From patchwork Sat Oct 10 04:20:36 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ben Pfaff <blp@nicira.com>
X-Patchwork-Id: 528537
Return-Path: <dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from archives.nicira.com (li376-54.members.linode.com
	[96.126.127.54]) by ozlabs.org (Postfix) with ESMTP id 972C8140E42
	for <incoming@patchwork.ozlabs.org>;
	Sat, 10 Oct 2015 15:21:16 +1100 (AEDT)
Received: from archives.nicira.com (localhost [127.0.0.1])
	by archives.nicira.com (Postfix) with ESMTP id BFA4410B7B;
	Fri,  9 Oct 2015 21:21:12 -0700 (PDT)
X-Original-To: dev@openvswitch.org
Delivered-To: dev@openvswitch.org
Received: from mx3v1.cudamail.com (mx3.cudamail.com [64.34.241.5])
	by archives.nicira.com (Postfix) with ESMTPS id 7289010B7B
	for <dev@openvswitch.org>; Fri,  9 Oct 2015 21:21:11 -0700 (PDT)
Received: from bar3.cudamail.com (bar1 [192.168.15.1])
	by mx3v1.cudamail.com (Postfix) with ESMTP id 4467B61988F
	for <dev@openvswitch.org>; Fri,  9 Oct 2015 22:21:10 -0600 (MDT)
X-ASG-Debug-ID: 1444450869-03dd7b7d3d1157e0001-byXFYA
Received: from mx3-pf1.cudamail.com ([192.168.14.2]) by bar3.cudamail.com
	with
	ESMTP id BwhpqTKcOPGkBLGr (version=TLSv1 cipher=DHE-RSA-AES256-SHA
	bits=256 verify=NO) for <dev@openvswitch.org>;
	Fri, 09 Oct 2015 22:21:10 -0600 (MDT)
X-Barracuda-Envelope-From: blp@nicira.com
X-Barracuda-RBL-Trusted-Forwarder: 192.168.14.2
Received: from unknown (HELO mail-pa0-f49.google.com) (209.85.220.49)
	by mx3-pf1.cudamail.com with ESMTPS (RC4-SHA encrypted);
	10 Oct 2015 04:21:09 -0000
Received-SPF: unknown (mx3-pf1.cudamail.com: Multiple SPF records returned)
X-Barracuda-RBL-Trusted-Forwarder: 209.85.220.49
Received: by pabve7 with SMTP id ve7so45495563pab.2
	for <dev@openvswitch.org>; Fri, 09 Oct 2015 21:21:09 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=Qpzi/giMCa4+wxWQQNnLHouSHdDPlBJXKyuQ1vdl7qs=;
	b=kYmEWBlyEtgCoHld0J1zzk65B+6pelO6jDBd0p/FFvt0hkqjL91LuwWRXAs6cmhnpN
	XUQXNnuUjPXC3wGoil/G9Zij1YRXepk5PNVlX03Tnsc1zaMKdQZyApVkptvVYb6VdK3r
	L+CkK+8hyveAP6cTeZfQGVoS5IJrKGSonS0Z+jsaf37BuGYIYeFDQLkM+SkAlDS+RGae
	fixiiVrCVVMzATSODAUvErTpZIe5IXLTaxrLtdMIzOgesuNcnNoPTfnx9lrS/w0x/JYA
	kqrFARYVj88RbRhjvmHl5OTBLV5+6ac6IgGooAbJJhPCfOByoNaSnKWvZAQgF7utc5Vc
	VzBA==
X-Gm-Message-State: 
 ALoCoQnrYzckMTkLVQz3EQY2ROjqrsrDQVwmRSauQ3SpjWkGVjoiIssfl1qJJ8xUxVSZawzJcinl
X-Received: by 10.66.251.136 with SMTP id zk8mr19979794pac.143.1444450869323;
	Fri, 09 Oct 2015 21:21:09 -0700 (PDT)
Received: from sigabrt.gateway.sonic.net
	(173-228-112-112.dsl.dynamic.fusionbroadband.com. [173.228.112.112])
	by smtp.gmail.com with ESMTPSA id
	o3sm5365390pap.37.2015.10.09.21.21.02
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Fri, 09 Oct 2015 21:21:08 -0700 (PDT)
X-CudaMail-Envelope-Sender: blp@nicira.com
X-Barracuda-Apparent-Source-IP: 173.228.112.112
From: Ben Pfaff <blp@nicira.com>
To: dev@openvswitch.org
X-CudaMail-Whitelist-To: dev@openvswitch.org
X-CudaMail-MID: CM-V1-1008077705
X-CudaMail-DTE: 100915
X-CudaMail-Originating-IP: 209.85.220.49
Date: Fri,  9 Oct 2015 21:20:36 -0700
X-ASG-Orig-Subj: [##CM-V1-1008077705##][PATCH 17/23] ovn-nb: Add support for
	IP+MAC binding pairs in Port_Binding 'address'.
Message-Id: <1444450838-12150-6-git-send-email-blp@nicira.com>
X-Mailer: git-send-email 2.1.3
In-Reply-To: <1444450838-12150-1-git-send-email-blp@nicira.com>
References: <1444450838-12150-1-git-send-email-blp@nicira.com>
X-Barracuda-Connect: UNKNOWN[192.168.14.2]
X-Barracuda-Start-Time: 1444450870
X-Barracuda-Encrypted: DHE-RSA-AES256-SHA
X-Barracuda-URL: https://web.cudamail.com:443/cgi-mod/mark.cgi
X-ASG-Whitelist: Header =?UTF-8?B?eFwtY3VkYW1haWxcLXdoaXRlbGlzdFwtdG8=?=
X-Virus-Scanned: by bsmtpd at cudamail.com
X-Barracuda-BRTS-Status: 1
Cc: Ben Pfaff <blp@nicira.com>
Subject: [ovs-dev] [PATCH 17/23] ovn-nb: Add support for IP+MAC binding
	pairs in Port_Binding 'address'.
X-BeenThere: dev@openvswitch.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: <dev.openvswitch.org>
List-Unsubscribe: <http://openvswitch.org/mailman/options/dev>,
	<mailto:dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://openvswitch.org/pipermail/dev>
List-Post: <mailto:dev@openvswitch.org>
List-Help: <mailto:dev-request@openvswitch.org?subject=help>
List-Subscribe: <http://openvswitch.org/mailman/listinfo/dev>,
	<mailto:dev-request@openvswitch.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: dev-bounces@openvswitch.org
Sender: "dev" <dev-bounces@openvswitch.org>

When a logical router can statically obtain the IP+MAC pairs for its
attached logical switches, it can avoid expensive ARP resolution.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>
---
 ovn/TODO                      |  9 -------
 ovn/northd/ovn-northd.8.xml   | 11 +++++++++
 ovn/ovn-nb.xml                | 56 ++++++++++++++++++++++++++++++++++++++-----
 ovn/utilities/ovn-nbctl.8.xml | 10 +++++---
 ovn/utilities/ovn-nbctl.c     |  2 +-
 5 files changed, 69 insertions(+), 19 deletions(-)

diff --git a/ovn/TODO b/ovn/TODO
index c8a0338..240804c 100644
--- a/ovn/TODO
+++ b/ovn/TODO
@@ -186,15 +186,6 @@ Somehow it has to be possible for an L3 logical router to map from an
 IP address to an Ethernet address.  This can happen statically or
 dynamically.  Probably both cases need to be supported eventually.
 
-*** Static IP to MAC binding
-
-Commonly, for a VM, the binding of an IP address to a MAC is known
-statically.  The Logical_Port table in the OVN_Northbound schema can
-be revised to make these bindings known.  Then ovn-northd can
-integrate the bindings into the logical router flow table.
-(ovn-northd can also integrate them into the logical switch flow table
-to terminate ARP requests from VIFs.)
-
 *** Dynamic IP to MAC bindings
 
 Some bindings from IP address to MAC will undoubtedly need to be
diff --git a/ovn/northd/ovn-northd.8.xml b/ovn/northd/ovn-northd.8.xml
index 002708b..b9278ea 100644
--- a/ovn/northd/ovn-northd.8.xml
+++ b/ovn/northd/ovn-northd.8.xml
@@ -529,6 +529,17 @@ eth.dst = <var>HE</var>;
 outport = <var>P</var>;
 output;
         </pre>
+
+        <p>
+          MAC bindings can be known statically based on data in the
+          <code>OVN_Northbound</code> database.  For router ports connected to
+          logical switches, MAC bindings can be known statically from the
+          <code>addresses</code> column in the <code>Logical_Port</code> table.
+          For router ports connected to other logical routers, MAC bindings can
+          be known statically from the <code>mac</code> and
+          <code>network</code> column in the <code>Logical_Router_Port</code>
+          table.
+        </p>
       </li>
 
       <li>
diff --git a/ovn/ovn-nb.xml b/ovn/ovn-nb.xml
index e565cda..78b146e 100644
--- a/ovn/ovn-nb.xml
+++ b/ovn/ovn-nb.xml
@@ -217,12 +217,56 @@
     </column>
 
     <column name="addresses">
-      The logical port's own Ethernet address or addresses, each in the form
-      <var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>.
-      Like a physical Ethernet NIC, a logical port ordinarily has a single
-      fixed Ethernet address.  The string <code>unknown</code> is also allowed
-      to indicate that the logical port has an unknown set of (additional)
-      source addresses.
+      <p>
+        Addresses owned by the logical port.
+      </p>
+
+      <p>
+        Each element in the set must take one of the following forms:
+      </p>
+
+      <dl>
+        <dt><code><var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var></code></dt>
+        <dd>
+          <p>
+            An Ethernet address owned by the logical port.  Like a physical
+            Ethernet NIC, a logical port ordinarily has a single fixed Ethernet
+            address.
+          </p>
+
+          <p>
+            When a OVN logical switch processes a unicast Ethernet frame whose
+            destination MAC address is in a logical port's <ref
+            column="addresses"/> column, it delivers it only to that port, as
+            if a MAC learning process had learned that MAC address on the port.
+          </p>
+        </dd>
+
+        <dt><code><var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var> <var>a</var>.<var>b</var>.<var>c</var>.<var>d</var></code></dt>
+        <dd>
+          <p>
+            This form has all the effects of the previous form.  It also
+            indicates that the logical port owns the given IPv4 address.
+          </p>
+
+          <p>
+            The OVN logical switch uses this information to synthesize
+            responses to ARP requests without traversing the physical network.
+            The OVN logical router connected to the logical switch, if any,
+            uses this information to avoid issuing ARP requests for logical
+            switch ports.
+          </p>
+        </dd>
+
+        <dt><code>unknown</code></dt>
+        <dd>
+          This indicates that the logical port has an unknown set of Ethernet
+          addresses.  When an OVN logical switch processes a unicast Ethernet
+          frame whose destination MAC address is not in any logical port's <ref
+          column="addresses"/> column, it delivers it to the port (or ports)
+          whose <ref column="addresses"/> columns include <code>unknown</code>.
+        </dd>
+      </dl>
     </column>
 
     <column name="port_security">
diff --git a/ovn/utilities/ovn-nbctl.8.xml b/ovn/utilities/ovn-nbctl.8.xml
index 8d69835..d710c3a 100644
--- a/ovn/utilities/ovn-nbctl.8.xml
+++ b/ovn/utilities/ovn-nbctl.8.xml
@@ -112,9 +112,13 @@
       <dt><code>lport-set-addresses</code> <var>lport</var> [<var>address</var>]...</dt>
       <dd>
         Sets the addresses associated with <var>lport</var> to
-        <var>address</var>.  Multiple MACs may be sets by using multiple
-        <var>address</var> arguments.  If no <var>mac</var> argument is given,
-        <var>lport</var> will have no addresses associated with it.
+        <var>address</var>.  Each <var>address</var> should be either an
+        Ethernet address or an Ethernet address followed by an IP address
+        (separated by a space and quoted to form a single command-line
+        argument).  The special form <code>unknown</code> is also valid.
+        Multiple Ethernet addresses or Ethernet+IP pairs may be set. If no
+        <var>address</var> argument is given, <var>lport</var> will have no
+        addresses associated with it.
       </dd>
 
       <dt><code>lport-get-addresses</code> <var>lport</var></dt>
diff --git a/ovn/utilities/ovn-nbctl.c b/ovn/utilities/ovn-nbctl.c
index 4c8f533..aac4c27 100644
--- a/ovn/utilities/ovn-nbctl.c
+++ b/ovn/utilities/ovn-nbctl.c
@@ -312,7 +312,7 @@ Logical port commands:\n\
   lport-get-parent LPORT    get the parent of LPORT if set\n\
   lport-get-tag LPORT       get the LPORT's tag if set\n\
   lport-set-addresses LPORT [ADDRESS]...\n\
-                            set addresses for LPORT.\n\
+                            set MAC or MAC+IP addresses for LPORT.\n\
   lport-get-addresses LPORT      get a list of MAC addresses on LPORT\n\
   lport-set-port-security LPORT [ADDRS]...\n\
                             set port security addresses for LPORT.\n\