From patchwork Fri Oct 25 17:36:05 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lorenzo Bianconi X-Patchwork-Id: 1184351 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.169.12; helo=mail.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=redhat.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.b="dIbp+LE/"; dkim-atps=neutral Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 470BCG5zzRz9sP3 for ; Sat, 26 Oct 2019 04:37:46 +1100 (AEDT) Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by mail.linuxfoundation.org (Postfix) with ESMTP id 86E64DAC; Fri, 25 Oct 2019 17:36:46 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@mail.linuxfoundation.org Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 53EA3D9F for ; Fri, 25 Oct 2019 17:36:45 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81]) by smtp1.linuxfoundation.org (Postfix) with ESMTP id BB6D289D for ; Fri, 25 Oct 2019 17:36:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1572025003; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=vXI+dU6KPmwZIWJDcLecN72MEvYZZyjKs+PXNTEEtKM=; b=dIbp+LE/2uKnchxuNbARY0aTcNBrIzc82TQQuOmZAZxvcqQXSq1upHauMix7xHqq5+4etu uM4MjkcoIk/YutGFNqoH+aE9L7c5UHYbeJw4E1WbCm2rVWOQm4Q7WZEkV+RlI2ewpoFgBq Qbdp9rmVBskwk6R18JTJlvLN76GbZbw= Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-177-vUsVgw9qOQqMj3F1isgzPQ-1; Fri, 25 Oct 2019 13:36:42 -0400 Received: by mail-wr1-f69.google.com with SMTP id a6so1630008wru.1 for ; Fri, 25 Oct 2019 10:36:41 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=N9rQtyF2iCfMsaMiiiyxnKb4qdTTiG5AS0L8KbJgx1I=; b=FI3ywAkxLb05LQ+kHt6dxdsNONmE+jkumTLmgKXG1Q9wHz/J+psJWCSyO7HECRwGZK MssYRmL277+mLpQJK1zpnLEjGNggbTQhNWe7b91D0+CxiQoPhNY9USyO84K7ksiHG985 fmVOTCtfYjUtRhIDNaU6rFvSTKJGpfZr2ek+Wa0NZuSFakYgEc22MQnOnEHqA22j3HgV YCRGSRqeOrVJ7FobiH6qART1It1Jw/5Ts+qlJrsss2qPFsB7OAqZwHlL7poOfsE/DRoK mJYFmp1oXuWr993ynswwf/sQmGQTGVZsa0nxKfzDbJRvfnw4Zlj+zpG2Ok198K/sJsV3 dI9Q== X-Gm-Message-State: APjAAAXtwXqZgRElF95ptXCF/aJf+6i1E5O+DVrdrUVIX67U7IipyPI8 cPdi9o7ut44/OHvMV0KcPnHx5jwUdI/yd8HCPWQgX0yqAUdix6jJduVTT4r+YmlK+Gm/9ow+LvE cjGcsBWrLTuZE X-Received: by 2002:a7b:cd83:: with SMTP id y3mr4940984wmj.150.1572025000418; Fri, 25 Oct 2019 10:36:40 -0700 (PDT) X-Google-Smtp-Source: APXvYqzGvNjY7CuRTNKSTH1tHmfK4LSA1y0axp0u/bHRdH0MOSrUj4fISykuXPGcadFmE5uvSHBMvg== X-Received: by 2002:a7b:cd83:: with SMTP id y3mr4940963wmj.150.1572025000121; Fri, 25 Oct 2019 10:36:40 -0700 (PDT) Received: from localhost.lan ([151.66.11.57]) by smtp.gmail.com with ESMTPSA id v10sm3218118wmg.48.2019.10.25.10.36.37 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 25 Oct 2019 10:36:39 -0700 (PDT) From: Lorenzo Bianconi To: dev@openvswitch.org Date: Fri, 25 Oct 2019 19:36:05 +0200 Message-Id: <080653d905ecc79ec8b941332453fa82995f07bb.1572024147.git.lorenzo.bianconi@redhat.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: References: MIME-Version: 1.0 X-MC-Unique: vUsVgw9qOQqMj3F1isgzPQ-1 X-Mimecast-Spam-Score: 0 X-Spam-Status: No, score=-4.3 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [ovs-dev] [RFC ovn 2/2] northd: add logical flows for dhcpv6 pfd parsing X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ovs-dev-bounces@openvswitch.org Errors-To: ovs-dev-bounces@openvswitch.org Introduce logical flows in ovn router pipeline in order to parse dhcpv6 advertise/reply from IPv6 prefix delegation router. Signed-off-by: Lorenzo Bianconi --- northd/ovn-northd.c | 61 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 60 insertions(+), 1 deletion(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index ea8ad7c2d..d2a545b2b 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -2570,6 +2570,8 @@ ovn_port_update_sbrec(struct northd_context *ctx, struct sset *active_ha_chassis_grps) { sbrec_port_binding_set_datapath(op->sb, op->od->sb); + const char *ipv6_pd_list = NULL; + if (op->nbrp) { /* If the router is for l3 gateway, it resides on a chassis * and its port type is "l3gateway". */ @@ -2692,6 +2694,12 @@ ovn_port_update_sbrec(struct northd_context *ctx, smap_add(&new, "l3gateway-chassis", chassis_name); } } + + ipv6_pd_list = smap_get(&op->sb->options, "ipv6_ra_pd_list"); + if (ipv6_pd_list) { + smap_add(&new, "ipv6_ra_pd_list", ipv6_pd_list); + } + sbrec_port_binding_set_options(op->sb, &new); smap_destroy(&new); @@ -2741,6 +2749,12 @@ ovn_port_update_sbrec(struct northd_context *ctx, smap_add_format(&options, "qdisc_queue_id", "%d", queue_id); } + + ipv6_pd_list = smap_get(&op->sb->options, "ipv6_ra_pd_list"); + if (ipv6_pd_list) { + smap_add(&options, "ipv6_ra_pd_list", ipv6_pd_list); + } + sbrec_port_binding_set_options(op->sb, &options); smap_destroy(&options); if (ovn_is_known_nb_lsp_type(op->nbsp->type)) { @@ -2790,6 +2804,12 @@ ovn_port_update_sbrec(struct northd_context *ctx, if (chassis) { smap_add(&new, "l3gateway-chassis", chassis); } + + ipv6_pd_list = smap_get(&op->sb->options, "ipv6_ra_pd_list"); + if (ipv6_pd_list) { + smap_add(&new, "ipv6_ra_pd_list", ipv6_pd_list); + } + sbrec_port_binding_set_options(op->sb, &new); smap_destroy(&new); } else { @@ -5385,7 +5405,8 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, } if (!op->nbsp->dhcpv4_options && !op->nbsp->dhcpv6_options) { - /* CMS has disabled both native DHCPv4 and DHCPv6 for this lport. + /* CMS has disabled native DHCPv4, DHCPv6 and prefix + * delegation for this lport. */ continue; } @@ -7055,6 +7076,31 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, free(snat_ips); } + /* DHCPv6 reply handling */ + HMAP_FOR_EACH (op, key_node, ports) { + if (!op->nbrp) { + continue; + } + + struct lport_addresses lrp_networks; + if (!extract_lrp_networks(op->nbrp, &lrp_networks)) { + continue; + } + + for (size_t i = 0; i < lrp_networks.n_ipv6_addrs; i++) { + ds_clear(&actions); + ds_clear(&match); + ds_put_format(&match, "inport == %s && ip6.dst == %s" + " && udp.src == 547 && udp.dst == 546", + op->json_key, lrp_networks.ipv6_addrs[i].addr_s); + ds_put_format(&actions, "reg0 = 0; dhcp6_server_pkt { " + "eth.dst <-> eth.src; ip6.dst <-> ip6.src; " + "outport <-> inport; output; };"); + ovn_lflow_add(lflows, op->od, S_ROUTER_IN_IP_INPUT, 100, + ds_cstr(&match), ds_cstr(&actions)); + } + } + /* Logical router ingress table 1: IP Input for IPv6. */ HMAP_FOR_EACH (op, key_node, ports) { if (!op->nbrp) { @@ -7774,6 +7820,19 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, continue; } + /* enable IPv6 prefix delegation */ + bool prefix_delegation = smap_get_bool(&op->nbrp->options, + "prefix_delegation", false); + if (prefix_delegation) { + struct smap options; + + smap_clone(&options, &op->sb->options); + smap_add(&options, "ipv6_prefix_delegation", "true"); + + sbrec_port_binding_set_options(op->sb, &options); + smap_destroy(&options); + } + const char *address_mode = smap_get( &op->nbrp->ipv6_ra_configs, "address_mode");