From patchwork Sat May 16 07:33:15 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Han Zhou X-Patchwork-Id: 1291866 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.136; helo=silver.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=ovn.org Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49PH852XYPz9sTL for ; Sat, 16 May 2020 17:33:39 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id BE989204CC; Sat, 16 May 2020 07:33:35 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7Cp63uBZg-5D; Sat, 16 May 2020 07:33:33 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by silver.osuosl.org (Postfix) with ESMTP id 23BF620419; Sat, 16 May 2020 07:33:33 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id F288EC0865; Sat, 16 May 2020 07:33:32 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id C95CCC016F for ; Sat, 16 May 2020 07:33:31 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id B100B89820 for ; Sat, 16 May 2020 07:33:31 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rsDB6VTm+NYO for ; Sat, 16 May 2020 07:33:30 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from relay8-d.mail.gandi.net (relay8-d.mail.gandi.net [217.70.183.201]) by hemlock.osuosl.org (Postfix) with ESMTPS id 61C878982B for ; Sat, 16 May 2020 07:33:30 +0000 (UTC) X-Originating-IP: 216.113.160.71 Received: from localhost.localdomain.localdomain (unknown [216.113.160.71]) (Authenticated sender: hzhou@ovn.org) by relay8-d.mail.gandi.net (Postfix) with ESMTPSA id C95861BF206; Sat, 16 May 2020 07:33:25 +0000 (UTC) From: Han Zhou To: dev@openvswitch.org Date: Sat, 16 May 2020 00:33:15 -0700 Message-Id: <1589614395-99499-1-git-send-email-hzhou@ovn.org> X-Mailer: git-send-email 2.1.0 Cc: Han Zhou Subject: [ovs-dev] [RFC PATCH ovn v2] ovn-northd: Support optionally avoid static neighbor flows in routers. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" Support option:dynamic_neigh_routers for logical routers, so that in particular use cases static neighbor flows are not prepopulated IP addresses belonging to neighbor router ports, to avoid flow exploding problem reported for ovn-kubernetes large scale setup. Reported-by: Girish Moodalbail Reported-at: https://mail.openvswitch.org/pipermail/ovs-discuss/2020-May/049995.html Signed-off-by: Han Zhou --- v1 -> v2: Change the options to skip flows only for routers. In v1 it skipped other neighbor flows but not router neighbors which was not the purpose of this patch. northd/ovn-northd.8.xml | 5 ++++- northd/ovn-northd.c | 6 ++++++ ovn-nb.xml | 13 +++++++++++++ 3 files changed, 23 insertions(+), 1 deletion(-) diff --git a/northd/ovn-northd.8.xml b/northd/ovn-northd.8.xml index 8f224b0..95a6051 100644 --- a/northd/ovn-northd.8.xml +++ b/northd/ovn-northd.8.xml @@ -2692,7 +2692,10 @@ outport = P; Logical_Switch_Port table. For router ports connected to other logical routers, MAC bindings can be known statically from the mac and networks - column in the Logical_Router_Port table. + column in the Logical_Router_Port table. (Note: the + flow is NOT installed for the IP addresses that belong to a neighbor + logical router port if the current router has the + options:dynamic_neigh_routers set to true)

diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 87625c3..e5858e2 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -9997,6 +9997,12 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, continue; } + if (peer->od->nbr && + smap_get_bool(&peer->od->nbr->options, + "dynamic_neigh_routers", false)) { + continue; + } + for (size_t i = 0; i < op->od->n_router_ports; i++) { const char *router_port_name = smap_get( &op->od->router_ports[i]->nbsp->options, diff --git a/ovn-nb.xml b/ovn-nb.xml index 95ee4c9..131a4de 100644 --- a/ovn-nb.xml +++ b/ovn-nb.xml @@ -1840,6 +1840,19 @@ connected to the logical router. Default: False.

+ +

+ If set to true, the router will resolve neighbor + routers' MAC addresses only by dynamic ARP/ND, instead of + prepopulating static mappings for all neighbor routers in the ARP/ND + Resolution stage. This reduces number of flows, but requires ARP/ND + messages to resolve the IP-MAC bindings when needed. It is + false by default. It is recommended to set to + true when a large number of logical routers are + connected to the same logical switch but most of them never need to + send traffic between each other. +

+