From patchwork Fri Jun 4 14:51:08 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brendan Doyle X-Patchwork-Id: 1487800 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.138; helo=smtp1.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=oracle.com header.i=@oracle.com header.a=rsa-sha256 header.s=corp-2020-01-29 header.b=Jk3rcdu5; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=oracle.onmicrosoft.com header.i=@oracle.onmicrosoft.com header.a=rsa-sha256 header.s=selector2-oracle-onmicrosoft-com header.b=pGvsHmvV; dkim-atps=neutral Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4FxQh72zt7z9sRK for ; Sat, 5 Jun 2021 00:51:35 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 0602C843BD; Fri, 4 Jun 2021 14:51:33 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XbkhNWm0kKtP; Fri, 4 Jun 2021 14:51:29 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [IPv6:2605:bc80:3010:104::8cd3:938]) by smtp1.osuosl.org (Postfix) with ESMTP id 0E7F4843DC; Fri, 4 Jun 2021 14:51:27 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 64358C002A; Fri, 4 Jun 2021 14:51:27 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id 2DCDFC0029 for ; Fri, 4 Jun 2021 14:51:26 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 7CBD14160B for ; Fri, 4 Jun 2021 14:51:25 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp4.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=oracle.com header.b="Jk3rcdu5"; dkim=pass (1024-bit key) header.d=oracle.onmicrosoft.com header.b="pGvsHmvV" Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pn2ln8MVbQ7X for ; Fri, 4 Jun 2021 14:51:21 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from userp2120.oracle.com (userp2120.oracle.com [156.151.31.85]) by smtp4.osuosl.org (Postfix) with ESMTPS id DB879415A9 for ; Fri, 4 Jun 2021 14:51:20 +0000 (UTC) Received: from pps.filterd (userp2120.oracle.com [127.0.0.1]) by userp2120.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 154EhxQG104159 for ; Fri, 4 Jun 2021 14:51:17 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=to : from : subject : message-id : date : content-type : mime-version; s=corp-2020-01-29; bh=GLFAWKl6c9I3i75eQygtcdAWun5f/1nkRP5bi3C9Dcw=; b=Jk3rcdu5nuTkGEQneC5Xewd/6fjaO38oYUWNYBK1QFU3sgrPCl33YLWGhqOnr6A5xY/l Isir7utxzY+de+Qf736aZsVEgNXa7jwIVnFjJvupod17Niu4olwFXOS2MKX1bEwvZJS1 nHkcLU4i+nZeM5IWqdwgKYvoB8OLraROIXrhP7dmIdvm9fEbCw1E4RDdw8ZY5L0471WP JWwYLI9VxIw3ZjZK3PYwFdkF4bhJfZ9BPmklwTj5KNXUJ5YxjV+ARL4l9K6fCWzIbfQ9 UFZ2ipqPzFuDniX3KjzWZxLcdZ4rt5rDzn/lqwH5YjIXBs7VMVjz2rIhrGxjFi38dpK0 Iw== Received: from userp3030.oracle.com (userp3030.oracle.com [156.151.31.80]) by userp2120.oracle.com with ESMTP id 38ue8pp5mt-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Fri, 04 Jun 2021 14:51:17 +0000 Received: from pps.filterd (userp3030.oracle.com [127.0.0.1]) by userp3030.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 154Ek82e087453 for ; Fri, 4 Jun 2021 14:51:17 GMT Received: from nam12-dm6-obe.outbound.protection.outlook.com (mail-dm6nam12lp2168.outbound.protection.outlook.com [104.47.59.168]) by userp3030.oracle.com with ESMTP id 38uar0a8nf-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Fri, 04 Jun 2021 14:51:16 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Sd7XdaEh9Hw4D2LikpytZJ4HZys68WYOu08wusjqwglBSKTd1w9Nk2fHsy2SEnLYjPyslI5/2k2kjHehiyEvG3pNrVKxO4Cg+FXbGkqmPU6Zjx8QpoCqnYb2YqWncSdIGsVNsfgR103tShCx+WLW5dvMCJ4p3RtzWC9YekTJ56s3veTyf6vFcqlU2kHGISZwpAgrYLeSaUulmT6Zlkd+qk334XxMvKSagsM/MhS98yYldJoqmutAD/fyvI7+/3r4uyNO0sdQKqljBvWioIoYv1lTl7Diy775XGn7jjr2wO9qfMKvWjyArxwvC8zhqeVSZWAQfoeyRGRHa5Qs9Rh/Qg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GLFAWKl6c9I3i75eQygtcdAWun5f/1nkRP5bi3C9Dcw=; b=FlK4sqeRk8An+Gh61UrrN1iDO2bXaivjSlu1pLke1PL+d5m2SrzfoMigPSVYWrjrSUTjFic3H9GgWPaXrL/uLRujIZ/I8q7fpXhNam15P5Jlhb14cS0yJmR0JkWmGtm82PmP+PCZe0SG8Pn9rAzsx1L8dOmU5kbkjIrPrx1sVUkdfwAITpTNX5P8KOlqV+bCPXTmv1g8a+cLc7zEPkL1iK13EXjPWiU0wO4q87fj8Kw9v7Lzz4usgdUqXfj4BymY+hLzKihIHtM60T4Gsg0jk/vHRf7Lb/+5aYifFHx6+GlhfSjEZEBPFm4GMF+2vVJOhAOo0ci1hZJs9Hpcmyh+UA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GLFAWKl6c9I3i75eQygtcdAWun5f/1nkRP5bi3C9Dcw=; b=pGvsHmvVR24xK6NR7XbzckrY42kScvMLFhNcqiGXuO5XgTxoi4yzxeWfoNZyC2T6bfa8oIqiu+FlkSjAyuiIjclkNHcduriBqxi34CQLZraAg2REQZo6KANgiq9jVbRRpd9A0O3DkAXop8migESoYVhfHdHUtvWjdcscZL6ttVc= Authentication-Results: openvswitch.org; dkim=none (message not signed) header.d=none; openvswitch.org; dmarc=none action=none header.from=oracle.com; Received: from CO1PR10MB4723.namprd10.prod.outlook.com (2603:10b6:303:9c::20) by CO1PR10MB4722.namprd10.prod.outlook.com (2603:10b6:303:9e::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4195.24; Fri, 4 Jun 2021 14:51:14 +0000 Received: from CO1PR10MB4723.namprd10.prod.outlook.com ([fe80::c416:12b1:2617:fbe0]) by CO1PR10MB4723.namprd10.prod.outlook.com ([fe80::c416:12b1:2617:fbe0%6]) with mapi id 15.20.4195.024; Fri, 4 Jun 2021 14:51:14 +0000 To: dev@openvswitch.org From: Brendan Doyle Organization: Oracle Corporation Message-ID: <5618fd3c-4a65-4e71-7f13-24ac8c3c4e4e@oracle.com> Date: Fri, 4 Jun 2021 15:51:08 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 Content-Language: en-US X-Originating-IP: [138.3.204.10] X-ClientProxiedBy: LO4P123CA0055.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:153::6) To CO1PR10MB4723.namprd10.prod.outlook.com (2603:10b6:303:9c::20) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from [10.175.80.138] (138.3.204.10) by LO4P123CA0055.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:153::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4195.21 via Frontend Transport; Fri, 4 Jun 2021 14:51:13 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: e7b1f2e6-dd8f-449c-b18f-08d927683379 X-MS-TrafficTypeDiagnostic: CO1PR10MB4722: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:3968; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: kzDXFUdPJwuZvWG/myDVutN1ttFSWeVBX3dOIIsRKNXSLKpCKJrDuWIJ/fIhj1xyDQqNbSXd06DP+WZ8ZENzvNdcx23U3x35qa8hA7/cfxMoIY8N9jMO76BbqWK455CcJAITixSgV4AhdvweQzLp9OoweHN7xdUHH4/blPPqZY3Nefdh/0OX/13wNW5Jjt/Y8gir3su5x2x3Ca7yoHk4nQbiULP75d9ii9HNCw/GCNIg4gsESQPoO0wFaGJMm6fssXIpWXWXw+kqWHDik9X87CzBQs+fEmQRkO+fTKoc8UTVzKRztDegnW1Kr51u5OKCRKuFLOlebs+iKtA85ZeWGZ77Hn+0RTeCKTbeYTAFdCdQfRmeydRKPQfQCcP1ZgKt0uC0jPxjhr7IhJ+uRBdD0ms1v97lbigRKGxvvA7JHBE++JMzuPnGtirOazEHyy8Lco45hrVRupVrwJ5u8IqHh+ZIgn7ICMSk2Fv0hDuS1IP75hrTHrJS9EsiStzE28CXB6qgoKCG++vDcywQf7a4sTX8WV1V2n+TXops6Sho/OHj4Pru7CaG6z8P/XpPELyqh1ZoD+38G2W3b+ZUFoGcWP9W5j75CZOudIy+THZNUN1W9GysyDs3+EJ8sf6Qqjjpsa3+c9/+KclBbhaKyNAfg8nN66bnMVCAwuCRDewxD3d1kMJbESzrUlAjleEOfjrr X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO1PR10MB4723.namprd10.prod.outlook.com; PTR:; CAT:NONE; SFS:(136003)(346002)(376002)(396003)(39860400002)(366004)(66946007)(5660300002)(66476007)(66556008)(6916009)(83380400001)(36756003)(2906002)(316002)(66574015)(16576012)(956004)(31696002)(2616005)(26005)(478600001)(33964004)(8676002)(8936002)(186003)(16526019)(31686004)(44832011)(86362001)(6486002)(38100700002)(53546011)(36916002)(30864003)(6666004)(43740500002)(45980500001); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?utf-8?q?vaTsZyfHrwIr34jwtUmwmY9zU+wCm/?= =?utf-8?q?j0oiBKBkZ3T2OTcEqvuoJac+8/hPh7fHA8WFTBthyj75mZmPrA0SLHwEKfJVRgv56?= =?utf-8?q?a2oOr7NwsZ93PJFe5i8C5nNrL9CB1fsNugWR39DnOSMGqUg2L0HukJ1Hcb+Itqh6S?= =?utf-8?q?LU1BOJCApKeDcOmX5aP6f+MWo+PDiMOpAyrb7Jx8aGkQ0G/aNcCMAfXUMdBWtpcK8?= =?utf-8?q?ogFAsZXWb3uxOthv/JrSfsXecciugNm1zj/tnJxu03pqo2K8kEXHS7B1RdtKnbPpb?= =?utf-8?q?Xv2Au8NA779PguXPe+UgGtBVmKJKFwB8ssdIKMkNDm4a25JzmMwzfpXuvH35fBmvq?= =?utf-8?q?IszDoXFwYgh2IhTA02HfJn1RWE60fyPs7/8dPZvyX1DKyLXjB06PLpxRvfxkGK+t6?= =?utf-8?q?LYg1rDtickSDn6g0h4U6889qWdpL6VTnhU6mqW5NqI4DO68nTNzahHmtfKUY2fDGF?= =?utf-8?q?u7L5KavOQI8LqEGuJjWcHgBpHPYg46LOw4ndBO3w20tEZ5VM9z6m2GQK9+iDzCnsR?= =?utf-8?q?qhrlJhq5sxS8j/oOs7xZb/+ine2qYOYdW7J8s3yyclC6HHM05cExzskf+6sYQwcor?= =?utf-8?q?KPx7HYqupjBO0Wc1SR89qgS0zr5/3Kf2gnd5ppNKfVBJJ4ARpIl4GsZUdw3rh+vRN?= =?utf-8?q?igNY9LhzVL3zHMMtNx04fuBA203SBJTYZS6ATrwpv2bfL+Hg0e/6SAYCi5GSnIhTu?= =?utf-8?q?hzK4UnPxaaGfAKlx9zzZOd5X9uW6ZsKFYf5wAId8a9F+VXwbq066VKo20xAXmicM4?= =?utf-8?q?2mD4gCwh51/XOHP/oCkonBVqVKXv8mJrXB0qHl8nceu2NqsXnMQBKQq2d95lUzZ/a?= =?utf-8?q?ajGjlWf2nZFYIgHvjPEEHp7+EDxI7YUTCf4NC6Hf49YvRF07qUfJHmNcyaDUQJTzZ?= =?utf-8?q?hQaw1uqBy9oiUW0/iPukXQmD+mMKppELFx2oCd+hRPzQOLZSy1RhhJGpwdPEa/C73?= =?utf-8?q?db9fd3noMLlsI95yeNi7AHIIEceFEsofa7RB5HCdlYgkby0Bsj+TuFNkWIimf9C6U?= =?utf-8?q?gOMQgvQrunbJwJpy4fMpJfoeK/xVKwIQHy9TZRY6QjiQNF5Ko9Ihh/Lu/O8CbyJfe?= =?utf-8?q?av2B5Tm4bV7twvh4BvKPNC2RkIUwjmf0l/bwFIHIfQLHu+ygHQQJR4R2flfkjn1XT?= =?utf-8?q?4fyIz8l0ueNbDQCTqcUdZrZfrOm3hs49bptjUqOaeBAmUP4HskgKq/bCZhcDPQHz5?= =?utf-8?q?RtgxJ+8/wpeoaqVnlxgURR+dxJS/KMNBm7Bd4YmHTkxwVbqarb8yDOII3MfFN/cLf?= =?utf-8?q?vwf2NYVKmdRkMl?= X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: e7b1f2e6-dd8f-449c-b18f-08d927683379 X-MS-Exchange-CrossTenant-AuthSource: CO1PR10MB4723.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Jun 2021 14:51:14.5621 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 8mjcPby8WvDPIt4SWhc8kxkPzyT/UNXKTAvOHnObKf+ssgHKIBNttQvJX71/OAhWZbKgncMLK7Lhe5yTb4MTif9FkzHwexDIouBccbmJXOg= X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1PR10MB4722 X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=10005 signatures=668682 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxlogscore=999 bulkscore=0 suspectscore=0 spamscore=0 adultscore=0 mlxscore=0 phishscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104190000 definitions=main-2106040111 X-Proofpoint-GUID: eluFLpyXM91rQKz-6bxWiZY9CCgYQbem X-Proofpoint-ORIG-GUID: eluFLpyXM91rQKz-6bxWiZY9CCgYQbem X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=10005 signatures=668682 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxscore=0 impostorscore=0 malwarescore=0 adultscore=0 suspectscore=0 lowpriorityscore=0 spamscore=0 bulkscore=0 phishscore=0 priorityscore=1501 clxscore=1015 mlxlogscore=999 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104190000 definitions=main-2106040111 X-Content-Filtered-By: Mailman/MimeDel 2.1.15 Subject: [ovs-dev] [PATCH ovn v2] ovn-northd.c: Add proxy ARP support to OVN X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From 07ecd5d00f82658e094132102575d8d576161a6b Mon Sep 17 00:00:00 2001 From: Brendan Doyle Date: Fri, 28 May 2021 10:01:17 -0700 Subject: [PATCH ovn] ovn-northd.c: Add proxy ARP support to OVN This patch provides the ability to configure proxy ARP IPs on a Logical Switch Router port. The IPs are added as Options for router ports. This provides a useful feature where traffic for a service must be sent to an address in a logical network address space, but the service is provided in a different network. For example an NFS service is provide to Logical networks at an address in their Logical network space, but the NFS server resides in a physical network. A Logical switch Router port can be configured to respond to ARP requests sent to the service "Logical address", the Logical Router/Gateway can then be configured to forward the traffic to the underlay/physical network. Signed-off-by: Brendan Doyle --- northd/ovn-northd.c | 44 ++++++++++++++++++++++ ovn-nb.xml | 9 +++++ tests/ovn.at | 103 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 156 insertions(+) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 0e5092a..9b686d9 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -6943,6 +6943,7 @@ build_lswitch_arp_nd_responder_known_ips(struct ovn_port *op, struct ds *match) { if (op->nbsp) { + const char *arp_proxy; if (!strcmp(op->nbsp->type, "virtual")) { /* Handle * - GARPs for virtual ip which belongs to a logical port @@ -7096,6 +7097,49 @@ build_lswitch_arp_nd_responder_known_ips(struct ovn_port *op, } } } + + /* + * Add responses for ARP proxies. + */ + arp_proxy = smap_get(&op->nbsp->options,"arp_proxy"); + if (arp_proxy && op->peer) { + char *ips, *ip, *rest; + int i = 0; + + ips = xstrdup(arp_proxy); + rest = ips; + + /* + * Match rule on all proxy ARP IPs. + */ + ds_clear(match); + ds_put_cstr(match, "arp.op == 1 && ("); + while ((ip = strtok_r(rest,",", &rest))) { + if (i++ > 0) { + ds_put_cstr(match, " || "); + }; + ds_put_format(match, "arp.tpa == %s", ip); + } + ds_put_cstr(match, ")"); + + ds_clear(actions); + ds_put_format(actions, + "eth.dst = eth.src; " + "eth.src = %s; " + "arp.op = 2; /* ARP reply */ " + "arp.tha = arp.sha; " + "arp.sha = %s; " + "arp.tpa <-> arp.spa; " + "outport = inport; " + "flags.loopback = 1; " + "output;", + op->peer->lrp_networks.ea_s, + op->peer->lrp_networks.ea_s); + + ovn_lflow_add_with_hint(lflows, op->od, S_SWITCH_IN_ARP_ND_RSP, + 50, ds_cstr(match), ds_cstr(actions), &op->nbsp->header_); + free(ips); + } } } diff --git a/ovn-nb.xml b/ovn-nb.xml index 02fd216..4b6c183 100644 --- a/ovn-nb.xml +++ b/ovn-nb.xml @@ -848,6 +848,15 @@ + + + Optional. A comma separated list IPv4 addresses that this + logical switch router port will reply to ARP requests. + Example: 169.254.239.254,169.254.239.2. The + 's logical router should + have a route to forward packets sent to configured proxy ARP IPs to + an appropriate destination. + diff --git a/tests/ovn.at b/tests/ovn.at index 2c3c36d..4befe4a 100644 --- a/tests/ovn.at +++ b/tests/ovn.at @@ -26527,3 +26527,106 @@ AT_CHECK([test $(ovn-appctl -t ovn-controller coverage/read-counter lflow_run) = OVN_CLEANUP([hv1]) AT_CLEANUP ]) + +OVN_FOR_EACH_NORTHD([ +AT_SETUP([ovn -- proxy-arp: 1 HVs, 1 LSs, 1 lport/LS, 1 LR]) +AT_KEYWORDS([proxy-arp]) +ovn_start + +# Logical network: +# One LR - lr1 has switch ls1 (192.16.1.0/24) connected to it, +# and and one HV with IP 192.16.1.6. + +ovn-nbctl lr-add lr1 +ovn-nbctl ls-add ls1 + +# Connect ls1 to lr1 +ovn-nbctl lrp-add lr1 ls1 00:00:00:01:02:f1 192.16.1.1/24 +ovn-nbctl lsp-add ls1 rp-ls1 -- set Logical_Switch_Port rp-ls1 \ + type=router options:router-port=ls1 addresses=\"00:00:00:01:02:f1\" + +# Create logical port ls1-lp1 in ls1 +ovn-nbctl lsp-add ls1 ls1-lp1 \ +-- lsp-set-addresses ls1-lp1 "00:00:00:01:02:03 192.16.1.6" + + +# Create one hypervisor and create OVS ports corresponding to logical ports. +net_add n1 + +sim_add pa-hv +as pa-hv +ovs-vsctl add-br br-phys +ovn_attach n1 br-phys 192.16.0.1 + +# Note: tx/rx are with respect to the LS port, so +# tx on switch port is HV rx, etc. +ovs-vsctl -- add-port br-int vif1 -- \ + set interface vif1 external-ids:iface-id=ls1-lp1 \ + options:tx_pcap=pa-hv/vif1-tx.pcap \ + options:rxq_pcap=pa-hv/vif1-rx.pcap \ + ofport-request=1 + +# And proxy ARP flows for 69.254.239.254 and 169.254.239.2 +# and check that SB flows have been added. +ovn-nbctl --wait=hv add Logical_Switch_Port rp-ls1 \ +options arp_proxy='"169.254.239.254,169.254.239.2"' +ovn-sbctl dump-flows > sbflows +AT_CAPTURE_FILE([sbflows]) + +AT_CHECK([ovn-sbctl dump-flows | grep ls_in_arp_rsp | grep "169.254.239.2" | wc -l], [0], [dnl +1 +]) + +# Remove and check that the flows have been removed +ovn-nbctl --wait=hv remove Logical_Switch_Port rp-ls1 options arp_proxy='"169.254.239.254,169.254.239.2"' + +AT_CHECK([ovn-sbctl dump-flows | grep ls_in_arp_rsp | grep "169.254.239.2" | wc -l], [0], [dnl +0 +]) + +# Add the flows back send arp request and check we see an ARP response +ovn-nbctl --wait=hv add Logical_Switch_Port rp-ls1 \ +options arp_proxy='"169.254.239.254,169.254.239.2"' + +ls1_p1_mac=00:00:00:01:02:03 +ls1_p1_ip=192.16.1.6 + +ls1_ro_mac=00:00:00:01:02:f1 +ls1_ro_ip=192.168.1.1 + +proxy_ip1=169.254.239.254 +proxy_ip2=169.254.239.2 + +bcast_mac=ff:ff:ff:ff:ff:ff + +# Send ARP request for 169.254.239.254 +packet="inport==\"ls1-lp1\" && eth.src==$ls1_p1_mac && eth.dst==$bcast_mac && + arp.op==1 && arp.sha==$ls1_p1_mac && arp.spa==$ls1_p1_ip && + arp.tha==$bcast_mac && arp.tpa==$proxy_ip1" + +as pa-hv ovs-appctl -t ovn-controller inject-pkt "$packet" + +ovs-ofctl dump-flows br-int| grep 169.254.239.254 | grep priority=50 > debug1 +AT_CAPTURE_FILE([debug1]) + + +# Check if packet hit the ARP reply ovs flow +AT_CHECK([ovs-ofctl dump-flows br-int | \ + grep "169.254.239.254" | \ + grep "priority=50" | \ + grep "arp_op=1" | \ + grep "n_packets=1" | wc -l], [0], [dnl +1 +]) + +# Check that the HV gets an ARP reply +expected="eth.src==$ls1_ro_mac && eth.dst==$ls1_p1_mac && + arp.op==2 && arp.sha==$ls1_ro_mac && arp.spa==$proxy_ip1 && + arp.tha==$ls1_p1_mac && arp.tpa==$ls1_p1_ip" +echo $expected | ovstest test-ovn expr-to-packets > expected + +OVN_CHECK_PACKETS([pa-hv/vif1-tx.pcap], [expected]) + +OVN_CLEANUP([pa-hv]) +AT_CLEANUP +])