From patchwork Wed May 5 15:38:06 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Michelson X-Patchwork-Id: 1474374 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.138; helo=smtp1.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=GKZJggN9; dkim-atps=neutral Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4Fb17z2WhTz9s1l for ; Thu, 6 May 2021 01:38:22 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id D8FC283EDD; Wed, 5 May 2021 15:38:20 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9tUwnfDBmj29; Wed, 5 May 2021 15:38:20 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [IPv6:2605:bc80:3010:104::8cd3:938]) by smtp1.osuosl.org (Postfix) with ESMTP id 1BCA283EC0; Wed, 5 May 2021 15:38:19 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id B26F8C000E; Wed, 5 May 2021 15:38:18 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 1BBAAC0001 for ; Wed, 5 May 2021 15:38:17 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id E9955607ED for ; Wed, 5 May 2021 15:38:16 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp3.osuosl.org (amavisd-new); dkim=pass (1024-bit key) header.d=redhat.com Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T3kRtN8gj-PD for ; Wed, 5 May 2021 15:38:16 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by smtp3.osuosl.org (Postfix) with ESMTPS id 21BA1607E1 for ; Wed, 5 May 2021 15:38:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1620229094; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Ovd/ocJnwVALQlIqjjQPrIMUz4g2OZJADbAH3Q+Spi4=; b=GKZJggN9sn2vPpdlWfUttSLcFAjUV0abuoG0NmskTceXVL1FCFMe2zXJDINfL4DjCVPRLv CXowFFNzKackCmT81ubw8FnSxb6ISc7ZP//09DI+dol+kgcDDNrK+I0EfGfqa3O/WxkMGt 50CKzJzeVrE/9bVDEpjXVefJbzCnIIU= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-46-l_oSLLkNMaGN1_MRWX9uiw-1; Wed, 05 May 2021 11:38:13 -0400 X-MC-Unique: l_oSLLkNMaGN1_MRWX9uiw-1 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 42D4A84A5E3 for ; Wed, 5 May 2021 15:38:12 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-114-56.rdu2.redhat.com [10.10.114.56]) by smtp.corp.redhat.com (Postfix) with ESMTP id E14AF60C17 for ; Wed, 5 May 2021 15:38:11 +0000 (UTC) From: Mark Michelson To: dev@openvswitch.org Date: Wed, 5 May 2021 11:38:06 -0400 Message-Id: <20210505153811.2138036-1-mmichels@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=mmichels@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Subject: [ovs-dev] [PATCH ovn v7 0/5] ARP and Floating IP Fixes X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" This patch series aims to fix issues seen in OpenStack deployments when floating IPs were assigned to routers, and those floating IPs were not part of any subnet configured on that router. Originally, this was a two patch series but it has bloomed into a 5 patch series. Patch 1 fixes the scenario where a VM attempts to reach a floating IP on the directly connected router. This has been part of this patch series since v1. Patch 2 is an incidental fix that removes a redundant paragraph from documentation. Patches 3 and 4 work towards pre-allocating MAC_Bindings for known router addresses. Patch 3 is the northd side, placing all router_addresses in the connected logical switch port's Port_Binding record. Patch 4 is the ovn-controller side, adding the MAC_Bindings based on the Port_Binding's router_addresses. And Patch 5 addresses the situation for when the pre-allocated MAC_Bindings cannot be used. For this situation, we will flood the ARP request if the TPA is for a configured IP address that is outside the connected routers' subnets. --- v6 -> v7: * Patch 3 has been further refined to ensure that router addresses are only saved to a switch that is connected to a gateway router port. In v6, we ensured the switch was connected to a router that had a gateway port. But in v7, we now ensure that the switch is directly connected to the gateway port. * Patch 4 has added a new whitelisted warning message for system tests. This is because we can potentially insert the same MAC_Binding record twice before we have been notified by the server that the first was added. v5 -> v6: * Patch 3 now only saves gateway router addresses to the connected switch's router_addresses column. Previous versions saved all router addresses to all connected switches' columns. * Patch 5 has two new tests added. One ensures that the priority 90 flows that flood ARP for unreachable addresses are present. The other is a restored system test that ensures that a ping to a floating IP outside of the router's subnet succeeds. * Patch 4 has a small change of types from int to size_t for a loop index. v4 -> v5: Fixed memory leaks in patch 3 and patch 4. Patches 1, 2, and 5 are the same as in v4. --- Mark Michelson (5): northd: Swap src and dst eth addresses in router egress loop. ovn-sb: Remove redundant "nat-addresses" information from Port_Binding. northd: Save all router addresses in Port_Bindings pinctrl: Add Chassis MAC_Bindings for all router addresses. northd: Flood ARPs to routers for "unreachable" addresses. controller/ovn-controller.c | 4 + controller/pinctrl.c | 300 +++++++++++++++++++++------- controller/pinctrl.h | 1 + northd/ovn-northd.8.xml | 8 + northd/ovn-northd.c | 378 ++++++++++++++++++++++++------------ northd/ovn_northd.dl | 153 +++++++++++---- ovn-sb.ovsschema | 8 +- ovn-sb.xml | 37 +++- tests/ofproto-macros.at | 5 + tests/ovn-controller.at | 179 +++++++++++++++++ tests/ovn-northd.at | 352 +++++++++++++++++++++++++++++++++ tests/system-ovn.at | 218 +++++++++++++++++++++ 12 files changed, 1408 insertions(+), 235 deletions(-)