +33,7 @@ #include "netlink-notifier.h" #include "netlink-socket.h" #include "openvswitch/ofpbuf.h" +#include "lib/sset.h" #include "ovs-router.h" #include "packets.h" #include "rtnetlink.h" @@ -82,6 +83,7 @@ static struct nln_notifier *route6_notifier = NULL; static struct nln_notifier *name_notifier = NULL; static bool route_table_valid = false; +static struct sset disabled_ifaces = SSET_INITIALIZER(&disabled_ifaces); static void route_table_reset(void); static void route_table_handle_msg(const struct route_table_msg *); @@ -92,6 +94,7 @@ static void route_map_clear(void); static void name_table_init(void); static void name_table_change(const struct rtnetlink_change *, void *); + uint64_t route_table_get_change_seq(void) { @@ -354,13 +357,45 @@ route_table_parse(struct ofpbuf *buf, struct route_table_msg *change) return ipv4 ? RTNLGRP_IPV4_ROUTE : RTNLGRP_IPV6_ROUTE; } +void +disable_notify_on_interfaces(const char *ifaces) +{ + struct sset tmp_ifaces; + + if (ifaces) { + sset_from_delimited_string(&tmp_ifaces, ifaces, ", "); + } else { + sset_init(&tmp_ifaces); + } + if (! sset_equals(&disabled_ifaces, &tmp_ifaces)) { + const char *iface; + struct ds ds = DS_EMPTY_INITIALIZER; + + sset_swap(&disabled_ifaces, &tmp_ifaces); + SSET_FOR_EACH (iface, &disabled_ifaces) { + ds_put_format(&ds, " %s", iface); + } + VLOG_DBG_RL(&rl, "route notify disabled interfaces: [%s]", + ds_cstr(&ds)); + ds_destroy(&ds); + } + sset_destroy(&tmp_ifaces); +} + static void -route_table_change(const struct route_table_msg *change OVS_UNUSED, +route_table_change(const struct route_table_msg *change, void *aux OVS_UNUSED) { - if (!change || change->relevant) { - route_table_valid = false; + if (change) { + if (!change->relevant) { + return; + } + if (change->rd.ifname[0] != '\0' && + sset_contains(&disabled_ifaces, change->rd.ifname)) { + return; + } } + route_table_valid = false; } static void diff --git a/lib/route-table.h b/lib/route-table.h index 3a02d737a..716e5bae0 100644 --- a/lib/route-table.h +++ b/lib/route-table.h @@ -33,4 +33,5 @@ void route_table_wait(void); bool route_table_fallback_lookup(const struct in6_addr *ip6_dst, char name[], struct in6_addr *gw6); +void disable_notify_on_interfaces(const char *ifaces); #endif /* route-table.h */ diff --git a/tests/system-route.at b/tests/system-route.at index c0ecad6cf..039255df7 100644 --- a/tests/system-route.at +++ b/tests/system-route.at @@ -128,3 +128,54 @@ OVS_WAIT_UNTIL([test $(ovs-appctl ovs/route/show | grep -c 'p1-route') -eq 0 ]) OVS_TRAFFIC_VSWITCHD_STOP AT_CLEANUP + + +dnl Checks that disabled interface doesn't trigger route table refresh. +AT_SETUP([ovs-route - filter by interface]) +AT_KEYWORDS([route]) +OVS_TRAFFIC_VSWITCHD_START() + +dnl Create tap port. +on_exit 'ip link del p1-route; ip link del p2-route' +AT_CHECK([ip tuntap add name p1-route mode tap]) +AT_CHECK([ip tuntap add name p2-route mode tap]) +AT_CHECK([ip link set p1-route up]) +AT_CHECK([ip link set p2-route up]) + +dnl Add ip address. +AT_CHECK([ip addr add 10.0.0.17/24 dev p1-route], [0], [stdout]) +AT_CHECK([ip addr add 10.0.1.17/24 dev p2-route], [0], [stdout]) + +dnl Check that OVS catches route updates. +OVS_WAIT_UNTIL_EQUAL([ovs-appctl ovs/route/show | grep -P 'p(1|2)-route' | sort], [dnl +Cached: 10.0.0.0/24 dev p1-route SRC 10.0.0.17 +Cached: 10.0.0.17/32 dev p1-route SRC 10.0.0.17 local +Cached: 10.0.1.0/24 dev p2-route SRC 10.0.1.17 +Cached: 10.0.1.17/32 dev p2-route SRC 10.0.1.17 local]) + +dnl Set disabled interface +AT_CHECK([ovs-appctl vlog/set 'route_table,dbg']) +get_log_next_line_num +AT_CHECK([ovs-vsctl set Open_vSwitch . other_config:route-notify-disabled-interfaces="p2-route"]) +dnl expected log line: "route_table|DBG|route notify disabled interfaces: [ p2-route]" +OVS_WAIT_UNTIL([tail -n +$LINENUM ovs-vswitchd.log | grep -P "notify disabled interfaces: . p2-route"]) + +dnl Add a route with interface p1-route. +AT_CHECK([ip route add 10.0.0.18/32 dev p1-route]) +OVS_WAIT_UNTIL_EQUAL([ovs-appctl ovs/route/show | grep 'p1-route' | sort], [dnl +Cached: 10.0.0.0/24 dev p1-route SRC 10.0.0.17 +Cached: 10.0.0.17/32 dev p1-route SRC 10.0.0.17 local +Cached: 10.0.0.18/32 dev p1-route SRC 10.0.0.17]) + +dnl Add a route with disabled interface p2-route. +AT_CHECK([ip route add 10.0.1.18/32 dev p2-route]) +dnl Give the main thread a chance to act. +AT_CHECK([ovs-appctl revalidator/wait]) +dnl Check that OVS didn't refresh route table. +AT_CHECK([ovs-appctl ovs/route/show | grep 'p2-route' | sort], [0], [dnl +Cached: 10.0.1.0/24 dev p2-route SRC 10.0.1.17 +Cached: 10.0.1.17/32 dev p2-route SRC 10.0.1.17 local +]) + +OVS_TRAFFIC_VSWITCHD_STOP +AT_CLEANUP diff --git a/vswitchd/bridge.c b/vswitchd/bridge.c index 95a65fcdc..217f5b3cf 100644 --- a/vswitchd/bridge.c +++ b/vswitchd/bridge.c @@ -71,6 +71,7 @@ #include "unixctl.h" #include "lib/vswitch-idl.h" #include "vlan-bitmap.h" +#include "route-table.h" VLOG_DEFINE_THIS_MODULE(bridge); @@ -888,6 +889,8 @@ bridge_reconfigure(const struct ovsrec_open_vswitch *ovs_cfg) ofproto_set_threads( smap_get_int(&ovs_cfg->other_config, "n-handler-threads", 0), smap_get_int(&ovs_cfg->other_config, "n-revalidator-threads", 0)); + disable_notify_on_interfaces(smap_get(&ovs_cfg->other_config, + "route-notify-disabled-interfaces")); /* Destroy "struct bridge"s, "struct port"s, and "struct iface"s according * to 'ovs_cfg', with only very minimal configuration otherwise. diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml index 8a1b607d7..ee2ca05fd 100644 --- a/vswitchd/vswitch.xml +++ b/vswitchd/vswitch.xml @@ -869,6 +869,16 @@ The feature is considered experimental.

+ +

+ Ignore route changes of specified interfaces. One of the usage + scenarios is to prevent kubernets from triggering ovs route table + refresh on pod create/destroy. +

+

+ The format is interface names joined by ','. i.e. "eth1,eth2" +

+