| Message ID | 1466991242-104128-2-git-send-email-dlu998@gmail.com |
|---|---|
| State | Superseded |
| Headers | show |
"dev" <dev-bounces@openvswitch.org> wrote on 06/26/2016 08:34:01 PM: > From: Darrell Ball <dlu998@gmail.com> > To: dlu998@gmail.com, dev@openvswitch.com > Date: 06/26/2016 08:34 PM > Subject: [ovs-dev] [patch_v3 1/2] ovn: Fix receive from vxlan in > ovn-controller. > Sent by: "dev" <dev-bounces@openvswitch.org> > > OVN only supports source_node replication and previously vtep interaction, > which used service node replication by default for > multicast/broadcast/unknown unicast traffic worked by happenstance. > Because of limited vxlan encapsulation metadata, received packets were > resubmitted to find the egress port(s). This is not correct for multicast, > broadcast and unknown unicast traffic as traffic will get resent on the tunnel > mesh. ovn-controller is changed not to send traffic received from vxlan > tunnels out the tunnel mesh again. Traffic received from vxlan tunnels is > now only sent locally as intended. > > To support keeping state for receipt from a vxlan tunnel a MFF logical > register is allocated for general scratchpad purposes and one bit is used for > receipt from vxlan context. > > As part of this change ovn-controller-vtep is hard-coded to set the > replication > mode of each logical switch to source node as OVN will only support source > node replication. > > Signed-off-by: Darrell Ball <dlu998@gmail.com> > --- It looks like the changes from this last weekend means the hunk of the patch for physical_run in physical.c doesn't apply cleanly... Ryan
On Tue, Jul 5, 2016 at 7:39 PM, Ryan Moats <rmoats@us.ibm.com> wrote: > "dev" <dev-bounces@openvswitch.org> wrote on 06/26/2016 08:34:01 PM: > > > From: Darrell Ball <dlu998@gmail.com> > > To: dlu998@gmail.com, dev@openvswitch.com > > Date: 06/26/2016 08:34 PM > > Subject: [ovs-dev] [patch_v3 1/2] ovn: Fix receive from vxlan in > > ovn-controller. > > Sent by: "dev" <dev-bounces@openvswitch.org> > > > > OVN only supports source_node replication and previously vtep > interaction, > > which used service node replication by default for > > multicast/broadcast/unknown unicast traffic worked by happenstance. > > Because of limited vxlan encapsulation metadata, received packets were > > resubmitted to find the egress port(s). This is not correct for > multicast, > > broadcast and unknown unicast traffic as traffic will get resent on the > tunnel > > mesh. ovn-controller is changed not to send traffic received from vxlan > > tunnels out the tunnel mesh again. Traffic received from vxlan tunnels > is > > now only sent locally as intended. > > > > To support keeping state for receipt from a vxlan tunnel a MFF logical > > register is allocated for general scratchpad purposes and one bit is > used for > > receipt from vxlan context. > > > > As part of this change ovn-controller-vtep is hard-coded to set the > > replication > > mode of each logical switch to source node as OVN will only support > source > > node replication. > > > > Signed-off-by: Darrell Ball <dlu998@gmail.com> > > --- > > It looks like the changes from this last weekend means the hunk of the > patch for physical_run in physical.c doesn't apply cleanly... > Thanks; it was on my todo list. > > Ryan > > > >
diff --git a/ovn/controller-vtep/vtep.c b/ovn/controller-vtep/vtep.c index e412b6b..f9151c2 100644 --- a/ovn/controller-vtep/vtep.c +++ b/ovn/controller-vtep/vtep.c @@ -233,6 +233,10 @@ vtep_lswitch_run(struct shash *vtep_pbs, struct sset *vtep_pswitches, vtep_ls->tunnel_key[0], tnl_key); } vteprec_logical_switch_set_tunnel_key(vtep_ls, &tnl_key, 1); + /* OVN is expected to always use source node replication mode, + * hence the replication mode is hard-coded for each logical + * switch in the context of ovn-controller-vtep. */ + vteprec_logical_switch_set_replication_mode(vtep_ls, "source_node"); sset_add(&used_ls, lswitch_name); } } diff --git a/ovn/controller/physical.c b/ovn/controller/physical.c index 85528e0..0dbdd21 100644 --- a/ovn/controller/physical.c +++ b/ovn/controller/physical.c @@ -524,6 +524,21 @@ physical_run(struct controller_ctx *ctx, enum mf_field_id mff_ovn_geneve, ofpact_put_OUTPUT(&ofpacts)->port = ofport; ofctrl_add_flow(flow_table, OFTABLE_REMOTE_OUTPUT, 100, &match, &ofpacts); + + /* For packets received from a Vxlan tunnel which get + * resubmitted to OFTABLE_LOG_INGRESS_PIPELINE due to lack of + * needed metadata in Vxlan, explicitly skip sending back out + * any tunnels and resubmit to table 33 for local delivery. */ + match_init_catchall(&match); + ofpbuf_clear(&ofpacts); + + match_set_reg(&match, MFF_LOG_FLAGS - MFF_REG0, + MFF_LOG_FLAGS_RCV_FROM_VXLAN); + /* Resubmit to table 33. */ + put_resubmit(OFTABLE_LOCAL_OUTPUT, &ofpacts); + ofctrl_add_flow(flow_table, OFTABLE_REMOTE_OUTPUT, 101, &match, + &ofpacts); + } } @@ -687,11 +702,7 @@ physical_run(struct controller_ctx *ctx, enum mf_field_id mff_ovn_geneve, * metadata, we only support VXLAN for connections to gateways. The * VNI is used to populate MFF_LOG_DATAPATH. The gateway's logical * port is set to MFF_LOG_INPORT. Then the packet is resubmitted to - * table 16 to determine the logical egress port. - * - * xxx Due to resubmitting to table 16, broadcasts will be re-sent to - * xxx all logical ports, including non-local ones which could cause - * xxx duplicate packets to be received by multiply-connected gateways. */ + * table 16 to determine the logical egress port. */ HMAP_FOR_EACH (tun, hmap_node, &tunnels) { if (tun->type != VXLAN) { continue; @@ -711,6 +722,10 @@ physical_run(struct controller_ctx *ctx, enum mf_field_id mff_ovn_geneve, ofpbuf_clear(&ofpacts); put_move(MFF_TUN_ID, 0, MFF_LOG_DATAPATH, 0, 24, &ofpacts); put_load(binding->tunnel_key, MFF_LOG_INPORT, 0, 15, &ofpacts); + /* For packets received from a vxlan tunnel, set a flag to that + * effect. */ + put_load(MFF_LOG_FLAGS_RCV_FROM_VXLAN, MFF_LOG_FLAGS, + 0, 32, &ofpacts); put_resubmit(OFTABLE_LOG_INGRESS_PIPELINE, &ofpacts); ofctrl_add_flow(flow_table, OFTABLE_PHY_TO_LOG, 100, &match, diff --git a/ovn/lib/logical-fields.h b/ovn/lib/logical-fields.h index f0f97a9..b340653 100644 --- a/ovn/lib/logical-fields.h +++ b/ovn/lib/logical-fields.h @@ -23,6 +23,7 @@ * These values are documented in ovn-architecture(7), please update the * documentation if you change any of them. */ #define MFF_LOG_DATAPATH MFF_METADATA /* Logical datapath (64 bits). */ +#define MFF_LOG_FLAGS MFF_REG2 /* Logical flags (32 bits). */ #define MFF_LOG_DNAT_ZONE MFF_REG3 /* conntrack dnat zone for gateway router * (32 bits). */ #define MFF_LOG_SNAT_ZONE MFF_REG4 /* conntrack snat zone for gateway router @@ -37,7 +38,15 @@ * Make sure these don't overlap with the logical fields! */ #define MFF_LOG_REGS \ MFF_LOG_REG(MFF_REG0) \ - MFF_LOG_REG(MFF_REG1) \ - MFF_LOG_REG(MFF_REG2) + MFF_LOG_REG(MFF_REG1) + +/* MFF_LOG_FLAGS_REG flag assignments */ +enum mff_log_flags { + /* This flag is used to indicate that a packet was received from a vxlan + * tunnel to compensate for the lack of egress port information available + * in Vxlan encapsulation. Egress port information is available for Geneve + * and STT tunnel types. */ + MFF_LOG_FLAGS_RCV_FROM_VXLAN = (1 << 0), +}; #endif /* ovn/lib/logical-fields.h */ diff --git a/tests/ovn.at b/tests/ovn.at index 297070c..4fe536d 100644 --- a/tests/ovn.at +++ b/tests/ovn.at @@ -1136,6 +1136,9 @@ sleep 1 vtep-ctl bind-ls br-vtep br-vtep_n2 0 lsw0 +OVS_WAIT_UNTIL([test -n "`as vtep vtep-ctl get-replication-mode lsw0 | + grep -- source`"]) +# It takes more time for the update to be processed by ovs-vtep. sleep 1 # Add hv3 on the other side of the vtep
OVN only supports source_node replication and previously vtep interaction, which used service node replication by default for multicast/broadcast/unknown unicast traffic worked by happenstance. Because of limited vxlan encapsulation metadata, received packets were resubmitted to find the egress port(s). This is not correct for multicast, broadcast and unknown unicast traffic as traffic will get resent on the tunnel mesh. ovn-controller is changed not to send traffic received from vxlan tunnels out the tunnel mesh again. Traffic received from vxlan tunnels is now only sent locally as intended. To support keeping state for receipt from a vxlan tunnel a MFF logical register is allocated for general scratchpad purposes and one bit is used for receipt from vxlan context. As part of this change ovn-controller-vtep is hard-coded to set the replication mode of each logical switch to source node as OVN will only support source node replication. Signed-off-by: Darrell Ball <dlu998@gmail.com> --- ovn/controller-vtep/vtep.c | 4 ++++ ovn/controller/physical.c | 25 ++++++++++++++++++++----- ovn/lib/logical-fields.h | 13 +++++++++++-- tests/ovn.at | 3 +++ 4 files changed, 38 insertions(+), 7 deletions(-)