| Message ID | 20220629054743.2260814-1-amusil@redhat.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [ovs-dev,v2] northd.c: Add flow to skip put_nd action if ip6.src or nd.sll is 0 | expand |
| Context | Check | Description |
|---|---|---|
| ovsrobot/apply-robot | success | apply and check: success |
| ovsrobot/github-robot-_Build_and_Test | success | github build: passed |
| ovsrobot/github-robot-_ovn-kubernetes | success | github build: passed |
On 6/29/22 07:47, Ales Musil wrote: > The ip6.src or nd.sll does not have to be always set. > According to rfc4861: > > Source Address > Either an address assigned to the interface from > which this message is sent or (if Duplicate Address > Detection is in progress [ADDRCONF]) the > unspecified address. > > Source link-layer address > The link-layer address for the sender. MUST NOT be > included when the source IP address is the > unspecified address. Otherwise, on link layers > that have addresses this option MUST be included in > multicast solicitations and SHOULD be included in > unicast solicitations. > > Add rule that avoids adding MAC binding is either of those > is 0. This is continuation after discussion during review on > 80187a803 (ovn-northd: Add flow to use eth.src if nd.tll is 0 > in put_nd() action.) > > Signed-off-by: Ales Musil <amusil@redhat.com> > --- Looks good to me, thanks! Acked-by: Dumitru Ceara <dceara@redhat.com>
On Wed, Jun 29, 2022 at 8:27 AM Dumitru Ceara <dceara@redhat.com> wrote: > > On 6/29/22 07:47, Ales Musil wrote: > > The ip6.src or nd.sll does not have to be always set. > > According to rfc4861: > > > > Source Address > > Either an address assigned to the interface from > > which this message is sent or (if Duplicate Address > > Detection is in progress [ADDRCONF]) the > > unspecified address. > > > > Source link-layer address > > The link-layer address for the sender. MUST NOT be > > included when the source IP address is the > > unspecified address. Otherwise, on link layers > > that have addresses this option MUST be included in > > multicast solicitations and SHOULD be included in > > unicast solicitations. > > > > Add rule that avoids adding MAC binding is either of those > > is 0. This is continuation after discussion during review on > > 80187a803 (ovn-northd: Add flow to use eth.src if nd.tll is 0 > > in put_nd() action.) > > > > Signed-off-by: Ales Musil <amusil@redhat.com> > > --- > > Looks good to me, thanks! > > Acked-by: Dumitru Ceara <dceara@redhat.com> Thanks. I applied this patch to the main and backported to branch-22.06 and 22.03. Numan > > _______________________________________________ > dev mailing list > dev@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-dev >
diff --git a/northd/northd.c b/northd/northd.c index 6997c280c..f1a1f9f50 100644 --- a/northd/northd.c +++ b/northd/northd.c @@ -11027,6 +11027,9 @@ build_neigh_learning_flows_for_lrouter( copp_meter_get(COPP_ARP, od->nbr->copp, meter_groups)); + ovn_lflow_add(lflows, od, S_ROUTER_IN_LEARN_NEIGHBOR, 95, + "nd_ns && (ip6.src == 0 || nd.sll == 0)", "next;"); + ovn_lflow_metered(lflows, od, S_ROUTER_IN_LEARN_NEIGHBOR, 95, "nd_na && nd.tll == 0", "put_nd(inport, nd.target, eth.src); next;", diff --git a/northd/ovn-northd.8.xml b/northd/ovn-northd.8.xml index 59c584710..5df74a410 100644 --- a/northd/ovn-northd.8.xml +++ b/northd/ovn-northd.8.xml @@ -2332,6 +2332,12 @@ next; to learn the neighbor. </li> + <li> + A priority-95 flow with the match <code>nd_ns && + (ip6.src == 0 || nd.sll == 0)</code> and applies the action + <code>next;</code> + </li> + <li> A priority-90 flow with the match <code>arp</code> and applies the action diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at index 033b58b8c..7b43e7964 100644 --- a/tests/ovn-northd.at +++ b/tests/ovn-northd.at @@ -6751,6 +6751,7 @@ AT_CHECK([cat lrflows | grep -e lr_in_lookup_neighbor -e lr_in_learn_neighbor | table=2 (lr_in_learn_neighbor), priority=90 , match=(nd_na), action=(put_nd(inport, nd.target, nd.tll); next;) table=2 (lr_in_learn_neighbor), priority=90 , match=(nd_ns), action=(put_nd(inport, ip6.src, nd.sll); next;) table=2 (lr_in_learn_neighbor), priority=95 , match=(nd_na && nd.tll == 0), action=(put_nd(inport, nd.target, eth.src); next;) + table=2 (lr_in_learn_neighbor), priority=95 , match=(nd_ns && (ip6.src == 0 || nd.sll == 0)), action=(next;) ]) AT_CLEANUP
The ip6.src or nd.sll does not have to be always set. According to rfc4861: Source Address Either an address assigned to the interface from which this message is sent or (if Duplicate Address Detection is in progress [ADDRCONF]) the unspecified address. Source link-layer address The link-layer address for the sender. MUST NOT be included when the source IP address is the unspecified address. Otherwise, on link layers that have addresses this option MUST be included in multicast solicitations and SHOULD be included in unicast solicitations. Add rule that avoids adding MAC binding is either of those is 0. This is continuation after discussion during review on 80187a803 (ovn-northd: Add flow to use eth.src if nd.tll is 0 in put_nd() action.) Signed-off-by: Ales Musil <amusil@redhat.com> --- northd/northd.c | 3 +++ northd/ovn-northd.8.xml | 6 ++++++ tests/ovn-northd.at | 1 + 3 files changed, 10 insertions(+)