From patchwork Wed May 13 13:38:51 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ihar Hrachyshka X-Patchwork-Id: 1289310 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.136; helo=silver.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=redhat.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=bmD/raFz; dkim-atps=neutral Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49MbQc4x80z9sRR for ; Wed, 13 May 2020 23:40:24 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id C97812202C; Wed, 13 May 2020 13:40:22 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2u2eUKOnm4hM; Wed, 13 May 2020 13:40:18 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by silver.osuosl.org (Postfix) with ESMTP id EEE892048E; Wed, 13 May 2020 13:39:42 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id CCB92C088F; Wed, 13 May 2020 13:39:42 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id DD342C08A6 for ; Wed, 13 May 2020 13:39:41 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id C020C87252 for ; Wed, 13 May 2020 13:39:41 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 24Z_IoepQYTn for ; Wed, 13 May 2020 13:39:39 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by fraxinus.osuosl.org (Postfix) with ESMTPS id 1EC0287261 for ; Wed, 13 May 2020 13:39:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1589377178; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=F/JLG64eg2eEhhKacSG04CXzWt/RQjvxKx3amOODyyA=; b=bmD/raFzhIS38mPMdputt59rdfFUnhnjfpLm+26lemAa44LVbigGtTwiOlUHH0w2ZxI8IU 9zNlbwpwRJqNC1Dy8o6HckAXQGxzqpaDHjA0fUYM0+fviMXZZoZ0OEYvxUbHamLJp+k/5M Tk0Vu3eevnTUsPEpFEPmZld/vzZWNHg= Received: from mail-qk1-f200.google.com (mail-qk1-f200.google.com [209.85.222.200]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-47-AtGTk4AhOICMFazQ8NxD5g-1; Wed, 13 May 2020 09:39:21 -0400 X-MC-Unique: AtGTk4AhOICMFazQ8NxD5g-1 Received: by mail-qk1-f200.google.com with SMTP id a62so17235036qkd.4 for ; Wed, 13 May 2020 06:39:21 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=F/JLG64eg2eEhhKacSG04CXzWt/RQjvxKx3amOODyyA=; b=GSEgt6q5v5o/5u9rjXtMTfxRhRlAMk1CAn6zwcTzEbLFD/5wXcpw/TmUS9GVlOwRys FubNDi8hniGLjQ42cAfy+tLJctg9Xat9L8jDTQpEXf+Nk1dM4AVUobHuQSwkOK6gdOSo vqhW9ei5nX/gckVrZK8ESGKbweYDoaTsRrIHgYOyL0XGwYzaKKUn9XATpukNLq5TD7OZ U5GmLI8vzTcGiA/HIeY2zCwDcRpXZFKHKl9E9yWQ0zr9JWvoUXpdzbw/pUQoP3ugfBNN qJ/GmUI4i+ZK39f7WSl6p+dnGtBG0LMNZg9vnWReqMll3Lp+1hdYZxzZ64fXie3e+lo3 O6rQ== X-Gm-Message-State: AGi0PuYDV+Uw4qeI7qSn0GbY2/5ltoMkjJ+CET3p1hax3Q3/w7LHe4WD PjzVnQJMEn3+D6fa4GJKm92LkLJYPt93eNNSAFKAvEKuSgDc4PRVdOyqVyt74t5+hbkmpDkrIb3 wO4rGcJpHvd8/ X-Received: by 2002:a37:7143:: with SMTP id m64mr24908821qkc.27.1589377161245; Wed, 13 May 2020 06:39:21 -0700 (PDT) X-Google-Smtp-Source: APiQypL234xhR8R8fJUhLxRiC66kSTNFIDt58ER4nRpp6l8c5W6jfvlIHaz+zMf6XkfleajbhAy34g== X-Received: by 2002:a37:7143:: with SMTP id m64mr24908801qkc.27.1589377161024; Wed, 13 May 2020 06:39:21 -0700 (PDT) Received: from localhost.localdomain.com (cpe-172-73-180-250.carolina.res.rr.com. [172.73.180.250]) by smtp.googlemail.com with ESMTPSA id h12sm12048411qtb.19.2020.05.13.06.39.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 13 May 2020 06:39:20 -0700 (PDT) From: Ihar Hrachyshka To: dev@openvswitch.org Date: Wed, 13 May 2020 09:38:51 -0400 Message-Id: <20200513133853.116959-5-ihrachys@redhat.com> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200513133853.116959-1-ihrachys@redhat.com> References: <20200513133853.116959-1-ihrachys@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Subject: [ovs-dev] [PATCH ovn v7 4/6] Spin out flow generation into build_drop_arp_nd_flows_for_unbound_router_ports X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" Signed-off-by: Ihar Hrachyshka --- northd/ovn-northd.c | 90 ++++++++++++++++++++++++--------------------- 1 file changed, 49 insertions(+), 41 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 0236dcd5c..5e7796c5b 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -6227,6 +6227,53 @@ build_dhcpv6_options_flows(struct ovn_port *op, ds_destroy(&match); } +static void +build_drop_arp_nd_flows_for_unbound_router_ports(struct ovn_port *op, + const struct ovn_port *port, + struct hmap *lflows) +{ + struct ds match = DS_EMPTY_INITIALIZER; + + for (size_t i = 0; i < op->n_lsp_addrs; i++) { + for (size_t j = 0; j < op->od->n_router_ports; j++) { + struct ovn_port *rp = op->od->router_ports[j]; + for (size_t k = 0; k < rp->n_lsp_addrs; k++) { + for (size_t l = 0; l < rp->lsp_addrs[k].n_ipv4_addrs; l++) { + ds_clear(&match); + ds_put_format( + &match, "inport == %s && eth.src == %s" + " && !is_chassis_resident(%s)" + " && arp.tpa == %s && arp.op == 1", + port->json_key, + op->lsp_addrs[i].ea_s, op->json_key, + rp->lsp_addrs[k].ipv4_addrs[l].addr_s); + ovn_lflow_add_with_hint(lflows, op->od, + S_SWITCH_IN_EXTERNAL_PORT, + 100, ds_cstr(&match), "drop;", + &op->nbsp->header_); + } + for (size_t l = 0; l < rp->lsp_addrs[k].n_ipv6_addrs; l++) { + ds_clear(&match); + ds_put_format( + &match, "inport == %s && eth.src == %s" + " && !is_chassis_resident(%s)" + " && nd_ns && ip6.dst == {%s, %s} && nd.target == %s", + port->json_key, + op->lsp_addrs[i].ea_s, op->json_key, + rp->lsp_addrs[k].ipv6_addrs[l].addr_s, + rp->lsp_addrs[k].ipv6_addrs[l].sn_addr_s, + rp->lsp_addrs[k].ipv6_addrs[l].addr_s); + ovn_lflow_add_with_hint(lflows, op->od, + S_SWITCH_IN_EXTERNAL_PORT, 100, + ds_cstr(&match), "drop;", + &op->nbsp->header_); + } + } + } + } + ds_destroy(&match); +} + static void build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, struct hmap *port_groups, struct hmap *lflows, @@ -6623,47 +6670,8 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, * external ports on chassis not binding those ports. * This makes the router pipeline to be run only on the chassis * binding the external ports. */ - - for (size_t i = 0; i < op->n_lsp_addrs; i++) { - for (size_t j = 0; j < op->od->n_router_ports; j++) { - struct ovn_port *rp = op->od->router_ports[j]; - for (size_t k = 0; k < rp->n_lsp_addrs; k++) { - for (size_t l = 0; l < rp->lsp_addrs[k].n_ipv4_addrs; - l++) { - ds_clear(&match); - ds_put_format( - &match, "inport == %s && eth.src == %s" - " && !is_chassis_resident(%s)" - " && arp.tpa == %s && arp.op == 1", - op->od->localnet_port->json_key, - op->lsp_addrs[i].ea_s, op->json_key, - rp->lsp_addrs[k].ipv4_addrs[l].addr_s); - ovn_lflow_add_with_hint(lflows, op->od, - S_SWITCH_IN_EXTERNAL_PORT, - 100, ds_cstr(&match), "drop;", - &op->nbsp->header_); - } - for (size_t l = 0; l < rp->lsp_addrs[k].n_ipv6_addrs; - l++) { - ds_clear(&match); - ds_put_format( - &match, "inport == %s && eth.src == %s" - " && !is_chassis_resident(%s)" - " && nd_ns && ip6.dst == {%s, %s} && " - "nd.target == %s", - op->od->localnet_port->json_key, - op->lsp_addrs[i].ea_s, op->json_key, - rp->lsp_addrs[k].ipv6_addrs[l].addr_s, - rp->lsp_addrs[k].ipv6_addrs[l].sn_addr_s, - rp->lsp_addrs[k].ipv6_addrs[l].addr_s); - ovn_lflow_add_with_hint(lflows, op->od, - S_SWITCH_IN_EXTERNAL_PORT, 100, - ds_cstr(&match), "drop;", - &op->nbsp->header_); - } - } - } - } + build_drop_arp_nd_flows_for_unbound_router_ports( + op, op->od->localnet_port, lflows); } char *svc_check_match = xasprintf("eth.dst == %s", svc_monitor_mac);