From patchwork Thu Aug 1 21:09:59 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ankur Sharma X-Patchwork-Id: 1140776 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=openvswitch.org (client-ip=140.211.169.12; helo=mail.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=nutanix.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=nutanix.com header.i=@nutanix.com header.b="Id2nHkCn"; dkim-atps=neutral Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4602zS4tk2z9s3Z for ; Fri, 2 Aug 2019 07:11:48 +1000 (AEST) Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by mail.linuxfoundation.org (Postfix) with ESMTP id 90B5CC83; Thu, 1 Aug 2019 21:10:18 +0000 (UTC) X-Original-To: ovs-dev@openvswitch.org Delivered-To: ovs-dev@mail.linuxfoundation.org Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id EA3D3C7D for ; Thu, 1 Aug 2019 21:10:16 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mx0b-002c1b01.pphosted.com (mx0b-002c1b01.pphosted.com [148.163.155.12]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 140525F4 for ; Thu, 1 Aug 2019 21:10:16 +0000 (UTC) Received: from pps.filterd (m0127841.ppops.net [127.0.0.1]) by mx0b-002c1b01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id x71L9DaG001159 for ; Thu, 1 Aug 2019 14:10:15 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=proofpoint20171006; bh=Y1US/s3lvZ9oyv55Ss35cwz8wF+c/mGTU/IimWB8dCg=; b=Id2nHkCnhsOo/d7gPzQ+KvU7q0XAIMiqQzm1Q0i+G9QpsdMfaRg7hKX7qR9iTPzjMEgB MV7zJOCxvk5MFyktJqnM5namlu3YqnY657kdfBMxQDwvELHNwnjVBfJdOluotZEbMD8m EkZuJuVTgXFW9Vk89g7fScTe09+s3W6YuOPAkB1vmRePQrnx0a3ftme19Kt5zp62pREJ G6tgjw/A7vs62s2uSitcsQfU67OrPUmbicPw0FWWk1jabGBHQ6yqNbZUQFqW9ebhh+7K Ygno26YEdmHzQtmV/j3jHwimq6+XHZGWTSL5JblZbgauLKS+q2O08CztuRWXL6F6TyJ3 fw== Received: from nam01-by2-obe.outbound.protection.outlook.com (mail-by2nam01lp2059.outbound.protection.outlook.com [104.47.34.59]) by mx0b-002c1b01.pphosted.com with ESMTP id 2u0m58j81a-2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Thu, 01 Aug 2019 14:10:14 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=c7Ovas4Y1EZ/lK+YWKBWI/XrgboS4FtDO14iiRj23yqURSgjibcBChMcRIjH1sNBlIlCWhT/W6/n+CU9SsszGrkExVY/2ATXVEbnDkwnpTtqOaGxKlOMaHfXGLNB+iBhgaPf7Rru9EX9X3r/D9lnhNMLTWYVy2HFtc6DO6oYrJoj+evzZi8gAhqmDcEzRwqiKwgJ98WbwKEE8WaiTQ9wBAHdgCoSs3H7i9HjUaCk3HMCGrcUZXpFVVcB+BzC8VsqVyGxGj1yWdIejIpNvGFo7hggcn9fyg4P3PizD5Nc4+gCkTtv9mYzrtSzm4sx8hpkNkrzYkQCwO3wPx9Ly29zOA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Y1US/s3lvZ9oyv55Ss35cwz8wF+c/mGTU/IimWB8dCg=; b=Z6VJb8fIOfU5s409YLiwezLonBa/Q6hzo+8IaBi4IslPwEheWtaV24dXIr4Qsrq8fn3FqJETyB2Yi8PuDXsoHVXIzsJgXU/8Lv1ZmIFsi9ogMJGkVLOci1Fh7gg6pnumDJ3XUnuCLyhIg3+jQ3pQDga/JCGgfA7ARS/pdZBjG1uMeEmW6CDrDSX7Yqohu+ukFop5d+F3NzFs+WUJ0ClLHKR/vvtLIrfMZtVBZB+fZyBzh0kNLvlIUzule53Dxw9siW0o9y0mtQrz8lzRcMwY0QRkt9ewOpmbnPLxWzArpArzcShm63PZ8lqiajCMvGMj5Od7WizlpfpR3NTXJfKUqw== ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=nutanix.com;dmarc=pass action=none header.from=nutanix.com;dkim=pass header.d=nutanix.com;arc=none Received: from MW2PR02MB3899.namprd02.prod.outlook.com (52.132.178.28) by MW2PR02MB3643.namprd02.prod.outlook.com (52.132.177.12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2136.16; Thu, 1 Aug 2019 21:09:59 +0000 Received: from MW2PR02MB3899.namprd02.prod.outlook.com ([fe80::a4e3:ca62:dfc6:1149]) by MW2PR02MB3899.namprd02.prod.outlook.com ([fe80::a4e3:ca62:dfc6:1149%3]) with mapi id 15.20.2136.010; Thu, 1 Aug 2019 21:09:59 +0000 From: Ankur Sharma To: "ovs-dev@openvswitch.org" Thread-Topic: [PATCH v2 2/4 ovn] OVN: Vlan backed DVR N-S, redirect-type option Thread-Index: AQHVSK16SzB0bRjizE2SO217Ey4AvA== Date: Thu, 1 Aug 2019 21:09:59 +0000 Message-ID: <1564693967-21197-3-git-send-email-ankur.sharma@nutanix.com> References: <1564693967-21197-1-git-send-email-ankur.sharma@nutanix.com> In-Reply-To: <1564693967-21197-1-git-send-email-ankur.sharma@nutanix.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: BYAPR02CA0033.namprd02.prod.outlook.com (2603:10b6:a02:ee::46) To MW2PR02MB3899.namprd02.prod.outlook.com (2603:10b6:907:4::28) x-ms-exchange-messagesentrepresentingtype: 1 x-mailer: git-send-email 1.8.3.1 x-originating-ip: [192.146.154.1] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: a0d2cc8a-4e56-4d98-b861-08d716c49c99 x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:MW2PR02MB3643; x-ms-traffictypediagnostic: MW2PR02MB3643: x-microsoft-antispam-prvs: x-proofpoint-crosstenant: true x-ms-oob-tlc-oobclassifiers: OLM:1002; x-forefront-prvs: 01165471DB x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39860400002)(376002)(396003)(136003)(366004)(346002)(189003)(199004)(50226002)(4720700003)(2616005)(2351001)(486006)(446003)(11346002)(476003)(66066001)(44832011)(36756003)(386003)(6506007)(76176011)(316002)(81166006)(102836004)(8936002)(107886003)(26005)(2906002)(6916009)(186003)(81156014)(3846002)(478600001)(71190400001)(6116002)(2501003)(8676002)(14444005)(68736007)(25786009)(4326008)(5024004)(256004)(71200400001)(5660300002)(66574012)(6436002)(5640700003)(6486002)(66946007)(52116002)(7736002)(14454004)(99286004)(6512007)(64756008)(66446008)(305945005)(66476007)(66556008)(53936002)(86362001)(64030200001); DIR:OUT; SFP:1102; SCL:1; SRVR:MW2PR02MB3643; H:MW2PR02MB3899.namprd02.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; received-spf: None (protection.outlook.com: nutanix.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: Pdf1UTFpBesVPnY4wDnOtFkQptVw8PzeBkbDQgd8vuv+wJwbqQa0I7NcFs+7tAMogWokmQRqobBmUt9I1LOI0M0rYpSs73iRzIpDXojRqKSdob9HsxqwDrh9bsdT3gSfiF8PHArVU3pKF4rNfbOi47WPqejyAHRXaGqRWj2HSpM/oDnAn4bvCrZJJKfxParouoKXiAnAnwTGbDxq73JvORi8yV7vtYKopA/QJJyguDWhdRQnTvZ5kYjuIRsz2XFPhXv9AWIR076VNlCv1Gql4R9VnKbC/XXhw1D0gWhhBsBjrUbO5HwKm4IS8N0OO7r7ZeSi8PqVKlvXQ4ridBMBvvncDCZVWxpOmarSiNG7yoSu029Dx7p/0ZY+gDCm308KxRIbya7FdzInqeKaVxG1JbMwBJCezF8GajdvHmXWjSA= MIME-Version: 1.0 X-OriginatorOrg: nutanix.com X-MS-Exchange-CrossTenant-Network-Message-Id: a0d2cc8a-4e56-4d98-b861-08d716c49c99 X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Aug 2019 21:09:59.4924 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: bb047546-786f-4de1-bd75-24e5b6f79043 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: ankur.sharma@nutanix.com X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW2PR02MB3643 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:5.22.84,1.0.8 definitions=2019-08-01_09:2019-07-31,2019-08-01 signatures=0 X-Proofpoint-Spam-Reason: safe X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [ovs-dev] [PATCH v2 2/4 ovn] OVN: Vlan backed DVR N-S, redirect-type option X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ovs-dev-bounces@openvswitch.org Errors-To: ovs-dev-bounces@openvswitch.org Background: With c0974331b7a19a87ab8f1f2cec8fbe366af92fa2, we have added support for E-W workflow for vlan backed DVRs. This series enables N-S workflow for vlan backed DVRs. Key difference between E-W and N-S traffic flow is that N-S flow requires a gateway chassis. A gateway chassis will be respondible for following: a. Doing Network Address Translation (NAT). b. Becoming entry and exit point for North->South and South->North traffic respectively. OVN by default always uses overlay encapsulation to redirect the packet to gateway chassis. This series will enable the redirection to gateway chassis in the absence of encapsulation. This patch: a. Add a new key-value in options of a router port. b. This new config key will be used by ovn-controller to determine if a redirected packet will go out of tunnel port or localnet port. c. key is "redirect-type" and it takes "overlay" and "vlan" as values. d. Added ovn-nbctl command to set and get redirect-type option on a router port. e. This new configuration is added because vlan or overlay based forwarding is considered to be a logical switch property, hence for a router configuration has to be done at the router port level. Signed-off-by: Ankur Sharma --- northd/ovn-northd.c | 6 ++++++ ovn-nb.xml | 43 ++++++++++++++++++++++++++++++++++++++ tests/ovn-nbctl.at | 25 ++++++++++++++++++++++ tests/ovn-northd.at | 31 +++++++++++++++++++++++++++ utilities/ovn-nbctl.c | 58 +++++++++++++++++++++++++++++++++++++++++++++++++++ 5 files changed, 163 insertions(+) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 979dea4..25c58e8 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -2442,6 +2442,9 @@ ovn_port_update_sbrec(struct northd_context *ctx, if (op->derived) { const char *redirect_chassis = smap_get(&op->nbrp->options, "redirect-chassis"); + const char *redirect_type = smap_get(&op->nbrp->options, + "redirect-type"); + int n_gw_options_set = 0; if (op->nbrp->ha_chassis_group) { n_gw_options_set++; @@ -2534,6 +2537,9 @@ ovn_port_update_sbrec(struct northd_context *ctx, sbrec_port_binding_set_gateway_chassis(op->sb, NULL, 0); } smap_add(&new, "distributed-port", op->nbrp->name); + if (redirect_type) { + smap_add(&new, "redirect-type", redirect_type); + } } else { if (op->peer) { smap_add(&new, "peer", op->peer->key); diff --git a/ovn-nb.xml b/ovn-nb.xml index 57b6edb..a31b4b6 100644 --- a/ovn-nb.xml +++ b/ovn-nb.xml @@ -1902,6 +1902,49 @@ issues.

+ + +

+ This options dictates if a packet redirected to + gateway chassis will be overlay encapsulated + or go as a regular vlan packet. +

+ +

+ Option takes following values +

+ +
    +
  • + OVERLAY +
    • + +
  • + VLAN +
    • +
+ +

+ OVERLAY option will ensure that redirected packet goes out as + encapsulation via the tunnel port. +

+ +

+ VLAN option will ensure that redirected packet goes out as vlan + tagged via the localnet port. +

+ +

+ OVERLAY is the default redirection type. +

+ +

+ Option is applicable only to gateway chassis attached logical + router ports. +

+ + + diff --git a/tests/ovn-nbctl.at b/tests/ovn-nbctl.at index a19e33f..11a3273 100644 --- a/tests/ovn-nbctl.at +++ b/tests/ovn-nbctl.at @@ -1220,6 +1220,31 @@ lrp0-chassis1 1 dnl --------------------------------------------------------------------- +OVN_NBCTL_TEST([ovn_nbctl_redirect_type], [logical router port redirect type], [ +AT_CHECK([ovn-nbctl lr-add lr0]) +AT_CHECK([ovn-nbctl lrp-add lr0 lrp0 00:00:00:01:02:03 192.168.1.1/24]) +AT_CHECK([ovn-nbctl lrp-get-redirect-type lrp0], [0], [dnl +overlay +]) +AT_CHECK([ovn-nbctl lrp-set-redirect-type lp0 vlan], [1], [], +[ovn-nbctl: lp0: port name not found +]) +AT_CHECK([ovn-nbctl lrp-set-redirect-type lrp0 vlan], [0], []) +AT_CHECK([ovn-nbctl lrp-get-redirect-type lrp0], [0], [dnl +vlan +]) +AT_CHECK([ovn-nbctl lrp-set-redirect-type lrp0 overlay], [0], []) +AT_CHECK([ovn-nbctl lrp-get-redirect-type lrp0], [0], [dnl +overlay +]) +AT_CHECK([ovn-nbctl lrp-set-redirect-type lrp0 abcd], [1], [], +[ovn-nbctl: Invalid redirect type: abcd +]) + +]) + +dnl --------------------------------------------------------------------- + OVN_NBCTL_TEST([ovn_nbctl_lrp_enable], [logical router port enable and disable], [ AT_CHECK([ovn-nbctl lr-add lr0]) AT_CHECK([ovn-nbctl lrp-add lr0 lrp0 00:00:00:01:02:03 192.168.1.1/24]) diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at index 62e58fd..2055ce3 100644 --- a/tests/ovn-northd.at +++ b/tests/ovn-northd.at @@ -898,3 +898,34 @@ as northd OVS_APP_EXIT_AND_WAIT([ovn-northd]) AT_CLEANUP + +AT_SETUP([ovn -- check Redirect Chassis propagation from NB to SB]) +AT_SKIP_IF([test $HAVE_PYTHON = no]) +ovn_start + +ovn-sbctl chassis-add gw1 geneve 127.0.0.1 + +ovn-nbctl lr-add R1 +ovn-nbctl lrp-add R1 R1-S1 02:ac:10:01:00:01 172.16.1.1/24 + +ovn-nbctl ls-add S1 +ovn-nbctl lsp-add S1 S1-R1 +ovn-nbctl lsp-set-type S1-R1 router +ovn-nbctl lsp-set-addresses S1-R1 router +ovn-nbctl --wait=sb lsp-set-options S1-R1 router-port=R1-S1 + +ovn-nbctl lrp-set-gateway-chassis R1-S1 gw1 + +uuid=`ovn-sbctl --columns=_uuid --bare find Port_Binding logical_port=cr-R1-S1` +echo "CR-LRP UUID is: " $uuid + +ovn-nbctl lrp-set-redirect-type R1-S1 vlan +AT_CHECK([ovn-sbctl get Port_Binding ${uuid} options:redirect-type], [0], [vlan +]) + +ovn-nbctl lrp-set-redirect-type R1-S1 overlay +AT_CHECK([ovn-sbctl get Port_Binding ${uuid} options:redirect-type], [0], [overlay +]) + + +AT_CLEANUP diff --git a/utilities/ovn-nbctl.c b/utilities/ovn-nbctl.c index ad999dd..991bee5 100644 --- a/utilities/ovn-nbctl.c +++ b/utilities/ovn-nbctl.c @@ -661,6 +661,14 @@ Logical router port commands:\n\ ('enabled' or 'disabled')\n\ lrp-get-enabled PORT get administrative state PORT\n\ ('enabled' or 'disabled')\n\ + lrp-set-redirect-type PORT TYPE\n\ + set whether redirected packet to gateway chassis\n\ + of PORT will be encapsulated or not\n\ + ('overlay' or 'vlan')\n\ + lrp-get-redirect-type PORT\n\ + get whether redirected packet to gateway chassis\n\ + of PORT will be encapsulated or not\n\ + ('overlay' or 'vlan')\n\ \n\ Route commands:\n\ [--policy=POLICY] lr-route-add ROUTER PREFIX NEXTHOP [PORT]\n\ @@ -4591,6 +4599,52 @@ nbctl_lrp_get_enabled(struct ctl_context *ctx) !lrp->enabled || *lrp->enabled ? "enabled" : "disabled"); } + +/* Set the logical router port redirect type. */ +static void +nbctl_lrp_set_redirect_type(struct ctl_context *ctx) +{ + const char *id = ctx->argv[1]; + const char *type = ctx->argv[2]; + const struct nbrec_logical_router_port *lrp = NULL; + struct smap lrp_options; + + char *error = lrp_by_name_or_uuid(ctx, id, true, &lrp); + if (error) { + ctx->error = error; + return; + } + + if (strcasecmp(type, "vlan") && strcasecmp(type, "overlay")) { + error = xasprintf("Invalid redirect type: %s", type); + ctx->error = error; + return; + } + + smap_init(&lrp_options); + smap_add(&lrp_options, "redirect-type", type); + + nbrec_logical_router_port_set_options(lrp, &lrp_options); + smap_destroy(&lrp_options); +} + +static void +nbctl_lrp_get_redirect_type(struct ctl_context *ctx) +{ + const char *id = ctx->argv[1]; + const struct nbrec_logical_router_port *lrp = NULL; + + char *error = lrp_by_name_or_uuid(ctx, id, true, &lrp); + if (error) { + ctx->error = error; + return; + } + + const char *redirect_type = smap_get(&lrp->options, "redirect-type"); + ds_put_format(&ctx->output, "%s\n", + !redirect_type ? "overlay": redirect_type); +} + struct ipv4_route { int priority; @@ -5598,6 +5652,10 @@ static const struct ctl_command_syntax nbctl_commands[] = { NULL, "", RW }, { "lrp-get-enabled", 1, 1, "PORT", NULL, nbctl_lrp_get_enabled, NULL, "", RO }, + { "lrp-set-redirect-type", 2, 2, "PORT TYPE", NULL, + nbctl_lrp_set_redirect_type, NULL, "", RW }, + { "lrp-get-redirect-type", 1, 1, "PORT", NULL, nbctl_lrp_get_redirect_type, + NULL, "", RO }, /* logical router route commands. */ { "lr-route-add", 3, 4, "ROUTER PREFIX NEXTHOP [PORT]", NULL,