diff mbox series

[ovs-dev,RFC,v4,03/24] Move out Table 3 operations to functions

Message ID 20200902145950.25875-3-anton.ivanov@cambridgegreys.com
State Superseded
Headers show
Series [ovs-dev,RFC,v4,01/24] Move out Table 0 (ingress) operations to functions | expand

Commit Message

Anton Ivanov Sept. 2, 2020, 2:59 p.m. UTC
From: Anton Ivanov <anton.ivanov@cambridgegreys.com>

Signed-off-by: Anton Ivanov <anton.ivanov@cambridgegreys.com>
---
 northd/ovn-northd.c | 146 ++++++++++++++++++++++++++------------------
 1 file changed, 87 insertions(+), 59 deletions(-)
diff mbox series

Patch

diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c
index 3c3c904b6..10ddf6d0a 100644
--- a/northd/ovn-northd.c
+++ b/northd/ovn-northd.c
@@ -8636,39 +8636,13 @@  build_lrouter_flows_arp_nd_mac_learn_op(struct ovn_port *op, struct hmap *lflows
 }
 
 static void
-build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
-                    struct hmap *lflows, struct shash *meter_groups,
-                    struct hmap *lbs)
+build_lrouter_flows_table_3_ip_input_od(
+        struct ovn_datapath *od, struct hmap *lflows)
 {
-    /* This flow table structure is documented in ovn-northd(8), so please
-     * update ovn-northd.8.xml if you change anything. */
-
     struct ds match = DS_EMPTY_INITIALIZER;
-    struct ds actions = DS_EMPTY_INITIALIZER;
-
-    struct ovn_datapath *od;
-    HMAP_FOR_EACH (od, key_node, datapaths) {
-        build_lrouter_flows_ingress_table_0_od(od, lflows);
-    }
-
-    struct ovn_port *op;
-    HMAP_FOR_EACH (op, key_node, ports) {
-        build_lrouter_flows_ingress_table_0_op(op, lflows);
-    }
-
-    HMAP_FOR_EACH (od, key_node, datapaths) {
-        build_lrouter_flows_arp_nd_mac_learn_od(od, lflows);
-    }
-
-    HMAP_FOR_EACH (op, key_node, ports) {
-        build_lrouter_flows_arp_nd_mac_learn_op(op, lflows);
-    }
 
     /* Logical router ingress table 3: IP Input. */
-    HMAP_FOR_EACH (od, key_node, datapaths) {
-        if (!od->nbr) {
-            continue;
-        }
+    if (od->nbr) {
 
         /* L3 admission control: drop multicast and broadcast source, localhost
          * source or destination, and zero network source or destination
@@ -8756,7 +8730,6 @@  build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
                       "eth.bcast", "drop;");
 
         /* TTL discard */
-        ds_clear(&match);
         ds_put_cstr(&match, "ip4 && ip.ttl == {0, 1}");
         ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_INPUT, 30,
                       ds_cstr(&match), "drop;");
@@ -8765,19 +8738,20 @@  build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
          * routing. */
         ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_INPUT, 0, "1", "next;");
     }
+    ds_destroy(&match);
+}
 
-    /* Logical router ingress table 3: IP Input for IPv4. */
-    HMAP_FOR_EACH (op, key_node, ports) {
-        if (!op->nbrp) {
-            continue;
-        }
+static void
+build_lrouter_flows_table_3_ip_input_op(struct ovn_port *op, struct hmap *lflows)
+{
+    struct ds match = DS_EMPTY_INITIALIZER;
+    struct ds actions = DS_EMPTY_INITIALIZER;
 
-        if (op->derived) {
-            /* No ingress packets are accepted on a chassisredirect
-             * port, so no need to program flows for that port. */
-            continue;
-        }
+    /* Logical router ingress table 3: IP Input for IPv4.
+     * No ingress packets are accepted on a chassisredirect
+     * port, so no need to program flows for that port. */
 
+    if (op->nbrp && (!op->derived)) {
         if (op->lrp_networks.n_ipv4_addrs) {
             /* L3 admission control: drop packets that originate from an
              * IPv4 address owned by the router or a broadcast address
@@ -9084,7 +9058,7 @@  build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
          * ETH address.
          */
         if (op != op->od->l3dgw_port) {
-            continue;
+            return;
         }
 
         for (size_t i = 0; i < op->od->nbr->n_nat; i++) {
@@ -9164,16 +9138,18 @@  build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
         }
     }
 
-    /* DHCPv6 reply handling */
-    HMAP_FOR_EACH (op, key_node, ports) {
-        if (!op->nbrp) {
-            continue;
-        }
+    ds_destroy(&match);
+    ds_destroy(&actions);
+}
 
-        if (op->derived) {
-            continue;
-        }
+static void
+build_lrouter_dhcp_reply_op(struct ovn_port *op, struct hmap *lflows)
+{
+    struct ds match = DS_EMPTY_INITIALIZER;
+    struct ds actions = DS_EMPTY_INITIALIZER;
 
+    /* DHCPv6 reply handling */
+    if (op->nbrp && (!op->derived)) {
         for (size_t i = 0; i < op->lrp_networks.n_ipv6_addrs; i++) {
             ds_clear(&actions);
             ds_clear(&match);
@@ -9185,19 +9161,22 @@  build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
                           ds_cstr(&match), ds_cstr(&actions));
         }
     }
+    ds_destroy(&match);
+    ds_destroy(&actions);
+}
 
-    /* Logical router ingress table 1: IP Input for IPv6. */
-    HMAP_FOR_EACH (op, key_node, ports) {
-        if (!op->nbrp) {
-            continue;
-        }
+static void
+build_lrouter_ip_input_chassis_redirect_op(
+        struct ovn_port *op, struct hmap *lflows)
+{
+    struct ds match = DS_EMPTY_INITIALIZER;
+    struct ds actions = DS_EMPTY_INITIALIZER;
 
-        if (op->derived) {
-            /* No ingress packets are accepted on a chassisredirect
-             * port, so no need to program flows for that port. */
-            continue;
-        }
+    /* Logical router ingress table 1: IP Input for IPv6.
+     * No ingress packets are accepted on a chassisredirect
+     * port, so no need to program flows for that port. */
 
+    if (op->nbrp && (!op->derived)) {
         if (op->lrp_networks.n_ipv6_addrs) {
             /* ICMPv6 echo reply.  These flows reply to echo requests
              * received for the router's IP address. */
@@ -9320,6 +9299,55 @@  build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
                                     &op->nbrp->header_);
         }
     }
+    ds_destroy(&match);
+    ds_destroy(&actions);
+}
+
+static void
+build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
+                    struct hmap *lflows, struct shash *meter_groups,
+                    struct hmap *lbs)
+{
+    /* This flow table structure is documented in ovn-northd(8), so please
+     * update ovn-northd.8.xml if you change anything. */
+
+    struct ds match = DS_EMPTY_INITIALIZER;
+    struct ds actions = DS_EMPTY_INITIALIZER;
+
+
+    struct ovn_datapath *od;
+    HMAP_FOR_EACH (od, key_node, datapaths) {
+        build_lrouter_flows_ingress_table_0_od(od, lflows);
+    }
+
+    struct ovn_port *op;
+    HMAP_FOR_EACH (op, key_node, ports) {
+        build_lrouter_flows_ingress_table_0_op(op, lflows);
+    }
+
+    HMAP_FOR_EACH (od, key_node, datapaths) {
+        build_lrouter_flows_arp_nd_mac_learn_od(od, lflows);
+    }
+
+    HMAP_FOR_EACH (op, key_node, ports) {
+        build_lrouter_flows_arp_nd_mac_learn_op(op, lflows);
+    }
+
+    HMAP_FOR_EACH (op, key_node, ports) {
+        build_lrouter_flows_table_3_ip_input_op(op, lflows);
+    }
+
+    HMAP_FOR_EACH (od, key_node, datapaths) {
+        build_lrouter_flows_table_3_ip_input_od(od, lflows);
+    }
+
+    HMAP_FOR_EACH (op, key_node, ports) {
+        build_lrouter_dhcp_reply_op(op, lflows);
+    }
+
+    HMAP_FOR_EACH (op, key_node, ports) {
+        build_lrouter_ip_input_chassis_redirect_op(op, lflows);
+    }
 
     /* NAT, Defrag and load balancing. */
     HMAP_FOR_EACH (od, key_node, datapaths) {