From patchwork Thu May 31 15:05:27 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
X-Patchwork-Id: 923420
Return-Path: <ovs-dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=pass (mailfrom) smtp.mailfrom=openvswitch.org
	(client-ip=140.211.169.12; helo=mail.linuxfoundation.org;
	envelope-from=ovs-dev-bounces@openvswitch.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=fail (p=none dis=none) header.from=redhat.com
Received: from mail.linuxfoundation.org (mail.linuxfoundation.org
	[140.211.169.12])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 40xW492n9Rz9s08
	for <incoming@patchwork.ozlabs.org>;
	Fri,  1 Jun 2018 01:05:45 +1000 (AEST)
Received: from mail.linux-foundation.org (localhost [127.0.0.1])
	by mail.linuxfoundation.org (Postfix) with ESMTP id 5E73EC0F;
	Thu, 31 May 2018 15:05:42 +0000 (UTC)
X-Original-To: dev@openvswitch.org
Delivered-To: ovs-dev@mail.linuxfoundation.org
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 0F3C73C1
	for <dev@openvswitch.org>; Thu, 31 May 2018 15:05:41 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com
	[74.125.82.65])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 8DA2F6F2
	for <dev@openvswitch.org>; Thu, 31 May 2018 15:05:40 +0000 (UTC)
Received: by mail-wm0-f65.google.com with SMTP id l1-v6so54698095wmb.2
	for <dev@openvswitch.org>; Thu, 31 May 2018 08:05:40 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
	:references;
	bh=Qr51DOAKdlh2aQFQFVO2b9L8ngRQSdA9GBvhNUu1+Vc=;
	b=HZKKdufjql5xnyqSF4Q6oVcIK86o7ig0hTqKMFsUEI+8s/L/ZitK7ZqRG4wsQgJOfi
	tpGW7CKvJjpu0gZgVSEVWYfkKDAMTU+3ClkHI6HBHE3MOINt9/gNviRPEmJflHm2ybtv
	tPZklnfQaMNDgTi3AeQ5Tv3k7jsPKrQX1YzI0qZ9MD+vT6zwC8DMognFha2P6UE1y/RW
	7FOQN5x6xyzkfhAIViehOwrWtZOG27cEs1gOrG2QI6454sVxBcwHsdfnOcYXssiyQwmK
	kTVHLELbxLeoGP/V2owK+2NN1zUWVkaiWtAoWt0thBzGO1dQnrPEEt3f8t0yRBCGiKjO
	6XMg==
X-Gm-Message-State: APt69E1FSRpWMDea41DFa4xxEGdb/KyEIRaFwCoLTrhroSa9DVxBi41J
	Y2macaFEE3oYOFON433QcxXp/WkFd+M=
X-Google-Smtp-Source: 
 ADUXVKLkvDqvECcMfKfonyMwFo3xNNSjZv4fhq6WeI+Ks0Vpm4WbBeXlT94Pu2V+rZMxxKhVmLR7bg==
X-Received: by 2002:a1c:7153:: with SMTP id
	m80-v6mr177673wmc.7.1527779138947;
	Thu, 31 May 2018 08:05:38 -0700 (PDT)
Received: from localhost.localdomain.com (nat-pool-mxp-t.redhat.com.
	[149.6.153.186]) by smtp.gmail.com with ESMTPSA id
	z10-v6sm48966977wre.43.2018.05.31.08.05.37 for <dev@openvswitch.org>
	(version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
	Thu, 31 May 2018 08:05:38 -0700 (PDT)
From: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
To: dev@openvswitch.org
Date: Thu, 31 May 2018 17:05:27 +0200
Message-Id: 
 <8e8a65d47cd0d21118c455fd7636aba2fbec2429.1527778914.git.lorenzo.bianconi@redhat.com>
X-Mailer: git-send-email 2.14.3
In-Reply-To: <cover.1527778914.git.lorenzo.bianconi@redhat.com>
References: <cover.1527778914.git.lorenzo.bianconi@redhat.com>
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_NONE
	autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Subject: [ovs-dev] [PATCH] OVN: do not mark ND packets for conntrack in
	PRE_LB stage
X-BeenThere: ovs-dev@openvswitch.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <ovs-dev.openvswitch.org>
List-Unsubscribe: <https://mail.openvswitch.org/mailman/options/ovs-dev>,
	<mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://mail.openvswitch.org/pipermail/ovs-dev/>
List-Post: <mailto:ovs-dev@openvswitch.org>
List-Help: <mailto:ovs-dev-request@openvswitch.org?subject=help>
List-Subscribe: <https://mail.openvswitch.org/mailman/listinfo/ovs-dev>,
	<mailto:ovs-dev-request@openvswitch.org?subject=subscribe>
MIME-Version: 1.0
Sender: ovs-dev-bounces@openvswitch.org
Errors-To: ovs-dev-bounces@openvswitch.org

Do not send Neighbor Discovery packets to conntrack module if
load balancing rules have been added to NB db since otherwise
Neighbor Advertisement frames will be discarded by OVN.
In order to reproduce the issue it is enough to add 2 logical ports
to a single logical switch, assign an IPv6 address to each VIF, and
define a load balance rule on the logical switch. After a while the
ping6 from VIF1 to VIF2 will stop since the vm will not receive any NA
packet

Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
---
 ovn/northd/ovn-northd.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/ovn/northd/ovn-northd.c b/ovn/northd/ovn-northd.c
index 0e06776ad..aa9298d3b 100644
--- a/ovn/northd/ovn-northd.c
+++ b/ovn/northd/ovn-northd.c
@@ -2977,6 +2977,12 @@ ls_has_dns_records(const struct nbrec_logical_switch *nbs)
 static void
 build_pre_lb(struct ovn_datapath *od, struct hmap *lflows)
 {
+    /* Do not send ND packets to conntrack */
+    ovn_lflow_add(lflows, od, S_SWITCH_IN_PRE_LB, 110,
+                  "nd || nd_rs || nd_ra", "next;");
+    ovn_lflow_add(lflows, od, S_SWITCH_OUT_PRE_LB, 110,
+                  "nd || nd_rs || nd_ra", "next;");
+
     /* Allow all packets to go to next tables by default. */
     ovn_lflow_add(lflows, od, S_SWITCH_IN_PRE_LB, 0, "1", "next;");
     ovn_lflow_add(lflows, od, S_SWITCH_OUT_PRE_LB, 0, "1", "next;");