diff mbox series

[ovs-dev] northd: Fix NAT configuration with --add-route option for gw-router.

Message ID 3ef0d551916fbbcd127a1aa0f68487fa7433890f.1708093214.git.lorenzo.bianconi@redhat.com
State Accepted
Headers show
Series [ovs-dev] northd: Fix NAT configuration with --add-route option for gw-router. | expand

Checks

Context Check Description
ovsrobot/apply-robot success apply and check: success
ovsrobot/github-robot-_Build_and_Test success github build: passed
ovsrobot/github-robot-_ovn-kubernetes success github build: passed

Commit Message

Lorenzo Bianconi Feb. 16, 2024, 2:23 p.m. UTC 
Enable automatic static route configuration when NAT is created with
--ad-route option for gw routers similar to what is currently supported
for distributed routers with gw_router_ports.

Reported-at: https://issues.redhat.com/browse/FDP-244
Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
---
 northd/northd.c     |  2 +-
 tests/ovn-northd.at | 12 ++++++
 tests/system-ovn.at | 90 +++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 103 insertions(+), 1 deletion(-)

Comments

Mark Michelson March 15, 2024, 7:45 p.m. UTC | #1 
Thanks for this Lorenzo, looks good to me.

Acked-by: Mark Michelson <mmichels@redhat.com>

On 2/16/24 09:23, Lorenzo Bianconi wrote:
> Enable automatic static route configuration when NAT is created with
> --ad-route option for gw routers similar to what is currently supported
> for distributed routers with gw_router_ports.
> 
> Reported-at: https://issues.redhat.com/browse/FDP-244
> Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
> ---
>   northd/northd.c     |  2 +-
>   tests/ovn-northd.at | 12 ++++++
>   tests/system-ovn.at | 90 +++++++++++++++++++++++++++++++++++++++++++++
>   3 files changed, 103 insertions(+), 1 deletion(-)
> 
> diff --git a/northd/northd.c b/northd/northd.c
> index 7c731db6d..4d31b7e22 100644
> --- a/northd/northd.c
> +++ b/northd/northd.c
> @@ -15340,7 +15340,7 @@ build_routable_flows_for_router_port(
>           }
>   
>           if (lrp->nbrp->ha_chassis_group ||
> -                lrp->nbrp->n_gateway_chassis) {
> +                lrp->nbrp->n_gateway_chassis || lrp->od->is_gw_router) {
>               for (size_t j = 0; j < ra.n_addrs; j++) {
>                   struct lport_addresses *laddrs = &ra.laddrs[j];
>                   for (size_t k = 0; k < laddrs->n_ipv4_addrs; k++) {
> diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at
> index 591ad5aad..098bec0bb 100644
> --- a/tests/ovn-northd.at
> +++ b/tests/ovn-northd.at
> @@ -5040,6 +5040,18 @@ check ovn-nbctl --wait=sb lrp-del-gateway-chassis ro2-sw hv2
>   
>   check_lflows 0
>   
> +AS_BOX([Checking that NAT flows are installed for gw routers])
> +
> +check ovn-nbctl set logical_router ro1 options:chassis=hv1
> +check ovn-nbctl --wait=sb set logical_router ro2 options:chassis=hv2
> +
> +check_lflows 1
> +
> +check ovn-nbctl clear logical_router ro1 options
> +check ovn-nbctl --wait=sb clear logical_router ro2 options
> +
> +check_lflows 0
> +
>   AS_BOX([Checking that NAT flows are installed for routers with HA_Chassis_Group])
>   
>   check ovn-nbctl set logical_router_port ro1-sw ha_chassis_group="$grp1_uuid"
> diff --git a/tests/system-ovn.at b/tests/system-ovn.at
> index c22c7882f..b1fd1a937 100644
> --- a/tests/system-ovn.at
> +++ b/tests/system-ovn.at
> @@ -12184,3 +12184,93 @@ OVS_TRAFFIC_VSWITCHD_STOP(["/failed to query port patch-.*/d
>   /connection dropped.*/d"])
>   AT_CLEANUP
>   ])
> +
> +OVN_FOR_EACH_NORTHD([
> +AT_SETUP([IP NAT add-route])
> +AT_KEYWORDS([ip-nat-add-route])
> +
> +ovn_start
> +OVS_TRAFFIC_VSWITCHD_START()
> +ADD_BR([br-int])
> +
> +check ovs-vsctl \
> +        -- set Open_vSwitch . external-ids:system-id=hv1 \
> +        -- set Open_vSwitch . external-ids:ovn-remote=unix:$ovs_base/ovn-sb/ovn-sb.sock \
> +        -- set Open_vSwitch . external-ids:ovn-encap-type=geneve \
> +        -- set Open_vSwitch . external-ids:ovn-encap-ip=169.0.0.1 \
> +        -- set bridge br-int fail-mode=secure other-config:disable-in-band=true
> +
> +start_daemon ovn-controller
> +
> +check ovn-nbctl lr-add lr0
> +check ovn-nbctl set logical_router lr0 options:chassis=hv1
> +
> +check ovn-nbctl lr-add lr1
> +check ovn-nbctl set logical_router lr1 options:chassis=hv1
> +
> +check ovn-nbctl ls-add sw0
> +check ovn-nbctl ls-add sw1
> +check ovn-nbctl ls-add join
> +
> +check ovn-nbctl lrp-add lr0 lr-sw0 00:00:01:01:02:03 192.168.0.1/24
> +check ovn-nbctl lsp-add sw0 rp-sw0 -- set Logical_Switch_Port rp-sw0 \
> +    type=router options:router-port=lr-sw0 \
> +    -- lsp-set-addresses rp-sw0 router
> +
> +check ovn-nbctl lrp-add lr0 lr0-join 04:00:01:01:02:03 172.16.1.1/24
> +check ovn-nbctl lsp-add join rp0-join -- set Logical_Switch_Port rp0-join \
> +    type=router options:router-port=lr0-join \
> +    -- lsp-set-addresses rp0-join router
> +
> +check ovn-nbctl lrp-add lr1 lr-sw1 00:00:02:01:02:03 192.168.1.1/24
> +check ovn-nbctl lsp-add sw1 rp-sw1 -- set Logical_Switch_Port rp-sw1 \
> +    type=router options:router-port=lr-sw1 \
> +    -- lsp-set-addresses rp-sw1 router
> +
> +check ovn-nbctl lrp-add lr1 lr1-join 04:00:02:01:02:03 172.16.2.2/24
> +check ovn-nbctl lsp-add join rp1-join -- set Logical_Switch_Port rp1-join \
> +    type=router options:router-port=lr1-join \
> +    -- lsp-set-addresses rp1-join router
> +
> +ADD_NAMESPACES(sw0-p0)
> +ADD_VETH(sw0-p0, sw0-p0, br-int, "192.168.0.2/24", "f0:00:00:01:02:03", "192.168.0.1")
> +check ovn-nbctl lsp-add sw0 sw0-p0 \
> +    -- lsp-set-addresses sw0-p0 "f0:00:00:01:02:03 192.168.0.2"
> +
> +ADD_NAMESPACES(sw1-p0)
> +ADD_VETH(sw1-p0, sw1-p0, br-int, "192.168.1.2/24", "f0:00:00:11:02:03", "192.168.1.1")
> +check ovn-nbctl lsp-add sw1 sw1-p0 \
> +    -- lsp-set-addresses sw1-p0 "f0:00:00:11:02:03 192.168.1.2"
> +
> +check ovn-nbctl --add-route lr-nat-add lr0 dnat_and_snat 172.16.1.100 192.168.0.2 sw0-p0 00:00:00:00:03:01
> +check ovn-nbctl --add-route lr-nat-add lr1 dnat_and_snat 172.16.1.101 192.168.1.2 sw1-p0 00:00:00:00:04:01
> +
> +wait_for_ports_up
> +check ovn-nbctl --wait=hv sync
> +
> +NS_CHECK_EXEC([sw0-p0], [ping -q -c 3 -i 0.3 -w 2 172.16.1.101 | FORMAT_PING], \
> +[0], [dnl
> +3 packets transmitted, 3 received, 0% packet loss, time 0ms
> +])
> +
> +NS_CHECK_EXEC([sw1-p0], [ping -q -c 3 -i 0.3 -w 2 172.16.1.100 | FORMAT_PING], \
> +[0], [dnl
> +3 packets transmitted, 3 received, 0% packet loss, time 0ms
> +])
> +
> +OVS_APP_EXIT_AND_WAIT([ovn-controller])
> +
> +as ovn-sb
> +OVS_APP_EXIT_AND_WAIT([ovsdb-server])
> +
> +as ovn-nb
> +OVS_APP_EXIT_AND_WAIT([ovsdb-server])
> +
> +as northd
> +OVS_APP_EXIT_AND_WAIT([ovn-northd])
> +
> +as
> +OVS_TRAFFIC_VSWITCHD_STOP(["/failed to query port patch-.*/d
> +/connection dropped.*/d"])
> +AT_CLEANUP
> +])
Dumitru Ceara March 28, 2024, 2 p.m. UTC | #2 
On 3/15/24 20:45, Mark Michelson wrote:
> Thanks for this Lorenzo, looks good to me.
> 
> Acked-by: Mark Michelson <mmichels@redhat.com>
> 

Thanks, Lorenzo and Mark!  Applied to main and 24.03.  If we need it
backported to older branches please post an explicit patch.  There were
some conflicts when cherry picking to 23.09.

Regards,
Dumitru
diff mbox series

Patch

diff --git a/northd/northd.c b/northd/northd.c
index 7c731db6d..4d31b7e22 100644
--- a/northd/northd.c
+++ b/northd/northd.c
@@ -15340,7 +15340,7 @@  build_routable_flows_for_router_port(
         }
 
         if (lrp->nbrp->ha_chassis_group ||
-                lrp->nbrp->n_gateway_chassis) {
+                lrp->nbrp->n_gateway_chassis || lrp->od->is_gw_router) {
             for (size_t j = 0; j < ra.n_addrs; j++) {
                 struct lport_addresses *laddrs = &ra.laddrs[j];
                 for (size_t k = 0; k < laddrs->n_ipv4_addrs; k++) {
diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at
index 591ad5aad..098bec0bb 100644
--- a/tests/ovn-northd.at
+++ b/tests/ovn-northd.at
@@ -5040,6 +5040,18 @@  check ovn-nbctl --wait=sb lrp-del-gateway-chassis ro2-sw hv2
 
 check_lflows 0
 
+AS_BOX([Checking that NAT flows are installed for gw routers])
+
+check ovn-nbctl set logical_router ro1 options:chassis=hv1
+check ovn-nbctl --wait=sb set logical_router ro2 options:chassis=hv2
+
+check_lflows 1
+
+check ovn-nbctl clear logical_router ro1 options
+check ovn-nbctl --wait=sb clear logical_router ro2 options
+
+check_lflows 0
+
 AS_BOX([Checking that NAT flows are installed for routers with HA_Chassis_Group])
 
 check ovn-nbctl set logical_router_port ro1-sw ha_chassis_group="$grp1_uuid"
diff --git a/tests/system-ovn.at b/tests/system-ovn.at
index c22c7882f..b1fd1a937 100644
--- a/tests/system-ovn.at
+++ b/tests/system-ovn.at
@@ -12184,3 +12184,93 @@  OVS_TRAFFIC_VSWITCHD_STOP(["/failed to query port patch-.*/d
 /connection dropped.*/d"])
 AT_CLEANUP
 ])
+
+OVN_FOR_EACH_NORTHD([
+AT_SETUP([IP NAT add-route])
+AT_KEYWORDS([ip-nat-add-route])
+
+ovn_start
+OVS_TRAFFIC_VSWITCHD_START()
+ADD_BR([br-int])
+
+check ovs-vsctl \
+        -- set Open_vSwitch . external-ids:system-id=hv1 \
+        -- set Open_vSwitch . external-ids:ovn-remote=unix:$ovs_base/ovn-sb/ovn-sb.sock \
+        -- set Open_vSwitch . external-ids:ovn-encap-type=geneve \
+        -- set Open_vSwitch . external-ids:ovn-encap-ip=169.0.0.1 \
+        -- set bridge br-int fail-mode=secure other-config:disable-in-band=true
+
+start_daemon ovn-controller
+
+check ovn-nbctl lr-add lr0
+check ovn-nbctl set logical_router lr0 options:chassis=hv1
+
+check ovn-nbctl lr-add lr1
+check ovn-nbctl set logical_router lr1 options:chassis=hv1
+
+check ovn-nbctl ls-add sw0
+check ovn-nbctl ls-add sw1
+check ovn-nbctl ls-add join
+
+check ovn-nbctl lrp-add lr0 lr-sw0 00:00:01:01:02:03 192.168.0.1/24
+check ovn-nbctl lsp-add sw0 rp-sw0 -- set Logical_Switch_Port rp-sw0 \
+    type=router options:router-port=lr-sw0 \
+    -- lsp-set-addresses rp-sw0 router
+
+check ovn-nbctl lrp-add lr0 lr0-join 04:00:01:01:02:03 172.16.1.1/24
+check ovn-nbctl lsp-add join rp0-join -- set Logical_Switch_Port rp0-join \
+    type=router options:router-port=lr0-join \
+    -- lsp-set-addresses rp0-join router
+
+check ovn-nbctl lrp-add lr1 lr-sw1 00:00:02:01:02:03 192.168.1.1/24
+check ovn-nbctl lsp-add sw1 rp-sw1 -- set Logical_Switch_Port rp-sw1 \
+    type=router options:router-port=lr-sw1 \
+    -- lsp-set-addresses rp-sw1 router
+
+check ovn-nbctl lrp-add lr1 lr1-join 04:00:02:01:02:03 172.16.2.2/24
+check ovn-nbctl lsp-add join rp1-join -- set Logical_Switch_Port rp1-join \
+    type=router options:router-port=lr1-join \
+    -- lsp-set-addresses rp1-join router
+
+ADD_NAMESPACES(sw0-p0)
+ADD_VETH(sw0-p0, sw0-p0, br-int, "192.168.0.2/24", "f0:00:00:01:02:03", "192.168.0.1")
+check ovn-nbctl lsp-add sw0 sw0-p0 \
+    -- lsp-set-addresses sw0-p0 "f0:00:00:01:02:03 192.168.0.2"
+
+ADD_NAMESPACES(sw1-p0)
+ADD_VETH(sw1-p0, sw1-p0, br-int, "192.168.1.2/24", "f0:00:00:11:02:03", "192.168.1.1")
+check ovn-nbctl lsp-add sw1 sw1-p0 \
+    -- lsp-set-addresses sw1-p0 "f0:00:00:11:02:03 192.168.1.2"
+
+check ovn-nbctl --add-route lr-nat-add lr0 dnat_and_snat 172.16.1.100 192.168.0.2 sw0-p0 00:00:00:00:03:01
+check ovn-nbctl --add-route lr-nat-add lr1 dnat_and_snat 172.16.1.101 192.168.1.2 sw1-p0 00:00:00:00:04:01
+
+wait_for_ports_up
+check ovn-nbctl --wait=hv sync
+
+NS_CHECK_EXEC([sw0-p0], [ping -q -c 3 -i 0.3 -w 2 172.16.1.101 | FORMAT_PING], \
+[0], [dnl
+3 packets transmitted, 3 received, 0% packet loss, time 0ms
+])
+
+NS_CHECK_EXEC([sw1-p0], [ping -q -c 3 -i 0.3 -w 2 172.16.1.100 | FORMAT_PING], \
+[0], [dnl
+3 packets transmitted, 3 received, 0% packet loss, time 0ms
+])
+
+OVS_APP_EXIT_AND_WAIT([ovn-controller])
+
+as ovn-sb
+OVS_APP_EXIT_AND_WAIT([ovsdb-server])
+
+as ovn-nb
+OVS_APP_EXIT_AND_WAIT([ovsdb-server])
+
+as northd
+OVS_APP_EXIT_AND_WAIT([ovn-northd])
+
+as
+OVS_TRAFFIC_VSWITCHD_STOP(["/failed to query port patch-.*/d
+/connection dropped.*/d"])
+AT_CLEANUP
+])