[ovs-dev,v2] OVN: do not distribute traffic for local FIP
diff mbox series

Message ID ded49bfcb12d1d429fbcfd123e279fac0fa06cc6.1560447962.git.lorenzo.bianconi@redhat.com
State New
Headers show
Series
  • [ovs-dev,v2] OVN: do not distribute traffic for local FIP
Related show

Commit Message

Lorenzo Bianconi June 13, 2019, 5:47 p.m. UTC
Do not send traffic for local FIP through the overlay tunnels but
manage it in the local hypervisor

Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
---
Changes since v1:
- update ovn-northd.8.xml
---
 ovn/northd/ovn-northd.8.xml |  7 +++++++
 ovn/northd/ovn-northd.c     | 13 +++++++++++++
 2 files changed, 20 insertions(+)

Comments

Numan Siddique June 14, 2019, 2:21 p.m. UTC | #1
On Thu, Jun 13, 2019 at 11:18 PM Lorenzo Bianconi <
lorenzo.bianconi@redhat.com> wrote:

> Do not send traffic for local FIP through the overlay tunnels but
> manage it in the local hypervisor
>
> Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
>

Acked-by: Numan Siddique <nusiddiq@redhat.com>



> ---
> Changes since v1:
> - update ovn-northd.8.xml
> ---
>  ovn/northd/ovn-northd.8.xml |  7 +++++++
>  ovn/northd/ovn-northd.c     | 13 +++++++++++++
>  2 files changed, 20 insertions(+)
>
> diff --git a/ovn/northd/ovn-northd.8.xml b/ovn/northd/ovn-northd.8.xml
> index e6417220f..193aa210f 100644
> --- a/ovn/northd/ovn-northd.8.xml
> +++ b/ovn/northd/ovn-northd.8.xml
> @@ -1890,6 +1890,13 @@ reg1 = <var>EIP1</var>;
>  outport = <code>redirect-chassis-port</code>;
>  <code>REGBIT_DISTRIBUTED_NAT = 1; next;</code>.
>          </pre>
> +
> +        <p>
> +            Morover a priority-400 logical flow is configured for each
> +            <code>dnat_and_snat</code> NAT rule configured in order to
> +            not send traffic for local FIP through the overlay tunnels
> +            but manage it in the local hypervisor
> +        </p>
>        </li>
>
>        <li>
> diff --git a/ovn/northd/ovn-northd.c b/ovn/northd/ovn-northd.c
> index 0b0a96a3a..c3ab4d364 100644
> --- a/ovn/northd/ovn-northd.c
> +++ b/ovn/northd/ovn-northd.c
> @@ -5222,6 +5222,19 @@ add_distributed_nat_routes(struct hmap *lflows,
> const struct ovn_port *op)
>              continue;
>          }
>
> +        ds_put_format(&match, "inport == %s && "
> +                      "ip4.src == %s && ip4.dst == %s",
> +                       op->json_key, nat->logical_ip, nat->external_ip);
> +        ds_put_format(&actions, "outport = %s; eth.dst = %s; "
> +                      REGBIT_DISTRIBUTED_NAT" = 1; "
> +                      REGBIT_NAT_REDIRECT" = 0; next;",
> +                      op->od->l3dgw_port->json_key,
> +                      nat->external_mac);
> +        ovn_lflow_add(lflows, op->od, S_ROUTER_IN_IP_ROUTING, 400,
> +                      ds_cstr(&match), ds_cstr(&actions));
> +        ds_clear(&match);
> +        ds_clear(&actions);
> +
>          for (size_t j = 0; j < op->od->nbr->n_nat; j++) {
>              const struct nbrec_nat *nat2 = op->od->nbr->nat[j];
>
> --
> 2.21.0
>
>
Ben Pfaff July 5, 2019, 9:41 p.m. UTC | #2
On Thu, Jun 13, 2019 at 07:47:59PM +0200, Lorenzo Bianconi wrote:
> Do not send traffic for local FIP through the overlay tunnels but
> manage it in the local hypervisor
> 
> Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>

Thanks, applied to master.

Patch
diff mbox series

diff --git a/ovn/northd/ovn-northd.8.xml b/ovn/northd/ovn-northd.8.xml
index e6417220f..193aa210f 100644
--- a/ovn/northd/ovn-northd.8.xml
+++ b/ovn/northd/ovn-northd.8.xml
@@ -1890,6 +1890,13 @@  reg1 = <var>EIP1</var>;
 outport = <code>redirect-chassis-port</code>;
 <code>REGBIT_DISTRIBUTED_NAT = 1; next;</code>.
         </pre>
+
+        <p>
+            Morover a priority-400 logical flow is configured for each
+            <code>dnat_and_snat</code> NAT rule configured in order to
+            not send traffic for local FIP through the overlay tunnels
+            but manage it in the local hypervisor
+        </p>
       </li>
 
       <li>
diff --git a/ovn/northd/ovn-northd.c b/ovn/northd/ovn-northd.c
index 0b0a96a3a..c3ab4d364 100644
--- a/ovn/northd/ovn-northd.c
+++ b/ovn/northd/ovn-northd.c
@@ -5222,6 +5222,19 @@  add_distributed_nat_routes(struct hmap *lflows, const struct ovn_port *op)
             continue;
         }
 
+        ds_put_format(&match, "inport == %s && "
+                      "ip4.src == %s && ip4.dst == %s",
+                       op->json_key, nat->logical_ip, nat->external_ip);
+        ds_put_format(&actions, "outport = %s; eth.dst = %s; "
+                      REGBIT_DISTRIBUTED_NAT" = 1; "
+                      REGBIT_NAT_REDIRECT" = 0; next;",
+                      op->od->l3dgw_port->json_key,
+                      nat->external_mac);
+        ovn_lflow_add(lflows, op->od, S_ROUTER_IN_IP_ROUTING, 400,
+                      ds_cstr(&match), ds_cstr(&actions));
+        ds_clear(&match);
+        ds_clear(&actions);
+
         for (size_t j = 0; j < op->od->nbr->n_nat; j++) {
             const struct nbrec_nat *nat2 = op->od->nbr->nat[j];