From patchwork Mon Aug 27 20:31:07 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Numan Siddique X-Patchwork-Id: 962629 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=openvswitch.org (client-ip=140.211.169.12; helo=mail.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=redhat.com Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 41zk7F5CJ0z9s55 for ; Tue, 28 Aug 2018 06:31:21 +1000 (AEST) Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by mail.linuxfoundation.org (Postfix) with ESMTP id 53A12DBC; Mon, 27 Aug 2018 20:31:20 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@mail.linuxfoundation.org Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 79988DB2 for ; Mon, 27 Aug 2018 20:31:18 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mx1.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id D16697D5 for ; Mon, 27 Aug 2018 20:31:17 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C96A540006EC for ; Mon, 27 Aug 2018 20:31:16 +0000 (UTC) Received: from nusiddiq.redhat (ovpn-116-25.sin2.redhat.com [10.67.116.25]) by smtp.corp.redhat.com (Postfix) with ESMTP id 47D122027EA0; Mon, 27 Aug 2018 20:31:14 +0000 (UTC) From: nusiddiq@redhat.com To: dev@openvswitch.org Date: Tue, 28 Aug 2018 02:01:07 +0530 Message-Id: <20180827203107.957-1-nusiddiq@redhat.com> X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.6]); Mon, 27 Aug 2018 20:31:16 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.6]); Mon, 27 Aug 2018 20:31:16 +0000 (UTC) for IP:'10.11.54.4' DOMAIN:'int-mx04.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'nusiddiq@redhat.com' RCPT:'' X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [ovs-dev] [branch 2.9] ovn: Fix the issue in IPv6 Neigh Solicitation responder for router IPs X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: ovs-dev-bounces@openvswitch.org Errors-To: ovs-dev-bounces@openvswitch.org From: Numan Siddique Commit [1] added a new action 'nd_na_router' to set the router bit in the 'flags' field of the Neighbour Adv packet for router IPs. This action was used in the router pipeline. But the logical switch pipeline also adds the Neighbour Adv flows for router IPs but with 'nd_na' action (which the commit [1] didn't handle). This patch fixes this by changing the action to 'nd_na_router' for router IPs. Without this patch, the IPv6 functionality is broken. [1] - "c9756229ed: ovn: Set proper Neighbour Adv flag when replying for NS request for router IP" Signed-off-by: Numan Siddique Acked-by: Han Zhou (cherry picked from commit bec7c6415d1d770c90ff32e3626c0f63d55763af) Conflicts: tests/ovn.at --- ovn/northd/ovn-northd.8.xml | 24 ++++++++++++++++++++++-- ovn/northd/ovn-northd.c | 4 +++- tests/ovn.at | 22 +++++++++++++++++++++- 3 files changed, 46 insertions(+), 4 deletions(-) diff --git a/ovn/northd/ovn-northd.8.xml b/ovn/northd/ovn-northd.8.xml index 7cd7a10ed..78df522c9 100644 --- a/ovn/northd/ovn-northd.8.xml +++ b/ovn/northd/ovn-northd.8.xml @@ -544,8 +544,8 @@ output;

Priority-50 flows that match IPv6 ND neighbor solicitations to each known IP address A (and A's - solicited node address) of every logical switch port, and - respond with neighbor advertisements directly with + solicited node address) of every logical switch port except of type + router, and respond with neighbor advertisements directly with corresponding Ethernet address E:

@@ -561,6 +561,26 @@ nd_na { }; +

+ Priority-50 flows that match IPv6 ND neighbor solicitations to + each known IP address A (and A's + solicited node address) of logical switch port of type router, and + respond with neighbor advertisements directly with + corresponding Ethernet address E: +

+ + 
+nd_na_router {
+    eth.src = E;
+    ip6.src = A;
+    nd.target = A;
+    nd.tll = E;
+    outport = inport;
+    flags.loopback = 1;
+    output;
+};
+
+

These flows are omitted for logical ports (other than router ports or localport ports) that are down. diff --git a/ovn/northd/ovn-northd.c b/ovn/northd/ovn-northd.c index 56bddffcd..9ae4daafe 100644 --- a/ovn/northd/ovn-northd.c +++ b/ovn/northd/ovn-northd.c @@ -3733,7 +3733,7 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, ds_clear(&actions); ds_put_format(&actions, - "nd_na { " + "%s { " "eth.src = %s; " "ip6.src = %s; " "nd.target = %s; " @@ -3742,6 +3742,8 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, "flags.loopback = 1; " "output; " "};", + !strcmp(op->nbsp->type, "router") ? + "nd_na_router" : "nd_na", op->lsp_addrs[i].ea_s, op->lsp_addrs[i].ipv6_addrs[j].addr_s, op->lsp_addrs[i].ipv6_addrs[j].addr_s, diff --git a/tests/ovn.at b/tests/ovn.at index 460f5f5e2..add506a54 100644 --- a/tests/ovn.at +++ b/tests/ovn.at @@ -9192,7 +9192,7 @@ ovn-nbctl lr-add lr0_ip6 ovn-nbctl lrp-add lr0_ip6 lrp0_ip6 00:00:00:00:af:01 aef0:0:0:0:0:0:0:0/64 ovn-nbctl lsp-add sw0_ip6 lrp0_ip6-attachment ovn-nbctl lsp-set-type lrp0_ip6-attachment router -ovn-nbctl lsp-set-addresses lrp0_ip6-attachment 00:00:00:00:af:01 +ovn-nbctl lsp-set-addresses lrp0_ip6-attachment router ovn-nbctl lsp-set-options lrp0_ip6-attachment router-port=lrp0_ip6 ovn-nbctl set logical_router_port lrp0_ip6 ipv6_ra_configs:address_mode=slaac @@ -9228,6 +9228,26 @@ ovs-vsctl set open . external-ids:ovn-bridge-mappings=phys:br-phys # XXX This should be more systematic. sleep 1 +OVS_WAIT_UNTIL([test x`ovn-nbctl lsp-get-up sw0_ip6-port1` = xup]) + +# There should be 2 Neighbor Advertisement flows for the router port +# aef0:: ip address in logical switch pipeline with action nd_na_router. +AT_CHECK([ovn-sbctl dump-flows sw0_ip6 | grep ls_in_arp_rsp | \ +grep "nd_na_router" | wc -l], [0], [2 +]) + +# There should be 4 Neighbor Advertisement flows with action nd_na_router +# in the router pipeline for the router lr0_ip6. +AT_CHECK([ovn-sbctl dump-flows lr0_ip6 | grep nd_na_router | \ +wc -l], [0], [4 +]) + +cr_uuid=`ovn-sbctl find port_binding logical_port=cr-ip6_public | grep _uuid | cut -f2 -d ":"` + +# There is only one chassis. +chassis_uuid=`ovn-sbctl list chassis | grep _uuid | cut -f2 -d ":"` +OVS_WAIT_UNTIL([test $chassis_uuid = `ovn-sbctl get port_binding $cr_uuid chassis`]) + trim_zeros() { sed 's/\(00\)\{1,\}$//' }