From patchwork Fri Feb 16 14:23:26 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lorenzo Bianconi X-Patchwork-Id: 1900078 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=CHzH7ELt; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::137; helo=smtp4.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org) Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4TbvLY21N8z23hy for ; Sat, 17 Feb 2024 01:23:47 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 5D06B4201F; Fri, 16 Feb 2024 14:23:41 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p_YVvOfI16nt; Fri, 16 Feb 2024 14:23:40 +0000 (UTC) X-Comment: SPF check N/A for local connections - client-ip=140.211.9.56; helo=lists.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver= DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 112A841E32 Authentication-Results: smtp4.osuosl.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=CHzH7ELt Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp4.osuosl.org (Postfix) with ESMTPS id 112A841E32; Fri, 16 Feb 2024 14:23:40 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id F15C4C0072; Fri, 16 Feb 2024 14:23:39 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 38F4AC0037 for ; Fri, 16 Feb 2024 14:23:39 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 211AF40165 for ; Fri, 16 Feb 2024 14:23:39 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YNF-t-ArBDl8 for ; Fri, 16 Feb 2024 14:23:37 +0000 (UTC) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=170.10.133.124; helo=us-smtp-delivery-124.mimecast.com; envelope-from=lorenzo.bianconi@redhat.com; receiver= DMARC-Filter: OpenDMARC Filter v1.4.2 smtp2.osuosl.org A00E8400BB Authentication-Results: smtp2.osuosl.org; dmarc=pass (p=none dis=none) header.from=redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org A00E8400BB Authentication-Results: smtp2.osuosl.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=CHzH7ELt Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by smtp2.osuosl.org (Postfix) with ESMTPS id A00E8400BB for ; Fri, 16 Feb 2024 14:23:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1708093416; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=HD/bAeFDQoDXjQLtiFVtnQJ1sEFW3a066hcikpWMYpk=; b=CHzH7ELtqu8CbWkfud4LJI3HG8UPBOlretoc2sDTKrp8qm1+mIBC1h/5T6o2lXJAUgOLlP hxH0JzMcpbBV9Z2zRsrNDi2h0N7Myljvlpeg0qK8QSnUxpC6S1ueCL2jY0f059duTjrWvp wLnFiov4kSK3fULxpCFcu+5q7SIfBHc= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-244-WR_tvER2PW2BbqCJfTyS9g-1; Fri, 16 Feb 2024 09:23:35 -0500 X-MC-Unique: WR_tvER2PW2BbqCJfTyS9g-1 Received: by mail-wr1-f70.google.com with SMTP id ffacd0b85a97d-33d07c0825aso869054f8f.2 for ; Fri, 16 Feb 2024 06:23:34 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708093413; x=1708698213; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=HD/bAeFDQoDXjQLtiFVtnQJ1sEFW3a066hcikpWMYpk=; b=py77rc7mmRZvJf8wL0Q0g0461CsMoNWMhHdouZA0qh//z6H+2mqvHh77Z3t4LVBEnF NJRtXkNCtI/SdWNgTWxeoNYFGXRffQvtbiVbUgk5FqJRKY3VFfZNj/lhp3+/XnNckC7w Wr0e72ThdBTA7C+mUkHMUEpgdzTZTdLZ8vf9bvmzi7Zf3Ma7RU3zQgPtISSD90lBWT+j tHUJCPj1qvYi+VXNCdo0j+EjIniWR5kcQ3dzTRgPP2RmzH09RPS1FuE59Gmby3oCjO1U 1PyJnMqmj99zL9Q65De7YpoyDcAl4O/gv5aQWeN0tjXZO6UpNSuGzLJlYeBUPzcP+mj8 T0iA== X-Gm-Message-State: AOJu0YyjMS+mfca0b8mckncK5YtszzqE6dBsB6zx4JlTTCtgfyem6ujS V1pEDIvfaPODlzQ/9thss4kokFeZOkjetAE1MapU9Hwb7ZxdT2q6V2WYvkc52iIY1kc+RFGhTdH mWJsSuXypLuJd3aq32bz+n+ym6quOrCZ3g2FPV6dYEOzmr/rRIJWvkfZqfEjmG+kBemOEhnNoAK l+s8CUZhXKlrnFkaHXIR1xvYP8AfB/UZ4bAOkwLICtBgip X-Received: by 2002:a05:6000:4008:b0:33d:260f:6127 with SMTP id cp8-20020a056000400800b0033d260f6127mr403801wrb.18.1708093413618; Fri, 16 Feb 2024 06:23:33 -0800 (PST) X-Google-Smtp-Source: AGHT+IFgLNrNtKKWTMMnADiJeCOawf1s6r8d6VWHUSDgYgmpPZfCoIhz6unoK38R9Cjm7hxWfiQ2Nw== X-Received: by 2002:a05:6000:4008:b0:33d:260f:6127 with SMTP id cp8-20020a056000400800b0033d260f6127mr403780wrb.18.1708093413154; Fri, 16 Feb 2024 06:23:33 -0800 (PST) Received: from localhost (net-93-71-3-198.cust.vodafonedsl.it. [93.71.3.198]) by smtp.gmail.com with ESMTPSA id bp24-20020a5d5a98000000b0033cdf4bea19sm2611062wrb.9.2024.02.16.06.23.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 16 Feb 2024 06:23:32 -0800 (PST) From: Lorenzo Bianconi To: dev@openvswitch.org Date: Fri, 16 Feb 2024 15:23:26 +0100 Message-ID: <3ef0d551916fbbcd127a1aa0f68487fa7433890f.1708093214.git.lorenzo.bianconi@redhat.com> X-Mailer: git-send-email 2.43.2 MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Subject: [ovs-dev] [PATCH ovn] northd: Fix NAT configuration with --add-route option for gw-router. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" Enable automatic static route configuration when NAT is created with --ad-route option for gw routers similar to what is currently supported for distributed routers with gw_router_ports. Reported-at: https://issues.redhat.com/browse/FDP-244 Signed-off-by: Lorenzo Bianconi Acked-by: Mark Michelson --- northd/northd.c | 2 +- tests/ovn-northd.at | 12 ++++++ tests/system-ovn.at | 90 +++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 103 insertions(+), 1 deletion(-) diff --git a/northd/northd.c b/northd/northd.c index 7c731db6d..4d31b7e22 100644 --- a/northd/northd.c +++ b/northd/northd.c @@ -15340,7 +15340,7 @@ build_routable_flows_for_router_port( } if (lrp->nbrp->ha_chassis_group || - lrp->nbrp->n_gateway_chassis) { + lrp->nbrp->n_gateway_chassis || lrp->od->is_gw_router) { for (size_t j = 0; j < ra.n_addrs; j++) { struct lport_addresses *laddrs = &ra.laddrs[j]; for (size_t k = 0; k < laddrs->n_ipv4_addrs; k++) { diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at index 591ad5aad..098bec0bb 100644 --- a/tests/ovn-northd.at +++ b/tests/ovn-northd.at @@ -5040,6 +5040,18 @@ check ovn-nbctl --wait=sb lrp-del-gateway-chassis ro2-sw hv2 check_lflows 0 +AS_BOX([Checking that NAT flows are installed for gw routers]) + +check ovn-nbctl set logical_router ro1 options:chassis=hv1 +check ovn-nbctl --wait=sb set logical_router ro2 options:chassis=hv2 + +check_lflows 1 + +check ovn-nbctl clear logical_router ro1 options +check ovn-nbctl --wait=sb clear logical_router ro2 options + +check_lflows 0 + AS_BOX([Checking that NAT flows are installed for routers with HA_Chassis_Group]) check ovn-nbctl set logical_router_port ro1-sw ha_chassis_group="$grp1_uuid" diff --git a/tests/system-ovn.at b/tests/system-ovn.at index c22c7882f..b1fd1a937 100644 --- a/tests/system-ovn.at +++ b/tests/system-ovn.at @@ -12184,3 +12184,93 @@ OVS_TRAFFIC_VSWITCHD_STOP(["/failed to query port patch-.*/d /connection dropped.*/d"]) AT_CLEANUP ]) + +OVN_FOR_EACH_NORTHD([ +AT_SETUP([IP NAT add-route]) +AT_KEYWORDS([ip-nat-add-route]) + +ovn_start +OVS_TRAFFIC_VSWITCHD_START() +ADD_BR([br-int]) + +check ovs-vsctl \ + -- set Open_vSwitch . external-ids:system-id=hv1 \ + -- set Open_vSwitch . external-ids:ovn-remote=unix:$ovs_base/ovn-sb/ovn-sb.sock \ + -- set Open_vSwitch . external-ids:ovn-encap-type=geneve \ + -- set Open_vSwitch . external-ids:ovn-encap-ip=169.0.0.1 \ + -- set bridge br-int fail-mode=secure other-config:disable-in-band=true + +start_daemon ovn-controller + +check ovn-nbctl lr-add lr0 +check ovn-nbctl set logical_router lr0 options:chassis=hv1 + +check ovn-nbctl lr-add lr1 +check ovn-nbctl set logical_router lr1 options:chassis=hv1 + +check ovn-nbctl ls-add sw0 +check ovn-nbctl ls-add sw1 +check ovn-nbctl ls-add join + +check ovn-nbctl lrp-add lr0 lr-sw0 00:00:01:01:02:03 192.168.0.1/24 +check ovn-nbctl lsp-add sw0 rp-sw0 -- set Logical_Switch_Port rp-sw0 \ + type=router options:router-port=lr-sw0 \ + -- lsp-set-addresses rp-sw0 router + +check ovn-nbctl lrp-add lr0 lr0-join 04:00:01:01:02:03 172.16.1.1/24 +check ovn-nbctl lsp-add join rp0-join -- set Logical_Switch_Port rp0-join \ + type=router options:router-port=lr0-join \ + -- lsp-set-addresses rp0-join router + +check ovn-nbctl lrp-add lr1 lr-sw1 00:00:02:01:02:03 192.168.1.1/24 +check ovn-nbctl lsp-add sw1 rp-sw1 -- set Logical_Switch_Port rp-sw1 \ + type=router options:router-port=lr-sw1 \ + -- lsp-set-addresses rp-sw1 router + +check ovn-nbctl lrp-add lr1 lr1-join 04:00:02:01:02:03 172.16.2.2/24 +check ovn-nbctl lsp-add join rp1-join -- set Logical_Switch_Port rp1-join \ + type=router options:router-port=lr1-join \ + -- lsp-set-addresses rp1-join router + +ADD_NAMESPACES(sw0-p0) +ADD_VETH(sw0-p0, sw0-p0, br-int, "192.168.0.2/24", "f0:00:00:01:02:03", "192.168.0.1") +check ovn-nbctl lsp-add sw0 sw0-p0 \ + -- lsp-set-addresses sw0-p0 "f0:00:00:01:02:03 192.168.0.2" + +ADD_NAMESPACES(sw1-p0) +ADD_VETH(sw1-p0, sw1-p0, br-int, "192.168.1.2/24", "f0:00:00:11:02:03", "192.168.1.1") +check ovn-nbctl lsp-add sw1 sw1-p0 \ + -- lsp-set-addresses sw1-p0 "f0:00:00:11:02:03 192.168.1.2" + +check ovn-nbctl --add-route lr-nat-add lr0 dnat_and_snat 172.16.1.100 192.168.0.2 sw0-p0 00:00:00:00:03:01 +check ovn-nbctl --add-route lr-nat-add lr1 dnat_and_snat 172.16.1.101 192.168.1.2 sw1-p0 00:00:00:00:04:01 + +wait_for_ports_up +check ovn-nbctl --wait=hv sync + +NS_CHECK_EXEC([sw0-p0], [ping -q -c 3 -i 0.3 -w 2 172.16.1.101 | FORMAT_PING], \ +[0], [dnl +3 packets transmitted, 3 received, 0% packet loss, time 0ms +]) + +NS_CHECK_EXEC([sw1-p0], [ping -q -c 3 -i 0.3 -w 2 172.16.1.100 | FORMAT_PING], \ +[0], [dnl +3 packets transmitted, 3 received, 0% packet loss, time 0ms +]) + +OVS_APP_EXIT_AND_WAIT([ovn-controller]) + +as ovn-sb +OVS_APP_EXIT_AND_WAIT([ovsdb-server]) + +as ovn-nb +OVS_APP_EXIT_AND_WAIT([ovsdb-server]) + +as northd +OVS_APP_EXIT_AND_WAIT([ovn-northd]) + +as +OVS_TRAFFIC_VSWITCHD_STOP(["/failed to query port patch-.*/d +/connection dropped.*/d"]) +AT_CLEANUP +])