diff mbox series

[ovs-dev,v3,5/7] northd: Allow IPv6 in get_nat_addresses().

Message ID 20240725140009.413791-5-fnordahl@ubuntu.com
State Changes Requested
Headers show
Series [ovs-dev,v3,1/7] controller: Move address with port parser to lib. | expand

Checks

Context Check Description
ovsrobot/apply-robot success apply and check: success
ovsrobot/github-robot-_Build_and_Test success github build: passed
ovsrobot/github-robot-_ovn-kubernetes fail github build: failed

Commit Message

Frode Nordahl July 25, 2024, 2 p.m. UTC 
While IPv6 and NAT does not ring particularly well together in my
mind, it is a supported feature.

We need this function to allow them in a subsequent patch adding
host route exchange for NAT addresses.

Signed-off-by: Frode Nordahl <fnordahl@ubuntu.com>
---
 northd/northd.c | 23 ++++++++++++++++++-----
 1 file changed, 18 insertions(+), 5 deletions(-)
diff mbox series

Patch

diff --git a/northd/northd.c b/northd/northd.c
index 5b50ea191..d2d557f0b 100644
--- a/northd/northd.c
+++ b/northd/northd.c
@@ -1121,14 +1121,16 @@  destroy_routable_addresses(struct ovn_port_routable_addresses *ra)
 
 static char **get_nat_addresses(const struct ovn_port *op, size_t *n,
                                 bool routable_only, bool include_lb_ips,
-                                const struct lr_stateful_record *);
+                                const struct lr_stateful_record *,
+                                bool allow_ipv6);
 
 static struct ovn_port_routable_addresses
 get_op_routable_addresses(struct ovn_port *op,
                           const struct lr_stateful_record *lr_stateful_rec)
 {
     size_t n;
-    char **nats = get_nat_addresses(op, &n, true, true, lr_stateful_rec);
+    char **nats = get_nat_addresses(op, &n, true, true, lr_stateful_rec,
+                                    false);
 
     if (!nats) {
         return (struct ovn_port_routable_addresses) {
@@ -2416,7 +2418,8 @@  join_logical_ports(const struct sbrec_port_binding_table *sbrec_pb_table,
 static char **
 get_nat_addresses(const struct ovn_port *op, size_t *n, bool routable_only,
                   bool include_lb_ips,
-                  const struct lr_stateful_record *lr_stateful_rec)
+                  const struct lr_stateful_record *lr_stateful_rec,
+                  bool allow_ipv6)
 {
     size_t n_nats = 0;
     struct eth_addr mac;
@@ -2439,6 +2442,7 @@  get_nat_addresses(const struct ovn_port *op, size_t *n, bool routable_only,
     for (size_t i = 0; i < op->od->nbr->n_nat; i++) {
         const struct nbrec_nat *nat = op->od->nbr->nat[i];
         ovs_be32 ip, mask;
+        struct in6_addr ip6, mask6;
 
         if (routable_only &&
             (!strcmp(nat->type, "snat") ||
@@ -2449,7 +2453,15 @@  get_nat_addresses(const struct ovn_port *op, size_t *n, bool routable_only,
         char *error = ip_parse_masked(nat->external_ip, &ip, &mask);
         if (error || mask != OVS_BE32_MAX) {
             free(error);
-            continue;
+            if (allow_ipv6) {
+                error = ipv6_parse_masked(nat->external_ip, &ip6, &mask6);
+                if (error || ipv6_count_cidr_bits(&mask6) != 128) {
+                    free(error);
+                    continue;
+                }
+            } else {
+                continue;
+            }
         }
 
         /* Not including external IP of NAT rules whose gateway_port is
@@ -3783,7 +3795,8 @@  sync_pb_for_lsp(struct ovn_port *op,
                         lr_stateful_table, op->peer->od->index);
                 }
                 nats = get_nat_addresses(op->peer, &n_nats, false,
-                                         include_lb_vips, lr_stateful_rec);
+                                         include_lb_vips, lr_stateful_rec,
+                                         false);
             }
         } else if (nat_addresses && (chassis || l3dgw_ports)) {
             struct lport_addresses laddrs;