From patchwork Thu Jul 16 13:18:59 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330239 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6vxC4W8lz9sTS for ; Thu, 16 Jul 2020 23:19:43 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id C6BCE888FD; Thu, 16 Jul 2020 13:19:40 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yKLO8mDhZGuP; Thu, 16 Jul 2020 13:19:40 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by fraxinus.osuosl.org (Postfix) with ESMTP id 2F9E588C61; Thu, 16 Jul 2020 13:19:40 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 1FC05C0893; Thu, 16 Jul 2020 13:19:40 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id 7DADFC0733 for ; Thu, 16 Jul 2020 13:19:38 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 7AFD088B04 for ; Thu, 16 Jul 2020 13:19:38 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ppIbmGFahrPw for ; Thu, 16 Jul 2020 13:19:36 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by fraxinus.osuosl.org (Postfix) with ESMTPS id 621F28880D for ; Thu, 16 Jul 2020 13:19:36 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw3nS-00027O-KX for dev@openvswitch.org; Thu, 16 Jul 2020 13:19:34 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3nP-0001Hz-Sb; Thu, 16 Jul 2020 14:19:33 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:18:59 +0100 Message-Id: <20200716131927.3943-2-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 01/29] Move out Table 0 operations to functions X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 71 ++++++++++++++++++++++++--------------------- 1 file changed, 38 insertions(+), 33 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 192198272..4374b88a6 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -8160,57 +8160,38 @@ build_lrouter_nd_flow(struct ovn_datapath *od, struct ovn_port *op, } static void -build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, - struct hmap *lflows, struct shash *meter_groups, - struct hmap *lbs) +build_lrouter_flows_table_0_od(struct ovn_datapath *od, struct hmap *lflows) { - /* This flow table structure is documented in ovn-northd(8), so please - * update ovn-northd.8.xml if you change anything. */ - - struct ds match = DS_EMPTY_INITIALIZER; - struct ds actions = DS_EMPTY_INITIALIZER; - /* Logical router ingress table 0: Admission control framework. */ - struct ovn_datapath *od; - HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbr) { - continue; - } - + if (od->nbr) { /* Logical VLANs not supported. * Broadcast/multicast source address is invalid. */ ovn_lflow_add(lflows, od, S_ROUTER_IN_ADMISSION, 100, "vlan.present || eth.src[40]", "drop;"); } +} - /* Logical router ingress table 0: match (priority 50). */ - struct ovn_port *op; - HMAP_FOR_EACH (op, key_node, ports) { - if (!op->nbrp) { - continue; - } +static void +build_lrouter_flows_table_0_op(struct ovn_port *op, struct hmap *lflows) +{ + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; - if (!lrport_is_enabled(op->nbrp)) { - /* Drop packets from disabled logical ports (since logical flow - * tables are default-drop). */ - continue; - } + /* Logical router ingress table 0: match (priority 50). + * Drop packets from disabled logical ports (since logical flow + * tables are default-drop). + * No ingress packets should be received on a chassisredirect + * port. */ - if (op->derived) { - /* No ingress packets should be received on a chassisredirect - * port. */ - continue; - } + if (op->nbrp && lrport_is_enabled(op->nbrp) && (!op->derived)) { /* Store the ethernet address of the port receiving the packet. * This will save us from having to match on inport further down in * the pipeline. */ - ds_clear(&actions); ds_put_format(&actions, REG_INPORT_ETH_ADDR " = %s; next;", op->lrp_networks.ea_s); - ds_clear(&match); ds_put_format(&match, "eth.mcast && inport == %s", op->json_key); ovn_lflow_add_with_hint(lflows, op->od, S_ROUTER_IN_ADMISSION, 50, ds_cstr(&match), ds_cstr(&actions), @@ -8230,6 +8211,30 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, ds_cstr(&match), ds_cstr(&actions), &op->nbrp->header_); } + ds_destroy(&match); + ds_destroy(&actions); +} + +static void +build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, + struct hmap *lflows, struct shash *meter_groups, + struct hmap *lbs) +{ + /* This flow table structure is documented in ovn-northd(8), so please + * update ovn-northd.8.xml if you change anything. */ + + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; + + struct ovn_datapath *od; + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_table_0_od(od, lflows); + } + + struct ovn_port *op; + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_table_0_op(op, lflows); + } /* Logical router ingress table 1: LOOKUP_NEIGHBOR and * table 2: LEARN_NEIGHBOR. */ From patchwork Thu Jul 16 13:19:00 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330238 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.133; helo=hemlock.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6vxD4xyPz9sTZ for ; Thu, 16 Jul 2020 23:19:44 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 49A6B8A46F; Thu, 16 Jul 2020 13:19:42 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aY4KpMne-s6z; Thu, 16 Jul 2020 13:19:41 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by hemlock.osuosl.org (Postfix) with ESMTP id 2D3C08A51F; Thu, 16 Jul 2020 13:19:41 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 11350C1830; Thu, 16 Jul 2020 13:19:41 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id B822DC0733 for ; Thu, 16 Jul 2020 13:19:38 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id A472689C69 for ; Thu, 16 Jul 2020 13:19:38 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OWe3Wt-Z7Nj4 for ; Thu, 16 Jul 2020 13:19:38 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by hemlock.osuosl.org (Postfix) with ESMTPS id C920D89BD8 for ; Thu, 16 Jul 2020 13:19:37 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw3nU-00027S-Cm for dev@openvswitch.org; Thu, 16 Jul 2020 13:19:36 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3nR-0001Hz-J1; Thu, 16 Jul 2020 14:19:35 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:00 +0100 Message-Id: <20200716131927.3943-3-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 02/29] Move out Table 1 operations to functions X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov The functions are numbered in 10 step intervals to minimize renumbering if new pipeline stages are added in the future. Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 75 +++++++++++++++++++++++++++------------------ 1 file changed, 46 insertions(+), 29 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 4374b88a6..1ec530854 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -8160,7 +8160,7 @@ build_lrouter_nd_flow(struct ovn_datapath *od, struct ovn_port *op, } static void -build_lrouter_flows_table_0_od(struct ovn_datapath *od, struct hmap *lflows) +build_lrouter_flows_step_0_od(struct ovn_datapath *od, struct hmap *lflows) { /* Logical router ingress table 0: Admission control framework. */ if (od->nbr) { @@ -8172,7 +8172,7 @@ build_lrouter_flows_table_0_od(struct ovn_datapath *od, struct hmap *lflows) } static void -build_lrouter_flows_table_0_op(struct ovn_port *op, struct hmap *lflows) +build_lrouter_flows_step_0_op(struct ovn_port *op, struct hmap *lflows) { struct ds match = DS_EMPTY_INITIALIZER; struct ds actions = DS_EMPTY_INITIALIZER; @@ -8216,32 +8216,12 @@ build_lrouter_flows_table_0_op(struct ovn_port *op, struct hmap *lflows) } static void -build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, - struct hmap *lflows, struct shash *meter_groups, - struct hmap *lbs) +build_lrouter_flows_step_10_od(struct ovn_datapath *od, struct hmap *lflows) { - /* This flow table structure is documented in ovn-northd(8), so please - * update ovn-northd.8.xml if you change anything. */ - - struct ds match = DS_EMPTY_INITIALIZER; - struct ds actions = DS_EMPTY_INITIALIZER; - - struct ovn_datapath *od; - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_table_0_od(od, lflows); - } - - struct ovn_port *op; - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_table_0_op(op, lflows); - } - /* Logical router ingress table 1: LOOKUP_NEIGHBOR and * table 2: LEARN_NEIGHBOR. */ - HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbr) { - continue; - } + + if (od->nbr) { /* Learn MAC bindings from ARP/IPv6 ND. * @@ -8299,11 +8279,15 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, ovn_lflow_add(lflows, od, S_ROUTER_IN_LEARN_NEIGHBOR, 90, "nd_ns", "put_nd(inport, ip6.src, nd.sll); next;"); } +} - HMAP_FOR_EACH (op, key_node, ports) { - if (!op->nbrp) { - continue; - } +static void +build_lrouter_flows_step_10_op(struct ovn_port *op, struct hmap *lflows) +{ + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; + + if (op->nbrp) { /* Check if we need to learn mac-binding from ARP requests. */ for (int i = 0; i < op->lrp_networks.n_ipv4_addrs; i++) { @@ -8327,6 +8311,39 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, } } + ds_destroy(&match); + ds_destroy(&actions); +} + +static void +build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, + struct hmap *lflows, struct shash *meter_groups, + struct hmap *lbs) +{ + /* This flow table structure is documented in ovn-northd(8), so please + * update ovn-northd.8.xml if you change anything. */ + + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; + + struct ovn_datapath *od; + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_step_0_od(od, lflows); + } + + struct ovn_port *op; + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_0_op(op, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_step_10_od(od, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_10_op(op, lflows); + } + /* Logical router ingress table 3: IP Input. */ HMAP_FOR_EACH (od, key_node, datapaths) { if (!od->nbr) { From patchwork Thu Jul 16 13:19:01 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330241 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6vxN61tfz9sTF for ; Thu, 16 Jul 2020 23:19:51 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id C2DE288F2C; Thu, 16 Jul 2020 13:19:49 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HJC2BWSoHHp3; Thu, 16 Jul 2020 13:19:44 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by fraxinus.osuosl.org (Postfix) with ESMTP id 80A0188CB2; Thu, 16 Jul 2020 13:19:42 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 6397CC0893; Thu, 16 Jul 2020 13:19:42 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id AF3D1C0895 for ; Thu, 16 Jul 2020 13:19:40 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 91B2788CAB for ; Thu, 16 Jul 2020 13:19:40 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4J5e9ze1pnsN for ; Thu, 16 Jul 2020 13:19:39 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by fraxinus.osuosl.org (Postfix) with ESMTPS id BBAB988871 for ; Thu, 16 Jul 2020 13:19:39 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw3nW-00027W-8R for dev@openvswitch.org; Thu, 16 Jul 2020 13:19:38 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3nT-0001Hz-Bm; Thu, 16 Jul 2020 14:19:37 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:01 +0100 Message-Id: <20200716131927.3943-4-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 03/29] Move out Table 3 operations to functions X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 143 ++++++++++++++++++++++++++------------------ 1 file changed, 84 insertions(+), 59 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 1ec530854..8a0e28040 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -8316,39 +8316,12 @@ build_lrouter_flows_step_10_op(struct ovn_port *op, struct hmap *lflows) } static void -build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, - struct hmap *lflows, struct shash *meter_groups, - struct hmap *lbs) +build_lrouter_flows_step_20_od(struct ovn_datapath *od, struct hmap *lflows) { - /* This flow table structure is documented in ovn-northd(8), so please - * update ovn-northd.8.xml if you change anything. */ - struct ds match = DS_EMPTY_INITIALIZER; - struct ds actions = DS_EMPTY_INITIALIZER; - - struct ovn_datapath *od; - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_0_od(od, lflows); - } - - struct ovn_port *op; - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_0_op(op, lflows); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_10_od(od, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_10_op(op, lflows); - } /* Logical router ingress table 3: IP Input. */ - HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbr) { - continue; - } + if (od->nbr) { /* L3 admission control: drop multicast and broadcast source, localhost * source or destination, and zero network source or destination @@ -8427,7 +8400,6 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, "eth.bcast", "drop;"); /* TTL discard */ - ds_clear(&match); ds_put_cstr(&match, "ip4 && ip.ttl == {0, 1}"); ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_INPUT, 30, ds_cstr(&match), "drop;"); @@ -8436,19 +8408,20 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, * routing. */ ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_INPUT, 0, "1", "next;"); } + ds_destroy(&match); +} - /* Logical router ingress table 3: IP Input for IPv4. */ - HMAP_FOR_EACH (op, key_node, ports) { - if (!op->nbrp) { - continue; - } +static void +build_lrouter_flows_step_20_op(struct ovn_port *op, struct hmap *lflows) +{ + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; - if (op->derived) { - /* No ingress packets are accepted on a chassisredirect - * port, so no need to program flows for that port. */ - continue; - } + /* Logical router ingress table 3: IP Input for IPv4. + * No ingress packets are accepted on a chassisredirect + * port, so no need to program flows for that port. */ + if (op->nbrp && (!op->derived)) { if (op->lrp_networks.n_ipv4_addrs) { /* L3 admission control: drop packets that originate from an * IPv4 address owned by the router or a broadcast address @@ -8742,7 +8715,7 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, * ETH address. */ if (op != op->od->l3dgw_port) { - continue; + return; } for (size_t i = 0; i < op->od->nbr->n_nat; i++) { @@ -8822,16 +8795,18 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, } } - /* DHCPv6 reply handling */ - HMAP_FOR_EACH (op, key_node, ports) { - if (!op->nbrp) { - continue; - } + ds_destroy(&match); + ds_destroy(&actions); +} - if (op->derived) { - continue; - } +static void +build_lrouter_flows_step_30_op(struct ovn_port *op, struct hmap *lflows) +{ + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; + /* DHCPv6 reply handling */ + if (op->nbrp && (!op->derived)) { for (size_t i = 0; i < op->lrp_networks.n_ipv6_addrs; i++) { ds_clear(&actions); ds_clear(&match); @@ -8843,19 +8818,21 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, ds_cstr(&match), ds_cstr(&actions)); } } + ds_destroy(&match); + ds_destroy(&actions); +} - /* Logical router ingress table 1: IP Input for IPv6. */ - HMAP_FOR_EACH (op, key_node, ports) { - if (!op->nbrp) { - continue; - } +static void +build_lrouter_flows_step_40_op(struct ovn_port *op, struct hmap *lflows) +{ + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; - if (op->derived) { - /* No ingress packets are accepted on a chassisredirect - * port, so no need to program flows for that port. */ - continue; - } + /* Logical router ingress table 1: IP Input for IPv6. + * No ingress packets are accepted on a chassisredirect + * port, so no need to program flows for that port. */ + if (op->nbrp && (!op->derived)) { if (op->lrp_networks.n_ipv6_addrs) { /* ICMPv6 echo reply. These flows reply to echo requests * received for the router's IP address. */ @@ -8978,6 +8955,54 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, &op->nbrp->header_); } } + ds_destroy(&match); + ds_destroy(&actions); +} + +static void +build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, + struct hmap *lflows, struct shash *meter_groups, + struct hmap *lbs) +{ + /* This flow table structure is documented in ovn-northd(8), so please + * update ovn-northd.8.xml if you change anything. */ + + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; + + struct ovn_datapath *od; + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_step_0_od(od, lflows); + } + + struct ovn_port *op; + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_0_op(op, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_step_10_od(od, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_10_op(op, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_step_20_od(od, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_20_op(op, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_30_op(op, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_40_op(op, lflows); + } /* NAT, Defrag and load balancing. */ HMAP_FOR_EACH (od, key_node, datapaths) { From patchwork Thu Jul 16 13:19:02 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330240 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.133; helo=hemlock.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6vxP09SBz9sTR for ; Thu, 16 Jul 2020 23:19:52 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 55ECA8A6B2; Thu, 16 Jul 2020 13:19:50 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r4X9ejoJEhNX; Thu, 16 Jul 2020 13:19:45 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by hemlock.osuosl.org (Postfix) with ESMTP id 416BC8A71F; Thu, 16 Jul 2020 13:19:45 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 31A18C0893; Thu, 16 Jul 2020 13:19:45 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id C5B55C0733 for ; Thu, 16 Jul 2020 13:19:43 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id AD67388ED6 for ; Thu, 16 Jul 2020 13:19:43 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ef0iKl5pLE6j for ; Thu, 16 Jul 2020 13:19:41 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by fraxinus.osuosl.org (Postfix) with ESMTPS id 81F9C88C67 for ; Thu, 16 Jul 2020 13:19:41 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw3nY-00027a-1Y for dev@openvswitch.org; Thu, 16 Jul 2020 13:19:40 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3nV-0001Hz-5Y; Thu, 16 Jul 2020 14:19:38 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:02 +0100 Message-Id: <20200716131927.3943-5-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 04/29] Move NAT and Load Balancing to a separate function X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 144 ++++++++++++++++++++++++++------------------ 1 file changed, 87 insertions(+), 57 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 8a0e28040..95c17af98 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -8715,6 +8715,8 @@ build_lrouter_flows_step_20_op(struct ovn_port *op, struct hmap *lflows) * ETH address. */ if (op != op->od->l3dgw_port) { + ds_destroy(&match); + ds_destroy(&actions); return; } @@ -8960,56 +8962,15 @@ build_lrouter_flows_step_40_op(struct ovn_port *op, struct hmap *lflows) } static void -build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, - struct hmap *lflows, struct shash *meter_groups, - struct hmap *lbs) +build_lrouter_flows_step_50_od( + struct ovn_datapath *od, struct hmap *lflows, + struct hmap *lbs, struct shash *meter_groups) { - /* This flow table structure is documented in ovn-northd(8), so please - * update ovn-northd.8.xml if you change anything. */ - struct ds match = DS_EMPTY_INITIALIZER; struct ds actions = DS_EMPTY_INITIALIZER; - struct ovn_datapath *od; - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_0_od(od, lflows); - } - - struct ovn_port *op; - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_0_op(op, lflows); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_10_od(od, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_10_op(op, lflows); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_20_od(od, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_20_op(op, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_30_op(op, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_40_op(op, lflows); - } - /* NAT, Defrag and load balancing. */ - HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbr) { - continue; - } - + if (od->nbr) { /* Packets are allowed by default. */ ovn_lflow_add(lflows, od, S_ROUTER_IN_DEFRAG, 0, "1", "next;"); ovn_lflow_add(lflows, od, S_ROUTER_IN_UNSNAT, 0, "1", "next;"); @@ -9027,7 +8988,9 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, * l3dgw_port (router has a port with "redirect-chassis" * specified). */ if (!smap_get(&od->nbr->options, "chassis") && !od->l3dgw_port) { - continue; + ds_destroy(&match); + ds_destroy(&actions); + return; } struct sset nat_entries = SSET_INITIALIZER(&nat_entries); @@ -9562,7 +9525,9 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, * Gateway routers or router with gateway port. */ if (!smap_get(&od->nbr->options, "chassis") && !od->l3dgw_port) { sset_destroy(&nat_entries); - continue; + ds_destroy(&match); + ds_destroy(&actions); + return; } /* A set to hold all ips that need defragmentation and tracking. */ @@ -9641,18 +9606,23 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, sset_destroy(&all_ips); sset_destroy(&nat_entries); } + ds_destroy(&match); + ds_destroy(&actions); +} + +static void +build_lrouter_flows_step_50_op(struct ovn_port *op, struct hmap *lflows) +{ /* Logical router ingress table ND_RA_OPTIONS & ND_RA_RESPONSE: IPv6 Router * Adv (RA) options and response. */ - HMAP_FOR_EACH (op, key_node, ports) { - if (!op->nbrp || op->nbrp->peer || !op->peer) { - continue; - } - - if (!op->lrp_networks.n_ipv6_addrs) { - continue; - } + if (!op->nbrp || op->nbrp->peer || !op->peer) { + return; + } + if (op->lrp_networks.n_ipv6_addrs) { + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; struct smap options; smap_clone(&options, &op->sb->options); @@ -9681,7 +9651,9 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, &op->nbrp->ipv6_ra_configs, "address_mode"); if (!address_mode) { - continue; + ds_destroy(&match); + ds_destroy(&actions); + return; } if (strcmp(address_mode, "slaac") && strcmp(address_mode, "dhcpv6_stateful") && @@ -9689,7 +9661,9 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); VLOG_WARN_RL(&rl, "Invalid address mode [%s] defined", address_mode); - continue; + ds_destroy(&match); + ds_destroy(&actions); + return; } if (smap_get_bool(&op->nbrp->ipv6_ra_configs, "send_periodic", @@ -9760,6 +9734,62 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, ds_cstr(&match), ds_cstr(&actions), &op->nbrp->header_); } + ds_destroy(&match); + ds_destroy(&actions); + } +} + +static void +build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, + struct hmap *lflows, struct shash *meter_groups, + struct hmap *lbs) +{ + /* This flow table structure is documented in ovn-northd(8), so please + * update ovn-northd.8.xml if you change anything. */ + + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; + + struct ovn_datapath *od; + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_step_0_od(od, lflows); + } + + struct ovn_port *op; + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_0_op(op, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_step_10_od(od, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_10_op(op, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_step_20_od(od, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_20_op(op, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_30_op(op, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_40_op(op, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_step_50_od(od, lflows, lbs, meter_groups); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_50_op(op, lflows); } /* Logical router ingress table ND_RA_OPTIONS & ND_RA_RESPONSE: RS From patchwork Thu Jul 16 13:19:03 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330242 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6vxT4SWDz9sT6 for ; Thu, 16 Jul 2020 23:19:57 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 10FC688F00; Thu, 16 Jul 2020 13:19:56 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7_RTOLM8IFOP; Thu, 16 Jul 2020 13:19:53 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by fraxinus.osuosl.org (Postfix) with ESMTP id 4659F88EC1; Thu, 16 Jul 2020 13:19:50 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 2998EC0895; Thu, 16 Jul 2020 13:19:50 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id 7CE10C0733 for ; Thu, 16 Jul 2020 13:19:48 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 6959688F2A for ; Thu, 16 Jul 2020 13:19:48 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s6rBc48rlsYv for ; Thu, 16 Jul 2020 13:19:46 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by fraxinus.osuosl.org (Postfix) with ESMTPS id 3B7E888EC2 for ; Thu, 16 Jul 2020 13:19:43 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw3nZ-00027e-Pe for dev@openvswitch.org; Thu, 16 Jul 2020 13:19:41 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3nW-0001Hz-V7; Thu, 16 Jul 2020 14:19:40 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:03 +0100 Message-Id: <20200716131927.3943-6-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 05/29] Move Logical router ingress table IP_ROUTING to a function X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 97 ++++++++++++++++++++++++++------------------- 1 file changed, 56 insertions(+), 41 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 95c17af98..807bf23ec 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -9739,6 +9739,60 @@ build_lrouter_flows_step_50_op(struct ovn_port *op, struct hmap *lflows) } } +static void +build_lrouter_flows_step_60_od(struct ovn_datapath *od, struct hmap *lflows) +{ + /* Logical router ingress table ND_RA_OPTIONS & ND_RA_RESPONSE: RS + * responder, by default goto next. (priority 0)*/ + if (od->nbr) { + ovn_lflow_add(lflows, od, S_ROUTER_IN_ND_RA_OPTIONS, 0, "1", "next;"); + ovn_lflow_add(lflows, od, S_ROUTER_IN_ND_RA_RESPONSE, 0, "1", "next;"); + } +} + +static void +build_lrouter_flows_step_70_op(struct ovn_port *op, struct hmap *lflows) +{ + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; + + /* Logical router ingress table IP_ROUTING & IP_ROUTING_ECMP: IP Routing. + * + * A packet that arrives at this table is an IP packet that should be + * routed to the address in 'ip[46].dst'. + * + * For regular routes without ECMP, table IP_ROUTING sets outport to the + * correct output port, eth.src to the output port's MAC address, and + * REG_NEXT_HOP_IPV4/REG_NEXT_HOP_IPV6 to the next-hop IP address + * (leaving 'ip[46].dst', the packet’s final destination, unchanged), and + * advances to the next table. + * + * For ECMP routes, i.e. multiple routes with same policy and prefix, table + * IP_ROUTING remembers ECMP group id and selects a member id, and advances + * to table IP_ROUTING_ECMP, which sets outport, eth.src and + * REG_NEXT_HOP_IPV4/REG_NEXT_HOP_IPV6 for the selected ECMP member. + */ + + if (op->nbrp) { + + for (int i = 0; i < op->lrp_networks.n_ipv4_addrs; i++) { + add_route(lflows, op, op->lrp_networks.ipv4_addrs[i].addr_s, + op->lrp_networks.ipv4_addrs[i].network_s, + op->lrp_networks.ipv4_addrs[i].plen, NULL, false, + &op->nbrp->header_); + } + + for (int i = 0; i < op->lrp_networks.n_ipv6_addrs; i++) { + add_route(lflows, op, op->lrp_networks.ipv6_addrs[i].addr_s, + op->lrp_networks.ipv6_addrs[i].network_s, + op->lrp_networks.ipv6_addrs[i].plen, NULL, false, + &op->nbrp->header_); + } + } + ds_destroy(&match); + ds_destroy(&actions); +} + static void build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, struct hmap *lflows, struct shash *meter_groups, @@ -9792,51 +9846,12 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, build_lrouter_flows_step_50_op(op, lflows); } - /* Logical router ingress table ND_RA_OPTIONS & ND_RA_RESPONSE: RS - * responder, by default goto next. (priority 0)*/ HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbr) { - continue; - } - - ovn_lflow_add(lflows, od, S_ROUTER_IN_ND_RA_OPTIONS, 0, "1", "next;"); - ovn_lflow_add(lflows, od, S_ROUTER_IN_ND_RA_RESPONSE, 0, "1", "next;"); + build_lrouter_flows_step_60_od(od, lflows); } - /* Logical router ingress table IP_ROUTING & IP_ROUTING_ECMP: IP Routing. - * - * A packet that arrives at this table is an IP packet that should be - * routed to the address in 'ip[46].dst'. - * - * For regular routes without ECMP, table IP_ROUTING sets outport to the - * correct output port, eth.src to the output port's MAC address, and - * REG_NEXT_HOP_IPV4/REG_NEXT_HOP_IPV6 to the next-hop IP address - * (leaving 'ip[46].dst', the packet’s final destination, unchanged), and - * advances to the next table. - * - * For ECMP routes, i.e. multiple routes with same policy and prefix, table - * IP_ROUTING remembers ECMP group id and selects a member id, and advances - * to table IP_ROUTING_ECMP, which sets outport, eth.src and - * REG_NEXT_HOP_IPV4/REG_NEXT_HOP_IPV6 for the selected ECMP member. - */ HMAP_FOR_EACH (op, key_node, ports) { - if (!op->nbrp) { - continue; - } - - for (int i = 0; i < op->lrp_networks.n_ipv4_addrs; i++) { - add_route(lflows, op, op->lrp_networks.ipv4_addrs[i].addr_s, - op->lrp_networks.ipv4_addrs[i].network_s, - op->lrp_networks.ipv4_addrs[i].plen, NULL, false, - &op->nbrp->header_); - } - - for (int i = 0; i < op->lrp_networks.n_ipv6_addrs; i++) { - add_route(lflows, op, op->lrp_networks.ipv6_addrs[i].addr_s, - op->lrp_networks.ipv6_addrs[i].network_s, - op->lrp_networks.ipv6_addrs[i].plen, NULL, false, - &op->nbrp->header_); - } + build_lrouter_flows_step_70_op(op, lflows); } /* Convert the static routes to flows. */ From patchwork Thu Jul 16 13:19:04 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330243 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.138; helo=whitealder.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6vxc2d90z9sSt for ; Thu, 16 Jul 2020 23:20:04 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 720A68B0F0; Thu, 16 Jul 2020 13:20:02 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3ZVzrd+Itvwa; Thu, 16 Jul 2020 13:19:57 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by whitealder.osuosl.org (Postfix) with ESMTP id 9003F8AD57; Thu, 16 Jul 2020 13:19:55 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 645ADC1D81; Thu, 16 Jul 2020 13:19:55 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by lists.linuxfoundation.org (Postfix) with ESMTP id B8B55C1830 for ; Thu, 16 Jul 2020 13:19:52 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id A5F7525304 for ; Thu, 16 Jul 2020 13:19:52 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ufYjIJdj+0Jy for ; Thu, 16 Jul 2020 13:19:46 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by silver.osuosl.org (Postfix) with ESMTPS id 5084C2052B for ; Thu, 16 Jul 2020 13:19:45 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw3nb-00027i-GF for dev@openvswitch.org; Thu, 16 Jul 2020 13:19:43 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3nY-0001Hz-OW; Thu, 16 Jul 2020 14:19:42 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:04 +0100 Message-Id: <20200716131927.3943-7-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 06/29] Move static route datapath mapping to a function X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 96 ++++++++++++++++++++++++--------------------- 1 file changed, 51 insertions(+), 45 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 807bf23ec..c6e58576a 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -9793,6 +9793,56 @@ build_lrouter_flows_step_70_op(struct ovn_port *op, struct hmap *lflows) ds_destroy(&actions); } +static void +build_lrouter_flows_step_80_od( + struct ovn_datapath *od, struct hmap *lflows, struct hmap *ports) +{ + /* Convert the static routes to flows. */ + if (od->nbr) { + ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_ROUTING_ECMP, 150, + REG_ECMP_GROUP_ID" == 0", "next;"); + + struct hmap ecmp_groups = HMAP_INITIALIZER(&ecmp_groups); + struct hmap unique_routes = HMAP_INITIALIZER(&unique_routes); + struct ovs_list parsed_routes = OVS_LIST_INITIALIZER(&parsed_routes); + struct ecmp_groups_node *group; + for (int i = 0; i < od->nbr->n_static_routes; i++) { + struct parsed_route *route = + parsed_routes_add(&parsed_routes, od->nbr->static_routes[i]); + if (!route) { + continue; + } + group = ecmp_groups_find(&ecmp_groups, route); + if (group) { + ecmp_groups_add_route(group, route); + } else { + const struct parsed_route *existed_route = + unique_routes_remove(&unique_routes, route); + if (existed_route) { + group = ecmp_groups_add(&ecmp_groups, existed_route); + if (group) { + ecmp_groups_add_route(group, route); + } + } else { + unique_routes_add(&unique_routes, route); + } + } + } + HMAP_FOR_EACH (group, hmap_node, &ecmp_groups) { + /* add a flow in IP_ROUTING, and one flow for each member in + * IP_ROUTING_ECMP. */ + build_ecmp_route_flow(lflows, od, ports, group); + } + const struct unique_routes_node *ur; + HMAP_FOR_EACH (ur, hmap_node, &unique_routes) { + build_static_route_flow(lflows, od, ports, ur->route); + } + ecmp_groups_destroy(&ecmp_groups); + unique_routes_destroy(&unique_routes); + parsed_routes_destroy(&parsed_routes); + } +} + static void build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, struct hmap *lflows, struct shash *meter_groups, @@ -9854,52 +9904,8 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, build_lrouter_flows_step_70_op(op, lflows); } - /* Convert the static routes to flows. */ HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbr) { - continue; - } - ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_ROUTING_ECMP, 150, - REG_ECMP_GROUP_ID" == 0", "next;"); - - struct hmap ecmp_groups = HMAP_INITIALIZER(&ecmp_groups); - struct hmap unique_routes = HMAP_INITIALIZER(&unique_routes); - struct ovs_list parsed_routes = OVS_LIST_INITIALIZER(&parsed_routes); - struct ecmp_groups_node *group; - for (int i = 0; i < od->nbr->n_static_routes; i++) { - struct parsed_route *route = - parsed_routes_add(&parsed_routes, od->nbr->static_routes[i]); - if (!route) { - continue; - } - group = ecmp_groups_find(&ecmp_groups, route); - if (group) { - ecmp_groups_add_route(group, route); - } else { - const struct parsed_route *existed_route = - unique_routes_remove(&unique_routes, route); - if (existed_route) { - group = ecmp_groups_add(&ecmp_groups, existed_route); - if (group) { - ecmp_groups_add_route(group, route); - } - } else { - unique_routes_add(&unique_routes, route); - } - } - } - HMAP_FOR_EACH (group, hmap_node, &ecmp_groups) { - /* add a flow in IP_ROUTING, and one flow for each member in - * IP_ROUTING_ECMP. */ - build_ecmp_route_flow(lflows, od, ports, group); - } - const struct unique_routes_node *ur; - HMAP_FOR_EACH (ur, hmap_node, &unique_routes) { - build_static_route_flow(lflows, od, ports, ur->route); - } - ecmp_groups_destroy(&ecmp_groups); - unique_routes_destroy(&unique_routes); - parsed_routes_destroy(&parsed_routes); + build_lrouter_flows_step_80_od(od, lflows, ports); } /* IP Multicast lookup. Here we set the output port, adjust TTL and From patchwork Thu Jul 16 13:19:05 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330246 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.136; helo=silver.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6vy360GGz9sSt for ; Thu, 16 Jul 2020 23:20:27 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id E404127071; Thu, 16 Jul 2020 13:20:25 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bI3xhxSbJJ7j; Thu, 16 Jul 2020 13:20:16 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by silver.osuosl.org (Postfix) with ESMTP id 3A2B4253F8; Thu, 16 Jul 2020 13:19:53 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 0DA43C0733; Thu, 16 Jul 2020 13:19:53 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by lists.linuxfoundation.org (Postfix) with ESMTP id B1DF8C0733 for ; Thu, 16 Jul 2020 13:19:49 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id A22AF8B0FE for ; Thu, 16 Jul 2020 13:19:49 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p2Kyh2ANRdHW for ; Thu, 16 Jul 2020 13:19:47 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by whitealder.osuosl.org (Postfix) with ESMTPS id D666E8B0DD for ; Thu, 16 Jul 2020 13:19:46 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw3nd-00027m-9G for dev@openvswitch.org; Thu, 16 Jul 2020 13:19:45 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3na-0001Hz-Fa; Thu, 16 Jul 2020 14:19:44 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:05 +0100 Message-Id: <20200716131927.3943-8-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 07/29] Move out multicast lookup into a function X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 128 ++++++++++++++++++++++++-------------------- 1 file changed, 69 insertions(+), 59 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index c6e58576a..61f9b4ab8 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -9843,6 +9843,74 @@ build_lrouter_flows_step_80_od( } } +static void +build_lrouter_flows_step_90_od(struct ovn_datapath *od, struct hmap *lflows) +{ + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; + + /* IP Multicast lookup. Here we set the output port, adjust TTL and + * advance to next table (priority 500). + */ + if (od->nbr) { + + /* Drop IPv6 multicast traffic that shouldn't be forwarded, + * i.e., router solicitation and router advertisement. + */ + ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_ROUTING, 550, + "nd_rs || nd_ra", "drop;"); + + if (!od->mcast_info.rtr.relay) { + return; + } + + struct ovn_igmp_group *igmp_group; + + LIST_FOR_EACH (igmp_group, list_node, &od->mcast_info.groups) { + ds_clear(&match); + ds_clear(&actions); + if (IN6_IS_ADDR_V4MAPPED(&igmp_group->address)) { + ds_put_format(&match, "ip4 && ip4.dst == %s ", + igmp_group->mcgroup.name); + } else { + ds_put_format(&match, "ip6 && ip6.dst == %s ", + igmp_group->mcgroup.name); + } + if (od->mcast_info.rtr.flood_static) { + ds_put_cstr(&actions, + "clone { " + "outport = \""MC_STATIC"\"; " + "ip.ttl--; " + "next; " + "};"); + } + ds_put_format(&actions, "outport = \"%s\"; ip.ttl--; next;", + igmp_group->mcgroup.name); + ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_ROUTING, 500, + ds_cstr(&match), ds_cstr(&actions)); + } + + /* If needed, flood unregistered multicast on statically configured + * ports. Otherwise drop any multicast traffic. + */ + if (od->mcast_info.rtr.flood_static) { + ds_clear(&actions); + ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_ROUTING, 450, + "ip4.mcast || ip6.mcast", + "clone { " + "outport = \""MC_STATIC"\"; " + "ip.ttl--; " + "next; " + "};"); + } else { + ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_ROUTING, 450, + "ip4.mcast || ip6.mcast", "drop;"); + } + } + ds_destroy(&match); + ds_destroy(&actions); +} + static void build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, struct hmap *lflows, struct shash *meter_groups, @@ -9908,66 +9976,8 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, build_lrouter_flows_step_80_od(od, lflows, ports); } - /* IP Multicast lookup. Here we set the output port, adjust TTL and - * advance to next table (priority 500). - */ HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbr) { - continue; - } - - /* Drop IPv6 multicast traffic that shouldn't be forwarded, - * i.e., router solicitation and router advertisement. - */ - ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_ROUTING, 550, - "nd_rs || nd_ra", "drop;"); - - if (!od->mcast_info.rtr.relay) { - continue; - } - - struct ovn_igmp_group *igmp_group; - - LIST_FOR_EACH (igmp_group, list_node, &od->mcast_info.groups) { - ds_clear(&match); - ds_clear(&actions); - if (IN6_IS_ADDR_V4MAPPED(&igmp_group->address)) { - ds_put_format(&match, "ip4 && ip4.dst == %s ", - igmp_group->mcgroup.name); - } else { - ds_put_format(&match, "ip6 && ip6.dst == %s ", - igmp_group->mcgroup.name); - } - if (od->mcast_info.rtr.flood_static) { - ds_put_cstr(&actions, - "clone { " - "outport = \""MC_STATIC"\"; " - "ip.ttl--; " - "next; " - "};"); - } - ds_put_format(&actions, "outport = \"%s\"; ip.ttl--; next;", - igmp_group->mcgroup.name); - ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_ROUTING, 500, - ds_cstr(&match), ds_cstr(&actions)); - } - - /* If needed, flood unregistered multicast on statically configured - * ports. Otherwise drop any multicast traffic. - */ - if (od->mcast_info.rtr.flood_static) { - ds_clear(&actions); - ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_ROUTING, 450, - "ip4.mcast || ip6.mcast", - "clone { " - "outport = \""MC_STATIC"\"; " - "ip.ttl--; " - "next; " - "};"); - } else { - ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_ROUTING, 450, - "ip4.mcast || ip6.mcast", "drop;"); - } + build_lrouter_flows_step_90_od(od, lflows); } /* Logical router ingress table POLICY: Policy. From patchwork Thu Jul 16 13:19:06 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330244 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.138; helo=whitealder.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6vxm6Hqmz9sSt for ; Thu, 16 Jul 2020 23:20:12 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 4C0988B126; Thu, 16 Jul 2020 13:20:11 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wWpPJZD6kKTE; Thu, 16 Jul 2020 13:20:05 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by whitealder.osuosl.org (Postfix) with ESMTP id DD0C08B12F; Thu, 16 Jul 2020 13:19:57 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id B5445C1831; Thu, 16 Jul 2020 13:19:57 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by lists.linuxfoundation.org (Postfix) with ESMTP id C02A3C1D81 for ; Thu, 16 Jul 2020 13:19:55 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id A41A2259C9 for ; Thu, 16 Jul 2020 13:19:55 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z2AIVSXSDPDS for ; Thu, 16 Jul 2020 13:19:49 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by silver.osuosl.org (Postfix) with ESMTPS id 7098720526 for ; Thu, 16 Jul 2020 13:19:48 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw3nf-00027q-0B for dev@openvswitch.org; Thu, 16 Jul 2020 13:19:47 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3nc-0001Hz-7h; Thu, 16 Jul 2020 14:19:45 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:06 +0100 Message-Id: <20200716131927.3943-9-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 08/29] Move Logical router ingress policy to a function X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 52 ++++++++++++++++++++++++++------------------- 1 file changed, 30 insertions(+), 22 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 61f9b4ab8..7932ab9e3 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -9911,6 +9911,35 @@ build_lrouter_flows_step_90_od(struct ovn_datapath *od, struct hmap *lflows) ds_destroy(&actions); } +static void +build_lrouter_flows_step_100_od( + struct ovn_datapath *od, struct hmap *lflows, struct hmap *ports) +{ + + /* Logical router ingress table POLICY: Policy. + * + * A packet that arrives at this table is an IP packet that should be + * permitted/denied/rerouted to the address in the rule's nexthop. + * This table sets outport to the correct out_port, + * eth.src to the output port's MAC address, + * and REG_NEXT_HOP_IPV4/REG_NEXT_HOP_IPV6 to the next-hop IP address + * (leaving 'ip[46].dst', the packet’s final destination, unchanged), and + * advances to the next table for ARP/ND resolution. */ + + if (od->nbr) { + /* This is a catch-all rule. It has the lowest priority (0) + * does a match-all("1") and pass-through (next) */ + ovn_lflow_add(lflows, od, S_ROUTER_IN_POLICY, 0, "1", "next;"); + + /* Convert routing policies to flows. */ + for (int i = 0; i < od->nbr->n_policies; i++) { + const struct nbrec_logical_router_policy *rule + = od->nbr->policies[i]; + build_routing_policy_flow(lflows, od, ports, rule, &rule->header_); + } + } +} + static void build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, struct hmap *lflows, struct shash *meter_groups, @@ -9980,29 +10009,8 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, build_lrouter_flows_step_90_od(od, lflows); } - /* Logical router ingress table POLICY: Policy. - * - * A packet that arrives at this table is an IP packet that should be - * permitted/denied/rerouted to the address in the rule's nexthop. - * This table sets outport to the correct out_port, - * eth.src to the output port's MAC address, - * and REG_NEXT_HOP_IPV4/REG_NEXT_HOP_IPV6 to the next-hop IP address - * (leaving 'ip[46].dst', the packet’s final destination, unchanged), and - * advances to the next table for ARP/ND resolution. */ HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbr) { - continue; - } - /* This is a catch-all rule. It has the lowest priority (0) - * does a match-all("1") and pass-through (next) */ - ovn_lflow_add(lflows, od, S_ROUTER_IN_POLICY, 0, "1", "next;"); - - /* Convert routing policies to flows. */ - for (int i = 0; i < od->nbr->n_policies; i++) { - const struct nbrec_logical_router_policy *rule - = od->nbr->policies[i]; - build_routing_policy_flow(lflows, od, ports, rule, &rule->header_); - } + build_lrouter_flows_step_100_od(od, lflows, ports); } From patchwork Thu Jul 16 13:19:07 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330245 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6vxn4Nmlz9sT6 for ; Thu, 16 Jul 2020 23:20:13 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 1991C88F7F; Thu, 16 Jul 2020 13:20:12 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zvIOMJma9Ge0; Thu, 16 Jul 2020 13:20:06 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by fraxinus.osuosl.org (Postfix) with ESMTP id 2BF4A88FA9; Thu, 16 Jul 2020 13:20:02 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id DEDACC08A9; Thu, 16 Jul 2020 13:20:01 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 5C978C0893 for ; Thu, 16 Jul 2020 13:20:00 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 3C27389ABF for ; Thu, 16 Jul 2020 13:20:00 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ymd7Z5mUfImD for ; Thu, 16 Jul 2020 13:19:52 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by hemlock.osuosl.org (Postfix) with ESMTPS id C1E068A561 for ; Thu, 16 Jul 2020 13:19:51 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw3nh-00027u-Ms for dev@openvswitch.org; Thu, 16 Jul 2020 13:19:50 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3nd-0001Hz-VE; Thu, 16 Jul 2020 14:19:48 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:07 +0100 Message-Id: <20200716131927.3943-10-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 09/29] Move packet size rules to a separate function X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 752 +++++++++++++++++++++++--------------------- 1 file changed, 397 insertions(+), 355 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 7932ab9e3..0b4926a75 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -9941,93 +9941,25 @@ build_lrouter_flows_step_100_od( } static void -build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, - struct hmap *lflows, struct shash *meter_groups, - struct hmap *lbs) +build_lrouter_flows_step_110_od( + struct ovn_datapath *od, struct hmap *lflows) { - /* This flow table structure is documented in ovn-northd(8), so please - * update ovn-northd.8.xml if you change anything. */ - - struct ds match = DS_EMPTY_INITIALIZER; - struct ds actions = DS_EMPTY_INITIALIZER; - - struct ovn_datapath *od; - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_0_od(od, lflows); - } - - struct ovn_port *op; - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_0_op(op, lflows); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_10_od(od, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_10_op(op, lflows); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_20_od(od, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_20_op(op, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_30_op(op, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_40_op(op, lflows); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_50_od(od, lflows, lbs, meter_groups); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_50_op(op, lflows); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_60_od(od, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_70_op(op, lflows); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_80_od(od, lflows, ports); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_90_od(od, lflows); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_100_od(od, lflows, ports); - } - - - /* XXX destination unreachable */ - /* Local router ingress table ARP_RESOLVE: ARP Resolution. * * Multicast packets already have the outport set so just advance to next * table (priority 500). */ - HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbr) { - continue; - } - + if (od->nbr) { ovn_lflow_add(lflows, od, S_ROUTER_IN_ARP_RESOLVE, 500, "ip4.mcast || ip6.mcast", "next;"); } +} + +static void +build_lrouter_flows_step_120_op( + struct ovn_port *op, struct hmap *lflows, struct hmap *ports) +{ + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; /* Local router ingress table ARP_RESOLVE: ARP Resolution. * @@ -10038,188 +9970,133 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, * REG_NEXT_HOP_IPV4/REG_NEXT_HOP_IPV6 into an output port in outport and * an Ethernet address in eth.dst. */ - HMAP_FOR_EACH (op, key_node, ports) { - if (op->nbsp && !lsp_is_enabled(op->nbsp)) { - continue; - } - - if (op->nbrp) { - /* This is a logical router port. If next-hop IP address in - * REG_NEXT_HOP_IPV4/REG_NEXT_HOP_IPV6 matches IP address of this - * router port, then the packet is intended to eventually be sent - * to this logical port. Set the destination mac address using - * this port's mac address. - * - * The packet is still in peer's logical pipeline. So the match - * should be on peer's outport. */ - if (op->peer && op->nbrp->peer) { - if (op->lrp_networks.n_ipv4_addrs) { - ds_clear(&match); - ds_put_format(&match, "outport == %s && " - REG_NEXT_HOP_IPV4 "== ", - op->peer->json_key); - op_put_v4_networks(&match, op, false); - ds_clear(&actions); - ds_put_format(&actions, "eth.dst = %s; next;", - op->lrp_networks.ea_s); - ovn_lflow_add_with_hint(lflows, op->peer->od, - S_ROUTER_IN_ARP_RESOLVE, 100, - ds_cstr(&match), ds_cstr(&actions), - &op->nbrp->header_); - } + if (op->nbsp && !lsp_is_enabled(op->nbsp)) { + return; + } - if (op->lrp_networks.n_ipv6_addrs) { - ds_clear(&match); - ds_put_format(&match, "outport == %s && " - REG_NEXT_HOP_IPV6 " == ", - op->peer->json_key); - op_put_v6_networks(&match, op); + if (op->nbrp) { + /* This is a logical router port. If next-hop IP address in + * REG_NEXT_HOP_IPV4/REG_NEXT_HOP_IPV6 matches IP address of this + * router port, then the packet is intended to eventually be sent + * to this logical port. Set the destination mac address using + * this port's mac address. + * + * The packet is still in peer's logical pipeline. So the match + * should be on peer's outport. */ + if (op->peer && op->nbrp->peer) { + if (op->lrp_networks.n_ipv4_addrs) { + ds_clear(&match); + ds_put_format(&match, "outport == %s && " + REG_NEXT_HOP_IPV4 "== ", + op->peer->json_key); + op_put_v4_networks(&match, op, false); - ds_clear(&actions); - ds_put_format(&actions, "eth.dst = %s; next;", - op->lrp_networks.ea_s); - ovn_lflow_add_with_hint(lflows, op->peer->od, - S_ROUTER_IN_ARP_RESOLVE, 100, - ds_cstr(&match), ds_cstr(&actions), - &op->nbrp->header_); - } + ds_clear(&actions); + ds_put_format(&actions, "eth.dst = %s; next;", + op->lrp_networks.ea_s); + ovn_lflow_add_with_hint(lflows, op->peer->od, + S_ROUTER_IN_ARP_RESOLVE, 100, + ds_cstr(&match), ds_cstr(&actions), + &op->nbrp->header_); } - if (!op->derived && op->od->l3redirect_port) { - const char *redirect_type = smap_get(&op->nbrp->options, - "redirect-type"); - if (redirect_type && !strcasecmp(redirect_type, "bridged")) { - /* Packet is on a non gateway chassis and - * has an unresolved ARP on a network behind gateway - * chassis attached router port. Since, redirect type - * is "bridged", instead of calling "get_arp" - * on this node, we will redirect the packet to gateway - * chassis, by setting destination mac router port mac.*/ - ds_clear(&match); - ds_put_format(&match, "outport == %s && " - "!is_chassis_resident(%s)", op->json_key, - op->od->l3redirect_port->json_key); - ds_clear(&actions); - ds_put_format(&actions, "eth.dst = %s; next;", - op->lrp_networks.ea_s); + if (op->lrp_networks.n_ipv6_addrs) { + ds_clear(&match); + ds_put_format(&match, "outport == %s && " + REG_NEXT_HOP_IPV6 " == ", + op->peer->json_key); + op_put_v6_networks(&match, op); - ovn_lflow_add_with_hint(lflows, op->od, - S_ROUTER_IN_ARP_RESOLVE, 50, - ds_cstr(&match), ds_cstr(&actions), - &op->nbrp->header_); - } + ds_clear(&actions); + ds_put_format(&actions, "eth.dst = %s; next;", + op->lrp_networks.ea_s); + ovn_lflow_add_with_hint(lflows, op->peer->od, + S_ROUTER_IN_ARP_RESOLVE, 100, + ds_cstr(&match), ds_cstr(&actions), + &op->nbrp->header_); } - } else if (op->od->n_router_ports && strcmp(op->nbsp->type, "router") - && strcmp(op->nbsp->type, "virtual")) { - /* This is a logical switch port that backs a VM or a container. - * Extract its addresses. For each of the address, go through all - * the router ports attached to the switch (to which this port - * connects) and if the address in question is reachable from the - * router port, add an ARP/ND entry in that router's pipeline. */ - - for (size_t i = 0; i < op->n_lsp_addrs; i++) { - const char *ea_s = op->lsp_addrs[i].ea_s; - for (size_t j = 0; j < op->lsp_addrs[i].n_ipv4_addrs; j++) { - const char *ip_s = op->lsp_addrs[i].ipv4_addrs[j].addr_s; - for (size_t k = 0; k < op->od->n_router_ports; k++) { - /* Get the Logical_Router_Port that the - * Logical_Switch_Port is connected to, as - * 'peer'. */ - const char *peer_name = smap_get( - &op->od->router_ports[k]->nbsp->options, - "router-port"); - if (!peer_name) { - continue; - } + } - struct ovn_port *peer = ovn_port_find(ports, peer_name); - if (!peer || !peer->nbrp) { - continue; - } + if (!op->derived && op->od->l3redirect_port) { + const char *redirect_type = smap_get(&op->nbrp->options, + "redirect-type"); + if (redirect_type && !strcasecmp(redirect_type, "bridged")) { + /* Packet is on a non gateway chassis and + * has an unresolved ARP on a network behind gateway + * chassis attached router port. Since, redirect type + * is "bridged", instead of calling "get_arp" + * on this node, we will redirect the packet to gateway + * chassis, by setting destination mac router port mac.*/ + ds_clear(&match); + ds_put_format(&match, "outport == %s && " + "!is_chassis_resident(%s)", op->json_key, + op->od->l3redirect_port->json_key); + ds_clear(&actions); + ds_put_format(&actions, "eth.dst = %s; next;", + op->lrp_networks.ea_s); - if (!find_lrp_member_ip(peer, ip_s)) { - continue; - } + ovn_lflow_add_with_hint(lflows, op->od, + S_ROUTER_IN_ARP_RESOLVE, 50, + ds_cstr(&match), ds_cstr(&actions), + &op->nbrp->header_); + } + } + } else if (op->od->n_router_ports && strcmp(op->nbsp->type, "router") + && strcmp(op->nbsp->type, "virtual")) { + /* This is a logical switch port that backs a VM or a container. + * Extract its addresses. For each of the address, go through all + * the router ports attached to the switch (to which this port + * connects) and if the address in question is reachable from the + * router port, add an ARP/ND entry in that router's pipeline. */ - ds_clear(&match); - ds_put_format(&match, "outport == %s && " - REG_NEXT_HOP_IPV4 " == %s", - peer->json_key, ip_s); - - ds_clear(&actions); - ds_put_format(&actions, "eth.dst = %s; next;", ea_s); - ovn_lflow_add_with_hint(lflows, peer->od, - S_ROUTER_IN_ARP_RESOLVE, 100, - ds_cstr(&match), - ds_cstr(&actions), - &op->nbsp->header_); + for (size_t i = 0; i < op->n_lsp_addrs; i++) { + const char *ea_s = op->lsp_addrs[i].ea_s; + for (size_t j = 0; j < op->lsp_addrs[i].n_ipv4_addrs; j++) { + const char *ip_s = op->lsp_addrs[i].ipv4_addrs[j].addr_s; + for (size_t k = 0; k < op->od->n_router_ports; k++) { + /* Get the Logical_Router_Port that the + * Logical_Switch_Port is connected to, as + * 'peer'. */ + const char *peer_name = smap_get( + &op->od->router_ports[k]->nbsp->options, + "router-port"); + if (!peer_name) { + continue; } - } - for (size_t j = 0; j < op->lsp_addrs[i].n_ipv6_addrs; j++) { - const char *ip_s = op->lsp_addrs[i].ipv6_addrs[j].addr_s; - for (size_t k = 0; k < op->od->n_router_ports; k++) { - /* Get the Logical_Router_Port that the - * Logical_Switch_Port is connected to, as - * 'peer'. */ - const char *peer_name = smap_get( - &op->od->router_ports[k]->nbsp->options, - "router-port"); - if (!peer_name) { - continue; - } + struct ovn_port *peer = ovn_port_find(ports, peer_name); + if (!peer || !peer->nbrp) { + continue; + } - struct ovn_port *peer = ovn_port_find(ports, peer_name); - if (!peer || !peer->nbrp) { - continue; - } + if (!find_lrp_member_ip(peer, ip_s)) { + continue; + } - if (!find_lrp_member_ip(peer, ip_s)) { - continue; - } + ds_clear(&match); + ds_put_format(&match, "outport == %s && " + REG_NEXT_HOP_IPV4 " == %s", + peer->json_key, ip_s); - ds_clear(&match); - ds_put_format(&match, "outport == %s && " - REG_NEXT_HOP_IPV6 " == %s", - peer->json_key, ip_s); - - ds_clear(&actions); - ds_put_format(&actions, "eth.dst = %s; next;", ea_s); - ovn_lflow_add_with_hint(lflows, peer->od, - S_ROUTER_IN_ARP_RESOLVE, 100, - ds_cstr(&match), - ds_cstr(&actions), - &op->nbsp->header_); - } + ds_clear(&actions); + ds_put_format(&actions, "eth.dst = %s; next;", ea_s); + ovn_lflow_add_with_hint(lflows, peer->od, + S_ROUTER_IN_ARP_RESOLVE, 100, + ds_cstr(&match), + ds_cstr(&actions), + &op->nbsp->header_); } } - } else if (op->od->n_router_ports && strcmp(op->nbsp->type, "router") - && !strcmp(op->nbsp->type, "virtual")) { - /* This is a virtual port. Add ARP replies for the virtual ip with - * the mac of the present active virtual parent. - * If the logical port doesn't have virtual parent set in - * Port_Binding table, then add the flow to set eth.dst to - * 00:00:00:00:00:00 and advance to next table so that ARP is - * resolved by router pipeline using the arp{} action. - * The MAC_Binding entry for the virtual ip might be invalid. */ - ovs_be32 ip; - - const char *vip = smap_get(&op->nbsp->options, - "virtual-ip"); - const char *virtual_parents = smap_get(&op->nbsp->options, - "virtual-parents"); - if (!vip || !virtual_parents || - !ip_parse(vip, &ip) || !op->sb) { - continue; - } - if (!op->sb->virtual_parent || !op->sb->virtual_parent[0] || - !op->sb->chassis) { - /* The virtual port is not claimed yet. */ - for (size_t i = 0; i < op->od->n_router_ports; i++) { + for (size_t j = 0; j < op->lsp_addrs[i].n_ipv6_addrs; j++) { + const char *ip_s = op->lsp_addrs[i].ipv6_addrs[j].addr_s; + for (size_t k = 0; k < op->od->n_router_ports; k++) { + /* Get the Logical_Router_Port that the + * Logical_Switch_Port is connected to, as + * 'peer'. */ const char *peer_name = smap_get( - &op->od->router_ports[i]->nbsp->options, + &op->od->router_ports[k]->nbsp->options, "router-port"); if (!peer_name) { continue; @@ -10230,155 +10107,228 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, continue; } - if (find_lrp_member_ip(peer, vip)) { - ds_clear(&match); - ds_put_format(&match, "outport == %s && " - REG_NEXT_HOP_IPV4 " == %s", - peer->json_key, vip); - - ds_clear(&actions); - ds_put_format(&actions, - "eth.dst = 00:00:00:00:00:00; next;"); - ovn_lflow_add_with_hint(lflows, peer->od, - S_ROUTER_IN_ARP_RESOLVE, 100, - ds_cstr(&match), - ds_cstr(&actions), - &op->nbsp->header_); - break; + if (!find_lrp_member_ip(peer, ip_s)) { + continue; } - } - } else { - struct ovn_port *vp = - ovn_port_find(ports, op->sb->virtual_parent); - if (!vp || !vp->nbsp) { - continue; - } - - for (size_t i = 0; i < vp->n_lsp_addrs; i++) { - bool found_vip_network = false; - const char *ea_s = vp->lsp_addrs[i].ea_s; - for (size_t j = 0; j < vp->od->n_router_ports; j++) { - /* Get the Logical_Router_Port that the - * Logical_Switch_Port is connected to, as - * 'peer'. */ - const char *peer_name = smap_get( - &vp->od->router_ports[j]->nbsp->options, - "router-port"); - if (!peer_name) { - continue; - } - - struct ovn_port *peer = - ovn_port_find(ports, peer_name); - if (!peer || !peer->nbrp) { - continue; - } - - if (!find_lrp_member_ip(peer, vip)) { - continue; - } - ds_clear(&match); - ds_put_format(&match, "outport == %s && " - REG_NEXT_HOP_IPV4 " == %s", - peer->json_key, vip); - - ds_clear(&actions); - ds_put_format(&actions, "eth.dst = %s; next;", ea_s); - ovn_lflow_add_with_hint(lflows, peer->od, - S_ROUTER_IN_ARP_RESOLVE, 100, - ds_cstr(&match), - ds_cstr(&actions), - &op->nbsp->header_); - found_vip_network = true; - break; - } + ds_clear(&match); + ds_put_format(&match, "outport == %s && " + REG_NEXT_HOP_IPV6 " == %s", + peer->json_key, ip_s); - if (found_vip_network) { - break; - } + ds_clear(&actions); + ds_put_format(&actions, "eth.dst = %s; next;", ea_s); + ovn_lflow_add_with_hint(lflows, peer->od, + S_ROUTER_IN_ARP_RESOLVE, 100, + ds_cstr(&match), + ds_cstr(&actions), + &op->nbsp->header_); } } - } else if (!strcmp(op->nbsp->type, "router")) { - /* This is a logical switch port that connects to a router. */ - - /* The peer of this switch port is the router port for which - * we need to add logical flows such that it can resolve - * ARP entries for all the other router ports connected to - * the switch in question. */ - - const char *peer_name = smap_get(&op->nbsp->options, - "router-port"); - if (!peer_name) { - continue; - } + } + } else if (op->od->n_router_ports && strcmp(op->nbsp->type, "router") + && !strcmp(op->nbsp->type, "virtual")) { + /* This is a virtual port. Add ARP replies for the virtual ip with + * the mac of the present active virtual parent. + * If the logical port doesn't have virtual parent set in + * Port_Binding table, then add the flow to set eth.dst to + * 00:00:00:00:00:00 and advance to next table so that ARP is + * resolved by router pipeline using the arp{} action. + * The MAC_Binding entry for the virtual ip might be invalid. */ + ovs_be32 ip; - struct ovn_port *peer = ovn_port_find(ports, peer_name); - if (!peer || !peer->nbrp) { - continue; - } + const char *vip = smap_get(&op->nbsp->options, + "virtual-ip"); + const char *virtual_parents = smap_get(&op->nbsp->options, + "virtual-parents"); + if (!vip || !virtual_parents || + !ip_parse(vip, &ip) || !op->sb) { + ds_destroy(&match); + ds_destroy(&actions); + return; + } + if (!op->sb->virtual_parent || !op->sb->virtual_parent[0] || + !op->sb->chassis) { + /* The virtual port is not claimed yet. */ for (size_t i = 0; i < op->od->n_router_ports; i++) { - const char *router_port_name = smap_get( - &op->od->router_ports[i]->nbsp->options, - "router-port"); - struct ovn_port *router_port = ovn_port_find(ports, - router_port_name); - if (!router_port || !router_port->nbrp) { + const char *peer_name = smap_get( + &op->od->router_ports[i]->nbsp->options, + "router-port"); + if (!peer_name) { continue; } - /* Skip the router port under consideration. */ - if (router_port == peer) { - continue; + struct ovn_port *peer = ovn_port_find(ports, peer_name); + if (!peer || !peer->nbrp) { + continue; } - if (router_port->lrp_networks.n_ipv4_addrs) { + if (find_lrp_member_ip(peer, vip)) { ds_clear(&match); ds_put_format(&match, "outport == %s && " - REG_NEXT_HOP_IPV4 " == ", - peer->json_key); - op_put_v4_networks(&match, router_port, false); + REG_NEXT_HOP_IPV4 " == %s", + peer->json_key, vip); ds_clear(&actions); - ds_put_format(&actions, "eth.dst = %s; next;", - router_port->lrp_networks.ea_s); + ds_put_format(&actions, + "eth.dst = 00:00:00:00:00:00; next;"); ovn_lflow_add_with_hint(lflows, peer->od, S_ROUTER_IN_ARP_RESOLVE, 100, - ds_cstr(&match), ds_cstr(&actions), + ds_cstr(&match), + ds_cstr(&actions), &op->nbsp->header_); + break; } + } + } else { + struct ovn_port *vp = + ovn_port_find(ports, op->sb->virtual_parent); + if (!vp || !vp->nbsp) { + ds_destroy(&match); + ds_destroy(&actions); + return; + } + + for (size_t i = 0; i < vp->n_lsp_addrs; i++) { + bool found_vip_network = false; + const char *ea_s = vp->lsp_addrs[i].ea_s; + for (size_t j = 0; j < vp->od->n_router_ports; j++) { + /* Get the Logical_Router_Port that the + * Logical_Switch_Port is connected to, as + * 'peer'. */ + const char *peer_name = smap_get( + &vp->od->router_ports[j]->nbsp->options, + "router-port"); + if (!peer_name) { + continue; + } + + struct ovn_port *peer = + ovn_port_find(ports, peer_name); + if (!peer || !peer->nbrp) { + continue; + } + + if (!find_lrp_member_ip(peer, vip)) { + continue; + } - if (router_port->lrp_networks.n_ipv6_addrs) { ds_clear(&match); ds_put_format(&match, "outport == %s && " - REG_NEXT_HOP_IPV6 " == ", - peer->json_key); - op_put_v6_networks(&match, router_port); + REG_NEXT_HOP_IPV4 " == %s", + peer->json_key, vip); ds_clear(&actions); - ds_put_format(&actions, "eth.dst = %s; next;", - router_port->lrp_networks.ea_s); + ds_put_format(&actions, "eth.dst = %s; next;", ea_s); ovn_lflow_add_with_hint(lflows, peer->od, S_ROUTER_IN_ARP_RESOLVE, 100, - ds_cstr(&match), ds_cstr(&actions), + ds_cstr(&match), + ds_cstr(&actions), &op->nbsp->header_); + found_vip_network = true; + break; + } + + if (found_vip_network) { + break; } } } - } + } else if (!strcmp(op->nbsp->type, "router")) { + /* This is a logical switch port that connects to a router. */ - HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbr) { - continue; + /* The peer of this switch port is the router port for which + * we need to add logical flows such that it can resolve + * ARP entries for all the other router ports connected to + * the switch in question. */ + + const char *peer_name = smap_get(&op->nbsp->options, + "router-port"); + if (!peer_name) { + ds_destroy(&match); + ds_destroy(&actions); + return; + } + + struct ovn_port *peer = ovn_port_find(ports, peer_name); + if (!peer || !peer->nbrp) { + ds_destroy(&match); + ds_destroy(&actions); + return; + } + + for (size_t i = 0; i < op->od->n_router_ports; i++) { + const char *router_port_name = smap_get( + &op->od->router_ports[i]->nbsp->options, + "router-port"); + struct ovn_port *router_port = ovn_port_find(ports, + router_port_name); + if (!router_port || !router_port->nbrp) { + continue; + } + + /* Skip the router port under consideration. */ + if (router_port == peer) { + continue; + } + + if (router_port->lrp_networks.n_ipv4_addrs) { + ds_clear(&match); + ds_put_format(&match, "outport == %s && " + REG_NEXT_HOP_IPV4 " == ", + peer->json_key); + op_put_v4_networks(&match, router_port, false); + + ds_clear(&actions); + ds_put_format(&actions, "eth.dst = %s; next;", + router_port->lrp_networks.ea_s); + ovn_lflow_add_with_hint(lflows, peer->od, + S_ROUTER_IN_ARP_RESOLVE, 100, + ds_cstr(&match), ds_cstr(&actions), + &op->nbsp->header_); + } + + if (router_port->lrp_networks.n_ipv6_addrs) { + ds_clear(&match); + ds_put_format(&match, "outport == %s && " + REG_NEXT_HOP_IPV6 " == ", + peer->json_key); + op_put_v6_networks(&match, router_port); + + ds_clear(&actions); + ds_put_format(&actions, "eth.dst = %s; next;", + router_port->lrp_networks.ea_s); + ovn_lflow_add_with_hint(lflows, peer->od, + S_ROUTER_IN_ARP_RESOLVE, 100, + ds_cstr(&match), ds_cstr(&actions), + &op->nbsp->header_); + } } + } + ds_destroy(&match); + ds_destroy(&actions); +} +static void +build_lrouter_flows_step_130_od( + struct ovn_datapath *od, struct hmap *lflows) +{ + if (od->nbr) { ovn_lflow_add(lflows, od, S_ROUTER_IN_ARP_RESOLVE, 0, "ip4", "get_arp(outport, " REG_NEXT_HOP_IPV4 "); next;"); ovn_lflow_add(lflows, od, S_ROUTER_IN_ARP_RESOLVE, 0, "ip6", "get_nd(outport, " REG_NEXT_HOP_IPV6 "); next;"); } +} + +static void +build_lrouter_flows_step_140_od( + struct ovn_datapath *od, struct hmap *lflows, struct hmap *ports) +{ + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; /* Local router ingress table CHK_PKT_LEN: Check packet length. * @@ -10393,10 +10343,8 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, * generate ICMPv4 packet with type 3 (Destination Unreachable) and * code 4 (Fragmentation needed). * */ - HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbr) { - continue; - } + + if (od->nbr) { /* Packets are allowed by default. */ ovn_lflow_add(lflows, od, S_ROUTER_IN_CHK_PKT_LEN, 0, "1", @@ -10412,7 +10360,9 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, } /* Add the flows only if gateway_mtu is configured. */ if (gw_mtu <= 0) { - continue; + ds_destroy(&match); + ds_destroy(&actions); + return; } ds_clear(&match); @@ -10491,6 +10441,98 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, } } } + ds_destroy(&match); + ds_destroy(&actions); +} + +static void +build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, + struct hmap *lflows, struct shash *meter_groups, + struct hmap *lbs) +{ + /* This flow table structure is documented in ovn-northd(8), so please + * update ovn-northd.8.xml if you change anything. */ + + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; + + struct ovn_datapath *od; + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_step_0_od(od, lflows); + } + + struct ovn_port *op; + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_0_op(op, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_step_10_od(od, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_10_op(op, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_step_20_od(od, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_20_op(op, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_30_op(op, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_40_op(op, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_step_50_od(od, lflows, lbs, meter_groups); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_50_op(op, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_step_60_od(od, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_70_op(op, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_step_80_od(od, lflows, ports); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_step_90_od(od, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_step_100_od(od, lflows, ports); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_step_110_od(od, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lrouter_flows_step_120_op(op, lflows, ports); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_step_130_od(od, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lrouter_flows_step_140_od(od, lflows, ports); + } /* Logical router ingress table GW_REDIRECT: Gateway redirect. * From patchwork Thu Jul 16 13:19:08 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330296 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6wRq3rZcz9sTR for ; Thu, 16 Jul 2020 23:42:47 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id EA09988AF6; Thu, 16 Jul 2020 13:42:45 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xwLFQo_XMVXl; Thu, 16 Jul 2020 13:42:43 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by fraxinus.osuosl.org (Postfix) with ESMTP id C6EDB88C8B; Thu, 16 Jul 2020 13:42:35 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 9F750C0733; Thu, 16 Jul 2020 13:42:35 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 12767C0893 for ; Thu, 16 Jul 2020 13:42:35 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id 0A6592717F for ; Thu, 16 Jul 2020 13:42:35 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lcXWjynngBE7 for ; Thu, 16 Jul 2020 13:42:25 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by silver.osuosl.org (Postfix) with ESMTPS id 7C67324723 for ; Thu, 16 Jul 2020 13:41:24 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw48Z-0002D0-1w for dev@openvswitch.org; Thu, 16 Jul 2020 13:41:23 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3ng-0001Hz-7b; Thu, 16 Jul 2020 14:19:50 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:08 +0100 Message-Id: <20200716131927.3943-11-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 10/29] Move GW redirect rules to a new function X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 80 ++++++++++++++++++++++++++------------------- 1 file changed, 46 insertions(+), 34 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 0b4926a75..81a6407a9 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -10445,6 +10445,51 @@ build_lrouter_flows_step_140_od( ds_destroy(&actions); } +static void +build_lrouter_flows_step_150_od( + struct ovn_datapath *od, struct hmap *lflows) +{ + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; + + /* Logical router ingress table GW_REDIRECT: Gateway redirect. + * + * For traffic with outport equal to the l3dgw_port + * on a distributed router, this table redirects a subset + * of the traffic to the l3redirect_port which represents + * the central instance of the l3dgw_port. + */ + if (od->nbr) { + if (od->l3dgw_port && od->l3redirect_port) { + const struct ovsdb_idl_row *stage_hint = NULL; + + if (od->l3dgw_port->nbrp) { + stage_hint = &od->l3dgw_port->nbrp->header_; + } + + /* For traffic with outport == l3dgw_port, if the + * packet did not match any higher priority redirect + * rule, then the traffic is redirected to the central + * instance of the l3dgw_port. */ + ds_clear(&match); + ds_put_format(&match, "outport == %s", + od->l3dgw_port->json_key); + ds_clear(&actions); + ds_put_format(&actions, "outport = %s; next;", + od->l3redirect_port->json_key); + ovn_lflow_add_with_hint(lflows, od, S_ROUTER_IN_GW_REDIRECT, 50, + ds_cstr(&match), ds_cstr(&actions), + stage_hint); + } + + /* Packets are allowed by default. */ + ovn_lflow_add(lflows, od, S_ROUTER_IN_GW_REDIRECT, 0, "1", "next;"); + } + + ds_destroy(&match); + ds_destroy(&actions); +} + static void build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, struct hmap *lflows, struct shash *meter_groups, @@ -10534,41 +10579,8 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, build_lrouter_flows_step_140_od(od, lflows, ports); } - /* Logical router ingress table GW_REDIRECT: Gateway redirect. - * - * For traffic with outport equal to the l3dgw_port - * on a distributed router, this table redirects a subset - * of the traffic to the l3redirect_port which represents - * the central instance of the l3dgw_port. - */ HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbr) { - continue; - } - if (od->l3dgw_port && od->l3redirect_port) { - const struct ovsdb_idl_row *stage_hint = NULL; - - if (od->l3dgw_port->nbrp) { - stage_hint = &od->l3dgw_port->nbrp->header_; - } - - /* For traffic with outport == l3dgw_port, if the - * packet did not match any higher priority redirect - * rule, then the traffic is redirected to the central - * instance of the l3dgw_port. */ - ds_clear(&match); - ds_put_format(&match, "outport == %s", - od->l3dgw_port->json_key); - ds_clear(&actions); - ds_put_format(&actions, "outport = %s; next;", - od->l3redirect_port->json_key); - ovn_lflow_add_with_hint(lflows, od, S_ROUTER_IN_GW_REDIRECT, 50, - ds_cstr(&match), ds_cstr(&actions), - stage_hint); - } - - /* Packets are allowed by default. */ - ovn_lflow_add(lflows, od, S_ROUTER_IN_GW_REDIRECT, 0, "1", "next;"); + build_lrouter_flows_step_150_od(od, lflows); } /* Local router ingress table ARP_REQUEST: ARP request. From patchwork Thu Jul 16 13:19:09 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330289 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6wQm5Zrqz9sDX for ; Thu, 16 Jul 2020 23:41:52 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 45F05891E5; Thu, 16 Jul 2020 13:41:51 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rewJAVlxObXf; Thu, 16 Jul 2020 13:41:49 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by fraxinus.osuosl.org (Postfix) with ESMTP id 794E8891F2; Thu, 16 Jul 2020 13:41:37 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 43781C18DA; Thu, 16 Jul 2020 13:41:37 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 2CD9AC0733 for ; Thu, 16 Jul 2020 13:41:35 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id 13D792C34F for ; Thu, 16 Jul 2020 13:41:35 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eHvUCxmNhKzr for ; Thu, 16 Jul 2020 13:41:26 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by silver.osuosl.org (Postfix) with ESMTPS id A0D5D259C9 for ; Thu, 16 Jul 2020 13:41:11 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw48M-0002CL-4e for dev@openvswitch.org; Thu, 16 Jul 2020 13:41:10 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3ni-0001Hz-1C; Thu, 16 Jul 2020 14:19:51 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:09 +0100 Message-Id: <20200716131927.3943-12-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 11/29] Move ARP request to a separate rule function X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 139 ++++++++++++++++++++++++-------------------- 1 file changed, 75 insertions(+), 64 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 81a6407a9..6b7a57c41 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -10490,6 +10490,80 @@ build_lrouter_flows_step_150_od( ds_destroy(&actions); } +static void +build_lrouter_flows_step_160_od( + struct ovn_datapath *od, struct hmap *lflows) +{ + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; + + /* Local router ingress table ARP_REQUEST: ARP request. + * + * In the common case where the Ethernet destination has been resolved, + * this table outputs the packet (priority 0). Otherwise, it composes + * and sends an ARP/IPv6 NA request (priority 100). */ + + if (od->nbr) { + for (int i = 0; i < od->nbr->n_static_routes; i++) { + const struct nbrec_logical_router_static_route *route; + + route = od->nbr->static_routes[i]; + struct in6_addr gw_ip6; + unsigned int plen; + char *error = ipv6_parse_cidr(route->nexthop, &gw_ip6, &plen); + if (error || plen != 128) { + free(error); + continue; + } + + ds_clear(&match); + ds_put_format(&match, "eth.dst == 00:00:00:00:00:00 && " + "ip6 && " REG_NEXT_HOP_IPV6 " == %s", + route->nexthop); + struct in6_addr sn_addr; + struct eth_addr eth_dst; + in6_addr_solicited_node(&sn_addr, &gw_ip6); + ipv6_multicast_to_ethernet(ð_dst, &sn_addr); + + char sn_addr_s[INET6_ADDRSTRLEN + 1]; + ipv6_string_mapped(sn_addr_s, &sn_addr); + + ds_clear(&actions); + ds_put_format(&actions, + "nd_ns { " + "eth.dst = "ETH_ADDR_FMT"; " + "ip6.dst = %s; " + "nd.target = %s; " + "output; " + "};", ETH_ADDR_ARGS(eth_dst), sn_addr_s, + route->nexthop); + + ovn_lflow_add_with_hint(lflows, od, S_ROUTER_IN_ARP_REQUEST, 200, + ds_cstr(&match), ds_cstr(&actions), + &route->header_); + } + + ovn_lflow_add(lflows, od, S_ROUTER_IN_ARP_REQUEST, 100, + "eth.dst == 00:00:00:00:00:00 && ip4", + "arp { " + "eth.dst = ff:ff:ff:ff:ff:ff; " + "arp.spa = " REG_SRC_IPV4 "; " + "arp.tpa = " REG_NEXT_HOP_IPV4 "; " + "arp.op = 1; " /* ARP request */ + "output; " + "};"); + ovn_lflow_add(lflows, od, S_ROUTER_IN_ARP_REQUEST, 100, + "eth.dst == 00:00:00:00:00:00 && ip6", + "nd_ns { " + "nd.target = " REG_NEXT_HOP_IPV6 "; " + "output; " + "};"); + ovn_lflow_add(lflows, od, S_ROUTER_IN_ARP_REQUEST, 0, "1", "output;"); + } + + ds_destroy(&match); + ds_destroy(&actions); +} static void build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, struct hmap *lflows, struct shash *meter_groups, @@ -10583,71 +10657,8 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, build_lrouter_flows_step_150_od(od, lflows); } - /* Local router ingress table ARP_REQUEST: ARP request. - * - * In the common case where the Ethernet destination has been resolved, - * this table outputs the packet (priority 0). Otherwise, it composes - * and sends an ARP/IPv6 NA request (priority 100). */ HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbr) { - continue; - } - - for (int i = 0; i < od->nbr->n_static_routes; i++) { - const struct nbrec_logical_router_static_route *route; - - route = od->nbr->static_routes[i]; - struct in6_addr gw_ip6; - unsigned int plen; - char *error = ipv6_parse_cidr(route->nexthop, &gw_ip6, &plen); - if (error || plen != 128) { - free(error); - continue; - } - - ds_clear(&match); - ds_put_format(&match, "eth.dst == 00:00:00:00:00:00 && " - "ip6 && " REG_NEXT_HOP_IPV6 " == %s", - route->nexthop); - struct in6_addr sn_addr; - struct eth_addr eth_dst; - in6_addr_solicited_node(&sn_addr, &gw_ip6); - ipv6_multicast_to_ethernet(ð_dst, &sn_addr); - - char sn_addr_s[INET6_ADDRSTRLEN + 1]; - ipv6_string_mapped(sn_addr_s, &sn_addr); - - ds_clear(&actions); - ds_put_format(&actions, - "nd_ns { " - "eth.dst = "ETH_ADDR_FMT"; " - "ip6.dst = %s; " - "nd.target = %s; " - "output; " - "};", ETH_ADDR_ARGS(eth_dst), sn_addr_s, - route->nexthop); - - ovn_lflow_add_with_hint(lflows, od, S_ROUTER_IN_ARP_REQUEST, 200, - ds_cstr(&match), ds_cstr(&actions), - &route->header_); - } - - ovn_lflow_add(lflows, od, S_ROUTER_IN_ARP_REQUEST, 100, - "eth.dst == 00:00:00:00:00:00 && ip4", - "arp { " - "eth.dst = ff:ff:ff:ff:ff:ff; " - "arp.spa = " REG_SRC_IPV4 "; " - "arp.tpa = " REG_NEXT_HOP_IPV4 "; " - "arp.op = 1; " /* ARP request */ - "output; " - "};"); - ovn_lflow_add(lflows, od, S_ROUTER_IN_ARP_REQUEST, 100, - "eth.dst == 00:00:00:00:00:00 && ip6", - "nd_ns { " - "nd.target = " REG_NEXT_HOP_IPV6 "; " - "output; " - "};"); - ovn_lflow_add(lflows, od, S_ROUTER_IN_ARP_REQUEST, 0, "1", "output;"); + build_lrouter_flows_step_160_od(od, lflows); } /* Logical router egress table DELIVERY: Delivery (priority 100-110). From patchwork Thu Jul 16 13:19:10 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330278 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.138; helo=whitealder.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6wQ768Dwz9sDX for ; Thu, 16 Jul 2020 23:41:19 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 5CB608B149; Thu, 16 Jul 2020 13:41:18 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Tc9SqnrRJq1s; Thu, 16 Jul 2020 13:41:15 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by whitealder.osuosl.org (Postfix) with ESMTP id 10BEA8B10C; Thu, 16 Jul 2020 13:41:15 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id D725FC08A9; Thu, 16 Jul 2020 13:41:14 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by lists.linuxfoundation.org (Postfix) with ESMTP id 593E9C08A9 for ; Thu, 16 Jul 2020 13:41:13 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 482C28B0E7 for ; Thu, 16 Jul 2020 13:41:13 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UgtD-GfNYhHx for ; Thu, 16 Jul 2020 13:41:10 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by whitealder.osuosl.org (Postfix) with ESMTPS id 5B3A18B147 for ; Thu, 16 Jul 2020 13:41:10 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw48K-0002CH-TJ for dev@openvswitch.org; Thu, 16 Jul 2020 13:41:09 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3nj-0001Hz-Q2; Thu, 16 Jul 2020 14:19:53 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:10 +0100 Message-Id: <20200716131927.3943-13-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 12/29] Move egress to a separate rule and finalize X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov 1. Move egress to a separate rule function 2. Clean-up build_lrouter_flows from variables which are not used Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 107 ++++++++++++++++++++++++-------------------- 1 file changed, 58 insertions(+), 49 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 6b7a57c41..69972d55e 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -10564,6 +10564,63 @@ build_lrouter_flows_step_160_od( ds_destroy(&match); ds_destroy(&actions); } + +static void +build_lrouter_flows_step_170_op( + struct ovn_port *op, struct hmap *lflows) +{ + /* Logical router egress table DELIVERY: Delivery (priority 100-110). + * + * Priority 100 rules deliver packets to enabled logical ports. + * Priority 110 rules match multicast packets and update the source + * mac before delivering to enabled logical ports. IP multicast traffic + * bypasses S_ROUTER_IN_IP_ROUTING route lookups. + */ + + if (!op->nbrp) { + return; + } + + if (!lrport_is_enabled(op->nbrp)) { + /* Drop packets to disabled logical ports (since logical flow + * tables are default-drop). */ + return; + } + + if (op->derived) { + /* No egress packets should be processed in the context of + * a chassisredirect port. The chassisredirect port should + * be replaced by the l3dgw port in the local output + * pipeline stage before egress processing. */ + return; + } + + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; + + /* If multicast relay is enabled then also adjust source mac for IP + * multicast traffic. + */ + if (op->od->mcast_info.rtr.relay) { + ds_clear(&match); + ds_clear(&actions); + ds_put_format(&match, "(ip4.mcast || ip6.mcast) && outport == %s", + op->json_key); + ds_put_format(&actions, "eth.src = %s; output;", + op->lrp_networks.ea_s); + ovn_lflow_add(lflows, op->od, S_ROUTER_OUT_DELIVERY, 110, + ds_cstr(&match), ds_cstr(&actions)); + } + + ds_clear(&match); + ds_put_format(&match, "outport == %s", op->json_key); + ovn_lflow_add(lflows, op->od, S_ROUTER_OUT_DELIVERY, 100, + ds_cstr(&match), "output;"); + + ds_destroy(&match); + ds_destroy(&actions); +} + static void build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, struct hmap *lflows, struct shash *meter_groups, @@ -10572,9 +10629,6 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, /* This flow table structure is documented in ovn-northd(8), so please * update ovn-northd.8.xml if you change anything. */ - struct ds match = DS_EMPTY_INITIALIZER; - struct ds actions = DS_EMPTY_INITIALIZER; - struct ovn_datapath *od; HMAP_FOR_EACH (od, key_node, datapaths) { build_lrouter_flows_step_0_od(od, lflows); @@ -10661,54 +10715,9 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, build_lrouter_flows_step_160_od(od, lflows); } - /* Logical router egress table DELIVERY: Delivery (priority 100-110). - * - * Priority 100 rules deliver packets to enabled logical ports. - * Priority 110 rules match multicast packets and update the source - * mac before delivering to enabled logical ports. IP multicast traffic - * bypasses S_ROUTER_IN_IP_ROUTING route lookups. - */ HMAP_FOR_EACH (op, key_node, ports) { - if (!op->nbrp) { - continue; - } - - if (!lrport_is_enabled(op->nbrp)) { - /* Drop packets to disabled logical ports (since logical flow - * tables are default-drop). */ - continue; - } - - if (op->derived) { - /* No egress packets should be processed in the context of - * a chassisredirect port. The chassisredirect port should - * be replaced by the l3dgw port in the local output - * pipeline stage before egress processing. */ - continue; - } - - /* If multicast relay is enabled then also adjust source mac for IP - * multicast traffic. - */ - if (op->od->mcast_info.rtr.relay) { - ds_clear(&match); - ds_clear(&actions); - ds_put_format(&match, "(ip4.mcast || ip6.mcast) && outport == %s", - op->json_key); - ds_put_format(&actions, "eth.src = %s; output;", - op->lrp_networks.ea_s); - ovn_lflow_add(lflows, op->od, S_ROUTER_OUT_DELIVERY, 110, - ds_cstr(&match), ds_cstr(&actions)); - } - - ds_clear(&match); - ds_put_format(&match, "outport == %s", op->json_key); - ovn_lflow_add(lflows, op->od, S_ROUTER_OUT_DELIVERY, 100, - ds_cstr(&match), "output;"); + build_lrouter_flows_step_170_op(op, lflows); } - - ds_destroy(&match); - ds_destroy(&actions); } /* Updates the Logical_Flow and Multicast_Group tables in the OVN_SB database, From patchwork Thu Jul 16 13:19:11 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330276 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.138; helo=whitealder.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6wPv0JqSz9sDX for ; Thu, 16 Jul 2020 23:41:07 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 4FD118B0F4; Thu, 16 Jul 2020 13:41:05 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kL2C861xCe7s; Thu, 16 Jul 2020 13:41:04 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by whitealder.osuosl.org (Postfix) with ESMTP id 541D8898B9; Thu, 16 Jul 2020 13:41:04 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 39862C0893; Thu, 16 Jul 2020 13:41:04 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by lists.linuxfoundation.org (Postfix) with ESMTP id 80264C0733 for ; Thu, 16 Jul 2020 13:41:03 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 706A98B0BB for ; Thu, 16 Jul 2020 13:41:03 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uDoeAwX3JFwb for ; Thu, 16 Jul 2020 13:41:02 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by whitealder.osuosl.org (Postfix) with ESMTPS id C8D3D898B9 for ; Thu, 16 Jul 2020 13:41:02 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw48D-0002Br-DS for dev@openvswitch.org; Thu, 16 Jul 2020 13:41:01 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3nl-0001Hz-Hx; Thu, 16 Jul 2020 14:19:55 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:11 +0100 Message-Id: <20200716131927.3943-14-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 13/29] Pull tables 3-10 ingress and 0-7 egress into a separate function X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 34 +++++++++++++++++++++------------- 1 file changed, 21 insertions(+), 13 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 69972d55e..750a2a2b7 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -6451,6 +6451,25 @@ build_drop_arp_nd_flows_for_unbound_router_ports(struct ovn_port *op, ds_destroy(&match); } +static void +build_lswitch_flows_step_0_od( + struct ovn_datapath *od, struct hmap *lflows, + struct shash *meter_groups, struct hmap *lbs, + struct hmap *port_groups) +{ + /* Build pre-ACL and ACL tables for both ingress and egress. + * Ingress tables 3 through 10. Egress tables 0 through 7. */ + if (od->nbs) { + build_pre_acls(od, lflows); + build_pre_lb(od, lflows, meter_groups, lbs); + build_pre_stateful(od, lflows); + build_acls(od, lflows, port_groups); + build_qos(od, lflows); + build_lb(od, lflows); + build_stateful(od, lflows, lbs); + } +} + static void build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, struct hmap *port_groups, struct hmap *lflows, @@ -6464,21 +6483,10 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, struct ds match = DS_EMPTY_INITIALIZER; struct ds actions = DS_EMPTY_INITIALIZER; - /* Build pre-ACL and ACL tables for both ingress and egress. - * Ingress tables 3 through 10. Egress tables 0 through 7. */ struct ovn_datapath *od; HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbs) { - continue; - } - - build_pre_acls(od, lflows); - build_pre_lb(od, lflows, meter_groups, lbs); - build_pre_stateful(od, lflows); - build_acls(od, lflows, port_groups); - build_qos(od, lflows); - build_lb(od, lflows); - build_stateful(od, lflows, lbs); + build_lswitch_flows_step_0_od( + od, lflows, meter_groups, lbs, port_groups); } /* Build logical flows for the forwarding groups */ From patchwork Thu Jul 16 13:19:12 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330281 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.136; helo=silver.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6wQF12dYz9sDX for ; Thu, 16 Jul 2020 23:41:25 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id 42FF726FDE; Thu, 16 Jul 2020 13:41:23 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FdO7bGePpuLF; Thu, 16 Jul 2020 13:41:11 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by silver.osuosl.org (Postfix) with ESMTP id 3ABF2234BD; Thu, 16 Jul 2020 13:41:08 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 1E69EC0733; Thu, 16 Jul 2020 13:41:08 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 9FABDC0893 for ; Thu, 16 Jul 2020 13:41:04 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 7B0EE8A68C for ; Thu, 16 Jul 2020 13:41:04 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V7JY4uowjMwA for ; Thu, 16 Jul 2020 13:41:04 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by hemlock.osuosl.org (Postfix) with ESMTPS id E84328A694 for ; Thu, 16 Jul 2020 13:41:03 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw48E-0002Bv-IF for dev@openvswitch.org; Thu, 16 Jul 2020 13:41:02 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3nn-0001Hz-7F; Thu, 16 Jul 2020 14:19:56 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:12 +0100 Message-Id: <20200716131927.3943-15-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 14/29] Pull forwarding groups and admission control to separate functions X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 54 +++++++++++++++++++++++++++------------------ 1 file changed, 32 insertions(+), 22 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 750a2a2b7..d00fef94d 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -6470,6 +6470,36 @@ build_lswitch_flows_step_0_od( } } +static void +build_lswitch_flows_step_10_od(struct ovn_datapath *od, struct hmap *lflows) +{ + /* Build logical flows for the forwarding groups */ + if (!od->nbs || !od->nbs->n_forwarding_groups) { + return; + } + build_fwd_group_lflows(od, lflows); +} + +static void +build_lswitch_flows_step_20_od(struct ovn_datapath *od, struct hmap *lflows) +{ + + /* Logical switch ingress table 0: Admission control framework (priority + * 100). */ + if (od->nbs) { + /* Logical VLANs not supported. */ + ovn_lflow_add(lflows, od, S_SWITCH_IN_PORT_SEC_L2, 100, "vlan.present", + "drop;"); + + /* Broadcast/multicast source address is invalid. */ + ovn_lflow_add(lflows, od, S_SWITCH_IN_PORT_SEC_L2, 100, "eth.src[40]", + "drop;"); + + /* Port security flows have priority 50 (see below) and will continue + * to the next table if packet source is acceptable. */ + } +} + static void build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, struct hmap *port_groups, struct hmap *lflows, @@ -6489,32 +6519,12 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, od, lflows, meter_groups, lbs, port_groups); } - /* Build logical flows for the forwarding groups */ HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbs || !od->nbs->n_forwarding_groups) { - continue; - } - - build_fwd_group_lflows(od, lflows); + build_lswitch_flows_step_10_od(od, lflows); } - /* Logical switch ingress table 0: Admission control framework (priority - * 100). */ HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbs) { - continue; - } - - /* Logical VLANs not supported. */ - ovn_lflow_add(lflows, od, S_SWITCH_IN_PORT_SEC_L2, 100, "vlan.present", - "drop;"); - - /* Broadcast/multicast source address is invalid. */ - ovn_lflow_add(lflows, od, S_SWITCH_IN_PORT_SEC_L2, 100, "eth.src[40]", - "drop;"); - - /* Port security flows have priority 50 (see below) and will continue - * to the next table if packet source is acceptable. */ + build_lswitch_flows_step_20_od(od, lflows); } build_lswitch_input_port_sec(ports, datapaths, lflows); From patchwork Thu Jul 16 13:19:13 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330294 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.133; helo=hemlock.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6wRK242Zz9sDX for ; Thu, 16 Jul 2020 23:42:21 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 9920388705; Thu, 16 Jul 2020 13:42:19 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jxMH7f4cDrW4; Thu, 16 Jul 2020 13:42:17 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by hemlock.osuosl.org (Postfix) with ESMTP id 3F24888916; Thu, 16 Jul 2020 13:42:12 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 0002AC1798; Thu, 16 Jul 2020 13:42:11 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 4D0D1C0893 for ; Thu, 16 Jul 2020 13:42:10 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id 30E40236B5 for ; Thu, 16 Jul 2020 13:42:10 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nysa66oHD-KA for ; Thu, 16 Jul 2020 13:42:03 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by silver.osuosl.org (Postfix) with ESMTPS id C932226C6E for ; Thu, 16 Jul 2020 13:41:20 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw48V-0002Co-AY for dev@openvswitch.org; Thu, 16 Jul 2020 13:41:19 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3no-0001Hz-Ug; Thu, 16 Jul 2020 14:19:58 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:13 +0100 Message-Id: <20200716131927.3943-16-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 15/29] Split port security into two separate functions X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 106 +++++++++++++++++++++++++------------------- 1 file changed, 61 insertions(+), 45 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index d00fef94d..878cfb493 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -4713,7 +4713,7 @@ has_stateful_acl(struct ovn_datapath *od) } static void -build_lswitch_input_port_sec(struct hmap *ports, struct hmap *datapaths, +build_lswitch_input_port_sec_op(struct ovn_port *op, struct hmap *lflows) { /* Logical switch ingress table 0: Ingress port security - L2 @@ -4721,61 +4721,58 @@ build_lswitch_input_port_sec(struct hmap *ports, struct hmap *datapaths, * Ingress table 1: Ingress port security - IP (priority 90 and 80) * Ingress table 2: Ingress port security - ND (priority 90 and 80) */ - struct ds actions = DS_EMPTY_INITIALIZER; - struct ds match = DS_EMPTY_INITIALIZER; - struct ovn_port *op; - HMAP_FOR_EACH (op, key_node, ports) { - if (!op->nbsp) { - continue; - } + if (!op->nbsp) { + return; + } - if (!lsp_is_enabled(op->nbsp)) { - /* Drop packets from disabled logical ports (since logical flow - * tables are default-drop). */ - continue; - } + if (!lsp_is_enabled(op->nbsp)) { + /* Drop packets from disabled logical ports (since logical flow + * tables are default-drop). */ + return; + } - if (lsp_is_external(op->nbsp)) { - continue; - } + if (lsp_is_external(op->nbsp)) { + return; + } - ds_clear(&match); - ds_clear(&actions); - ds_put_format(&match, "inport == %s", op->json_key); - build_port_security_l2("eth.src", op->ps_addrs, op->n_ps_addrs, - &match); + struct ds actions = DS_EMPTY_INITIALIZER; + struct ds match = DS_EMPTY_INITIALIZER; - const char *queue_id = smap_get(&op->sb->options, "qdisc_queue_id"); - if (queue_id) { - ds_put_format(&actions, "set_queue(%s); ", queue_id); - } - ds_put_cstr(&actions, "next;"); - ovn_lflow_add_with_hint(lflows, op->od, S_SWITCH_IN_PORT_SEC_L2, 50, - ds_cstr(&match), ds_cstr(&actions), - &op->nbsp->header_); + ds_put_format(&match, "inport == %s", op->json_key); + build_port_security_l2("eth.src", op->ps_addrs, op->n_ps_addrs, + &match); - if (op->nbsp->n_port_security) { - build_port_security_ip(P_IN, op, lflows, &op->nbsp->header_); - build_port_security_nd(op, lflows, &op->nbsp->header_); - } + const char *queue_id = smap_get(&op->sb->options, "qdisc_queue_id"); + if (queue_id) { + ds_put_format(&actions, "set_queue(%s); ", queue_id); } + ds_put_cstr(&actions, "next;"); + ovn_lflow_add_with_hint(lflows, op->od, S_SWITCH_IN_PORT_SEC_L2, 50, + ds_cstr(&match), ds_cstr(&actions), + &op->nbsp->header_); + if (op->nbsp->n_port_security) { + build_port_security_ip(P_IN, op, lflows, &op->nbsp->header_); + build_port_security_nd(op, lflows, &op->nbsp->header_); + } + ds_destroy(&match); + ds_destroy(&actions); +} + +static void +build_lswitch_input_port_sec_od(struct ovn_datapath *od, + struct hmap *lflows) +{ /* Ingress table 1 and 2: Port security - IP and ND, by default * goto next. (priority 0) */ - struct ovn_datapath *od; - HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbs) { - continue; - } - - ovn_lflow_add(lflows, od, S_SWITCH_IN_PORT_SEC_ND, 0, "1", "next;"); - ovn_lflow_add(lflows, od, S_SWITCH_IN_PORT_SEC_IP, 0, "1", "next;"); + if (!od->nbs) { + return; } - ds_destroy(&match); - ds_destroy(&actions); + ovn_lflow_add(lflows, od, S_SWITCH_IN_PORT_SEC_ND, 0, "1", "next;"); + ovn_lflow_add(lflows, od, S_SWITCH_IN_PORT_SEC_IP, 0, "1", "next;"); } static void @@ -6500,6 +6497,18 @@ build_lswitch_flows_step_20_od(struct ovn_datapath *od, struct hmap *lflows) } } +static void +build_lswitch_flows_step_30_op(struct ovn_port *op, struct hmap *lflows) +{ + build_lswitch_input_port_sec_op(op, lflows); +} + +static void +build_lswitch_flows_step_30_od(struct ovn_datapath *od, struct hmap *lflows) +{ + build_lswitch_input_port_sec_od(od, lflows); +} + static void build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, struct hmap *port_groups, struct hmap *lflows, @@ -6514,6 +6523,8 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, struct ds actions = DS_EMPTY_INITIALIZER; struct ovn_datapath *od; + struct ovn_port *op; + HMAP_FOR_EACH (od, key_node, datapaths) { build_lswitch_flows_step_0_od( od, lflows, meter_groups, lbs, port_groups); @@ -6527,12 +6538,17 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, build_lswitch_flows_step_20_od(od, lflows); } - build_lswitch_input_port_sec(ports, datapaths, lflows); + HMAP_FOR_EACH (op, key_node, ports) { + build_lswitch_flows_step_30_op(op, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lswitch_flows_step_30_od(od, lflows); + } /* Ingress table 13: ARP/ND responder, skip requests coming from localnet * and vtep ports. (priority 100); see ovn-northd.8.xml for the * rationale. */ - struct ovn_port *op; HMAP_FOR_EACH (op, key_node, ports) { if (!op->nbsp) { continue; From patchwork Thu Jul 16 13:19:14 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330286 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.138; helo=whitealder.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6wQf24ZPz9sDX for ; Thu, 16 Jul 2020 23:41:46 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id AC61D8B12F; Thu, 16 Jul 2020 13:41:44 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gQalc9mqczx5; Thu, 16 Jul 2020 13:41:41 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by whitealder.osuosl.org (Postfix) with ESMTP id AF2398B152; Thu, 16 Jul 2020 13:41:28 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 8C06AC18DA; Thu, 16 Jul 2020 13:41:28 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by lists.linuxfoundation.org (Postfix) with ESMTP id A6050C1D9D for ; Thu, 16 Jul 2020 13:41:24 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id 8F62F26FE7 for ; Thu, 16 Jul 2020 13:41:24 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KcH1aT3V-pYx for ; Thu, 16 Jul 2020 13:41:14 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by silver.osuosl.org (Postfix) with ESMTPS id 2C92325048 for ; Thu, 16 Jul 2020 13:41:09 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw48J-0002CD-N7 for dev@openvswitch.org; Thu, 16 Jul 2020 13:41:07 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3nq-0001Hz-N3; Thu, 16 Jul 2020 14:20:00 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:14 +0100 Message-Id: <20200716131927.3943-17-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 16/29] Pull Table 13 Arp/ND responder to a separate function X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 36 +++++++++++++++++++++--------------- 1 file changed, 21 insertions(+), 15 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 878cfb493..13b3793fc 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -6509,6 +6509,26 @@ build_lswitch_flows_step_30_od(struct ovn_datapath *od, struct hmap *lflows) build_lswitch_input_port_sec_od(od, lflows); } +static void +build_lswitch_flows_step_40_op(struct ovn_port *op, struct hmap *lflows) +{ + struct ds match = DS_EMPTY_INITIALIZER; + + /* Ingress table 13: ARP/ND responder, skip requests coming from localnet + * and vtep ports. (priority 100); see ovn-northd.8.xml for the + * rationale. */ + if (op->nbsp) { + if ((!strcmp(op->nbsp->type, "localnet")) || + (!strcmp(op->nbsp->type, "vtep"))) { + ds_put_format(&match, "inport == %s", op->json_key); + ovn_lflow_add_with_hint(lflows, op->od, S_SWITCH_IN_ARP_ND_RSP, + 100, ds_cstr(&match), "next;", + &op->nbsp->header_); + } + } + ds_destroy(&match); +} + static void build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, struct hmap *port_groups, struct hmap *lflows, @@ -6546,22 +6566,8 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, build_lswitch_flows_step_30_od(od, lflows); } - /* Ingress table 13: ARP/ND responder, skip requests coming from localnet - * and vtep ports. (priority 100); see ovn-northd.8.xml for the - * rationale. */ HMAP_FOR_EACH (op, key_node, ports) { - if (!op->nbsp) { - continue; - } - - if ((!strcmp(op->nbsp->type, "localnet")) || - (!strcmp(op->nbsp->type, "vtep"))) { - ds_clear(&match); - ds_put_format(&match, "inport == %s", op->json_key); - ovn_lflow_add_with_hint(lflows, op->od, S_SWITCH_IN_ARP_ND_RSP, - 100, ds_cstr(&match), "next;", - &op->nbsp->header_); - } + build_lswitch_flows_step_40_op(op, lflows); } /* Ingress table 13: ARP/ND responder, reply for known IPs. From patchwork Thu Jul 16 13:19:15 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330295 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.136; helo=silver.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6wRj38Jlz9sTR for ; Thu, 16 Jul 2020 23:42:41 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id E0D16271B3; Thu, 16 Jul 2020 13:42:38 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d84slAfPq-6i; Thu, 16 Jul 2020 13:42:24 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by silver.osuosl.org (Postfix) with ESMTP id 255D8234BD; Thu, 16 Jul 2020 13:41:24 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 02486C0895; Thu, 16 Jul 2020 13:41:24 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by lists.linuxfoundation.org (Postfix) with ESMTP id 55AE2C18D3 for ; Thu, 16 Jul 2020 13:41:23 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 4B6078B0FE for ; Thu, 16 Jul 2020 13:41:23 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rXL2Wkv5NX8b for ; Thu, 16 Jul 2020 13:41:19 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by whitealder.osuosl.org (Postfix) with ESMTPS id 84A068B16D for ; Thu, 16 Jul 2020 13:41:19 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw48T-0002Ck-Vs for dev@openvswitch.org; Thu, 16 Jul 2020 13:41:18 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3ns-0001Hz-DF; Thu, 16 Jul 2020 14:20:02 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:15 +0100 Message-Id: <20200716131927.3943-18-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 17/29] Pull out lswitch ARP/ND respond, known IPs into functions X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 196 +++++++++++++++++++++++++------------------- 1 file changed, 112 insertions(+), 84 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 13b3793fc..2226f5882 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -6530,52 +6530,14 @@ build_lswitch_flows_step_40_op(struct ovn_port *op, struct hmap *lflows) } static void -build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, - struct hmap *port_groups, struct hmap *lflows, - struct hmap *mcgroups, struct hmap *igmp_groups, - struct shash *meter_groups, - struct hmap *lbs) +build_lswitch_flows_step_50_op( + struct ovn_port *op, struct hmap *lflows, struct hmap *ports) { - /* This flow table structure is documented in ovn-northd(8), so please - * update ovn-northd.8.xml if you change anything. */ - - struct ds match = DS_EMPTY_INITIALIZER; - struct ds actions = DS_EMPTY_INITIALIZER; - - struct ovn_datapath *od; - struct ovn_port *op; - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lswitch_flows_step_0_od( - od, lflows, meter_groups, lbs, port_groups); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lswitch_flows_step_10_od(od, lflows); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lswitch_flows_step_20_od(od, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lswitch_flows_step_30_op(op, lflows); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lswitch_flows_step_30_od(od, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lswitch_flows_step_40_op(op, lflows); - } - /* Ingress table 13: ARP/ND responder, reply for known IPs. * (priority 50). */ - HMAP_FOR_EACH (op, key_node, ports) { - if (!op->nbsp) { - continue; - } + if (op->nbsp) { + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; if (!strcmp(op->nbsp->type, "virtual")) { /* Handle @@ -6592,7 +6554,7 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, "virtual-parents"); if (!virtual_ip || !virtual_parents || !ip_parse(virtual_ip, &ip)) { - continue; + return; } char *tokstr = xstrdup(virtual_parents); @@ -6635,11 +6597,11 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, */ if (!lsp_is_up(op->nbsp) && strcmp(op->nbsp->type, "router") && strcmp(op->nbsp->type, "localport")) { - continue; + return; } if (lsp_is_external(op->nbsp) || op->has_unknown) { - continue; + return; } for (size_t i = 0; i < op->n_lsp_addrs; i++) { @@ -6730,58 +6692,124 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, } } } + ds_destroy(&actions); + ds_destroy(&match); } +} +static void +build_lswitch_flows_step_50_od( + struct ovn_datapath *od, struct hmap *lflows) +{ /* Ingress table 13: ARP/ND responder, by default goto next. * (priority 0)*/ - HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbs) { - continue; - } - + if (od->nbs) { ovn_lflow_add(lflows, od, S_SWITCH_IN_ARP_ND_RSP, 0, "1", "next;"); } +} + +static void +build_lswitch_flows_step_50_lb( + struct ovn_lb *lb, struct hmap *lflows) +{ + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; /* Ingress table 13: ARP/ND responder for service monitor source ip. * (priority 110)*/ - struct ovn_lb *lb; - HMAP_FOR_EACH (lb, hmap_node, lbs) { - for (size_t i = 0; i < lb->n_vips; i++) { - if (!lb->vips[i].health_check) { - continue; - } - for (size_t j = 0; j < lb->vips[i].n_backends; j++) { - if (!lb->vips[i].backends[j].op || - !lb->vips[i].backends[j].svc_mon_src_ip) { - continue; - } + for (size_t i = 0; i < lb->n_vips; i++) { + if (!lb->vips[i].health_check) { + continue; + } - ds_clear(&match); - ds_put_format(&match, "arp.tpa == %s && arp.op == 1", - lb->vips[i].backends[j].svc_mon_src_ip); - ds_clear(&actions); - ds_put_format(&actions, - "eth.dst = eth.src; " - "eth.src = %s; " - "arp.op = 2; /* ARP reply */ " - "arp.tha = arp.sha; " - "arp.sha = %s; " - "arp.tpa = arp.spa; " - "arp.spa = %s; " - "outport = inport; " - "flags.loopback = 1; " - "output;", - svc_monitor_mac, svc_monitor_mac, - lb->vips[i].backends[j].svc_mon_src_ip); - ovn_lflow_add_with_hint(lflows, - lb->vips[i].backends[j].op->od, - S_SWITCH_IN_ARP_ND_RSP, 110, - ds_cstr(&match), ds_cstr(&actions), - &lb->nlb->header_); + for (size_t j = 0; j < lb->vips[i].n_backends; j++) { + if (!lb->vips[i].backends[j].op || + !lb->vips[i].backends[j].svc_mon_src_ip) { + continue; } + + ds_clear(&match); + ds_put_format(&match, "arp.tpa == %s && arp.op == 1", + lb->vips[i].backends[j].svc_mon_src_ip); + ds_clear(&actions); + ds_put_format(&actions, + "eth.dst = eth.src; " + "eth.src = %s; " + "arp.op = 2; /* ARP reply */ " + "arp.tha = arp.sha; " + "arp.sha = %s; " + "arp.tpa = arp.spa; " + "arp.spa = %s; " + "outport = inport; " + "flags.loopback = 1; " + "output;", + svc_monitor_mac, svc_monitor_mac, + lb->vips[i].backends[j].svc_mon_src_ip); + ovn_lflow_add_with_hint(lflows, + lb->vips[i].backends[j].op->od, + S_SWITCH_IN_ARP_ND_RSP, 110, + ds_cstr(&match), ds_cstr(&actions), + &lb->nlb->header_); } } + ds_destroy(&match); + ds_destroy(&actions); +} + +static void +build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, + struct hmap *port_groups, struct hmap *lflows, + struct hmap *mcgroups, struct hmap *igmp_groups, + struct shash *meter_groups, + struct hmap *lbs) +{ + /* This flow table structure is documented in ovn-northd(8), so please + * update ovn-northd.8.xml if you change anything. */ + + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; + + struct ovn_datapath *od; + struct ovn_port *op; + struct ovn_lb *lb; + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lswitch_flows_step_0_od( + od, lflows, meter_groups, lbs, port_groups); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lswitch_flows_step_10_od(od, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lswitch_flows_step_20_od(od, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lswitch_flows_step_30_op(op, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lswitch_flows_step_30_od(od, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lswitch_flows_step_40_op(op, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lswitch_flows_step_50_op(op, lflows, ports); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lswitch_flows_step_50_od(od, lflows); + } + + HMAP_FOR_EACH (lb, hmap_node, lbs) { + build_lswitch_flows_step_50_lb(lb, lflows); + } /* Logical switch ingress table 14 and 15: DHCP options and response From patchwork Thu Jul 16 13:19:16 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330290 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.136; helo=silver.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6wQt2GV9z9sDX for ; Thu, 16 Jul 2020 23:41:58 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id 655A5261DE; Thu, 16 Jul 2020 13:41:56 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JUuPhma2MShs; Thu, 16 Jul 2020 13:41:45 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by silver.osuosl.org (Postfix) with ESMTP id ACDDB261E3; Thu, 16 Jul 2020 13:41:16 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id A022CC0893; Thu, 16 Jul 2020 13:41:16 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 7C552C0733 for ; Thu, 16 Jul 2020 13:41:14 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id 6450125067 for ; Thu, 16 Jul 2020 13:41:14 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V8c7B23lqBrl for ; Thu, 16 Jul 2020 13:41:07 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by silver.osuosl.org (Postfix) with ESMTPS id C02D8227CE for ; Thu, 16 Jul 2020 13:41:06 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw48H-0002C4-BJ for dev@openvswitch.org; Thu, 16 Jul 2020 13:41:05 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3nu-0001Hz-7W; Thu, 16 Jul 2020 14:20:03 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:16 +0100 Message-Id: <20200716131927.3943-19-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 18/29] Pull DHCP Options into a function X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 98 ++++++++++++++++++++++++--------------------- 1 file changed, 52 insertions(+), 46 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 2226f5882..803971de0 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -6757,6 +6757,57 @@ build_lswitch_flows_step_50_lb( ds_destroy(&actions); } +static void +build_lswitch_flows_step_60_op( + struct ovn_port *op, struct hmap *lflows) +{ + /* Logical switch ingress table 14 and 15: DHCP options and response + * priority 100 flows. */ + if (!op->nbsp) { + return; + } + + if (!lsp_is_enabled(op->nbsp) || !strcmp(op->nbsp->type, "router")) { + /* Don't add the DHCP flows if the port is not enabled or if the + * port is a router port. */ + return; + } + + if (!op->nbsp->dhcpv4_options && !op->nbsp->dhcpv6_options) { + /* CMS has disabled both native DHCPv4 and DHCPv6 for this lport. + */ + return; + } + + bool is_external = lsp_is_external(op->nbsp); + if (is_external && (!op->od->n_localnet_ports || + !op->nbsp->ha_chassis_group)) { + /* If it's an external port and there are no localnet ports + * and if it doesn't belong to an HA chassis group ignore it. */ + return; + } + + for (size_t i = 0; i < op->n_lsp_addrs; i++) { + if (is_external) { + for (size_t j = 0; j < op->od->n_localnet_ports; j++) { + build_dhcpv4_options_flows( + op, &op->lsp_addrs[i], + op->od->localnet_ports[j]->json_key, is_external, + lflows); + build_dhcpv6_options_flows( + op, &op->lsp_addrs[i], + op->od->localnet_ports[j]->json_key, is_external, + lflows); + } + } else { + build_dhcpv4_options_flows(op, &op->lsp_addrs[i], op->json_key, + is_external, lflows); + build_dhcpv6_options_flows(op, &op->lsp_addrs[i], op->json_key, + is_external, lflows); + } + } +} + static void build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, struct hmap *port_groups, struct hmap *lflows, @@ -6811,53 +6862,8 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, build_lswitch_flows_step_50_lb(lb, lflows); } - - /* Logical switch ingress table 14 and 15: DHCP options and response - * priority 100 flows. */ HMAP_FOR_EACH (op, key_node, ports) { - if (!op->nbsp) { - continue; - } - - if (!lsp_is_enabled(op->nbsp) || !strcmp(op->nbsp->type, "router")) { - /* Don't add the DHCP flows if the port is not enabled or if the - * port is a router port. */ - continue; - } - - if (!op->nbsp->dhcpv4_options && !op->nbsp->dhcpv6_options) { - /* CMS has disabled both native DHCPv4 and DHCPv6 for this lport. - */ - continue; - } - - bool is_external = lsp_is_external(op->nbsp); - if (is_external && (!op->od->n_localnet_ports || - !op->nbsp->ha_chassis_group)) { - /* If it's an external port and there are no localnet ports - * and if it doesn't belong to an HA chassis group ignore it. */ - continue; - } - - for (size_t i = 0; i < op->n_lsp_addrs; i++) { - if (is_external) { - for (size_t j = 0; j < op->od->n_localnet_ports; j++) { - build_dhcpv4_options_flows( - op, &op->lsp_addrs[i], - op->od->localnet_ports[j]->json_key, is_external, - lflows); - build_dhcpv6_options_flows( - op, &op->lsp_addrs[i], - op->od->localnet_ports[j]->json_key, is_external, - lflows); - } - } else { - build_dhcpv4_options_flows(op, &op->lsp_addrs[i], op->json_key, - is_external, lflows); - build_dhcpv6_options_flows(op, &op->lsp_addrs[i], op->json_key, - is_external, lflows); - } - } + build_lswitch_flows_step_60_op(op, lflows); } /* Logical switch ingress table 17 and 18: DNS lookup and response From patchwork Thu Jul 16 13:19:17 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330284 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.133; helo=hemlock.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6wQZ18GKz9sTR for ; Thu, 16 Jul 2020 23:41:42 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id AC2898A8AB; Thu, 16 Jul 2020 13:41:40 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yt57hgOj4Qne; Thu, 16 Jul 2020 13:41:35 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by hemlock.osuosl.org (Postfix) with ESMTP id 015A889477; Thu, 16 Jul 2020 13:41:30 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id BF31EC1D7C; Thu, 16 Jul 2020 13:41:29 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id EAF00C1DA0 for ; Thu, 16 Jul 2020 13:41:24 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id DAB7B88FE8 for ; Thu, 16 Jul 2020 13:41:24 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nP3nU5WdNLiE for ; Thu, 16 Jul 2020 13:41:23 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by fraxinus.osuosl.org (Postfix) with ESMTPS id DE1B2890C7 for ; Thu, 16 Jul 2020 13:41:21 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw48W-0002Cs-Ga for dev@openvswitch.org; Thu, 16 Jul 2020 13:41:20 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3nw-0001Hz-0E; Thu, 16 Jul 2020 14:20:05 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:17 +0100 Message-Id: <20200716131927.3943-20-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 19/29] Pull DNS lookup and response to a separate function X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 67 +++++++++++++++++++++++++-------------------- 1 file changed, 38 insertions(+), 29 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 803971de0..da0ee4509 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -6808,6 +6808,43 @@ build_lswitch_flows_step_60_op( } } +static void +build_lswitch_flows_step_70_od( + struct ovn_datapath *od, struct hmap *lflows) +{ + /* Logical switch ingress table 17 and 18: DNS lookup and response + * priority 100 flows. + */ + if (!od->nbs || !ls_has_dns_records(od->nbs)) { + return; + } + + struct ds action = DS_EMPTY_INITIALIZER; + struct ds match = DS_EMPTY_INITIALIZER; + + ds_clear(&match); + ds_put_cstr(&match, "udp.dst == 53"); + ds_put_format(&action, + REGBIT_DNS_LOOKUP_RESULT" = dns_lookup(); next;"); + ovn_lflow_add(lflows, od, S_SWITCH_IN_DNS_LOOKUP, 100, + ds_cstr(&match), ds_cstr(&action)); + ds_clear(&action); + ds_put_cstr(&match, " && "REGBIT_DNS_LOOKUP_RESULT); + ds_put_format(&action, "eth.dst <-> eth.src; ip4.src <-> ip4.dst; " + "udp.dst = udp.src; udp.src = 53; outport = inport; " + "flags.loopback = 1; output;"); + ovn_lflow_add(lflows, od, S_SWITCH_IN_DNS_RESPONSE, 100, + ds_cstr(&match), ds_cstr(&action)); + ds_clear(&action); + ds_put_format(&action, "eth.dst <-> eth.src; ip6.src <-> ip6.dst; " + "udp.dst = udp.src; udp.src = 53; outport = inport; " + "flags.loopback = 1; output;"); + ovn_lflow_add(lflows, od, S_SWITCH_IN_DNS_RESPONSE, 100, + ds_cstr(&match), ds_cstr(&action)); + ds_destroy(&action); + ds_destroy(&match); +} + static void build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, struct hmap *port_groups, struct hmap *lflows, @@ -6866,36 +6903,8 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, build_lswitch_flows_step_60_op(op, lflows); } - /* Logical switch ingress table 17 and 18: DNS lookup and response - * priority 100 flows. - */ HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbs || !ls_has_dns_records(od->nbs)) { - continue; - } - - struct ds action = DS_EMPTY_INITIALIZER; - - ds_clear(&match); - ds_put_cstr(&match, "udp.dst == 53"); - ds_put_format(&action, - REGBIT_DNS_LOOKUP_RESULT" = dns_lookup(); next;"); - ovn_lflow_add(lflows, od, S_SWITCH_IN_DNS_LOOKUP, 100, - ds_cstr(&match), ds_cstr(&action)); - ds_clear(&action); - ds_put_cstr(&match, " && "REGBIT_DNS_LOOKUP_RESULT); - ds_put_format(&action, "eth.dst <-> eth.src; ip4.src <-> ip4.dst; " - "udp.dst = udp.src; udp.src = 53; outport = inport; " - "flags.loopback = 1; output;"); - ovn_lflow_add(lflows, od, S_SWITCH_IN_DNS_RESPONSE, 100, - ds_cstr(&match), ds_cstr(&action)); - ds_clear(&action); - ds_put_format(&action, "eth.dst <-> eth.src; ip6.src <-> ip6.dst; " - "udp.dst = udp.src; udp.src = 53; outport = inport; " - "flags.loopback = 1; output;"); - ovn_lflow_add(lflows, od, S_SWITCH_IN_DNS_RESPONSE, 100, - ds_cstr(&match), ds_cstr(&action)); - ds_destroy(&action); + build_lswitch_flows_step_70_od(od, lflows); } /* Ingress table 14 and 15: DHCP options and response, by default goto From patchwork Thu Jul 16 13:19:18 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330285 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.133; helo=hemlock.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6wQZ4FfTz9sTS for ; Thu, 16 Jul 2020 23:41:42 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 1994B8958E; Thu, 16 Jul 2020 13:41:41 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Lkc6O0DoU66B; Thu, 16 Jul 2020 13:41:39 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by hemlock.osuosl.org (Postfix) with ESMTP id AA23989584; Thu, 16 Jul 2020 13:41:32 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 77DAAC1AE2; Thu, 16 Jul 2020 13:41:32 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id B67B6C0733 for ; Thu, 16 Jul 2020 13:41:31 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 9CD858910C for ; Thu, 16 Jul 2020 13:41:31 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wJi50xyOsapN for ; Thu, 16 Jul 2020 13:41:30 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by fraxinus.osuosl.org (Postfix) with ESMTPS id 9338789129 for ; Thu, 16 Jul 2020 13:41:25 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw48a-0002D4-7B for dev@openvswitch.org; Thu, 16 Jul 2020 13:41:24 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3nx-0001Hz-NQ; Thu, 16 Jul 2020 14:20:07 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:18 +0100 Message-Id: <20200716131927.3943-21-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 20/29] Pull DNS response defaults into a separate function X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 36 ++++++++++++++++++++---------------- 1 file changed, 20 insertions(+), 16 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index da0ee4509..e5d64993a 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -6845,6 +6845,25 @@ build_lswitch_flows_step_70_od( ds_destroy(&match); } +static void +build_lswitch_flows_step_80_od( + struct ovn_datapath *od, struct hmap *lflows) +{ + /* Ingress table 14 and 15: DHCP options and response, by default goto + * next. (priority 0). + * Ingress table 16 and 17: DNS lookup and response, by default goto next. + * (priority 0). + * Ingress table 18 - External port handling, by default goto next. + * (priority 0). */ + if (od->nbs) { + ovn_lflow_add(lflows, od, S_SWITCH_IN_DHCP_OPTIONS, 0, "1", "next;"); + ovn_lflow_add(lflows, od, S_SWITCH_IN_DHCP_RESPONSE, 0, "1", "next;"); + ovn_lflow_add(lflows, od, S_SWITCH_IN_DNS_LOOKUP, 0, "1", "next;"); + ovn_lflow_add(lflows, od, S_SWITCH_IN_DNS_RESPONSE, 0, "1", "next;"); + ovn_lflow_add(lflows, od, S_SWITCH_IN_EXTERNAL_PORT, 0, "1", "next;"); + } +} + static void build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, struct hmap *port_groups, struct hmap *lflows, @@ -6907,23 +6926,8 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, build_lswitch_flows_step_70_od(od, lflows); } - /* Ingress table 14 and 15: DHCP options and response, by default goto - * next. (priority 0). - * Ingress table 16 and 17: DNS lookup and response, by default goto next. - * (priority 0). - * Ingress table 18 - External port handling, by default goto next. - * (priority 0). */ - HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbs) { - continue; - } - - ovn_lflow_add(lflows, od, S_SWITCH_IN_DHCP_OPTIONS, 0, "1", "next;"); - ovn_lflow_add(lflows, od, S_SWITCH_IN_DHCP_RESPONSE, 0, "1", "next;"); - ovn_lflow_add(lflows, od, S_SWITCH_IN_DNS_LOOKUP, 0, "1", "next;"); - ovn_lflow_add(lflows, od, S_SWITCH_IN_DNS_RESPONSE, 0, "1", "next;"); - ovn_lflow_add(lflows, od, S_SWITCH_IN_EXTERNAL_PORT, 0, "1", "next;"); + build_lswitch_flows_step_80_od(od, lflows); } HMAP_FOR_EACH (op, key_node, ports) { From patchwork Thu Jul 16 13:19:19 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330280 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6wQF12fRz9sTS for ; Thu, 16 Jul 2020 23:41:25 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 10F49890E3; Thu, 16 Jul 2020 13:41:23 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eyVKBhPW1s0H; Thu, 16 Jul 2020 13:41:21 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by fraxinus.osuosl.org (Postfix) with ESMTP id F3C6A88FA9; Thu, 16 Jul 2020 13:41:19 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id C118CC08A9; Thu, 16 Jul 2020 13:41:19 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 01D9EC08A9 for ; Thu, 16 Jul 2020 13:41:17 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id E638988A71 for ; Thu, 16 Jul 2020 13:41:16 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sMzuJSjP+wJb for ; Thu, 16 Jul 2020 13:41:15 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by hemlock.osuosl.org (Postfix) with ESMTPS id 517B188897 for ; Thu, 16 Jul 2020 13:41:15 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw48P-0002CY-Ut for dev@openvswitch.org; Thu, 16 Jul 2020 13:41:14 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3nz-0001Hz-D4; Thu, 16 Jul 2020 14:20:09 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:19 +0100 Message-Id: <20200716131927.3943-22-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 21/29] Pull external port ARP responses into a separate function X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 31 +++++++++++++++++++------------ 1 file changed, 19 insertions(+), 12 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index e5d64993a..e2060e8ac 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -6864,6 +6864,24 @@ build_lswitch_flows_step_80_od( } } +static void +build_lswitch_flows_step_90_op( + struct ovn_port *op, struct hmap *lflows) +{ + if (!op->nbsp || !lsp_is_external(op->nbsp)) { + return; + } + + /* Table 18: External port. Drop ARP request for router ips from + * external ports on chassis not binding those ports. + * This makes the router pipeline to be run only on the chassis + * binding the external ports. */ + for (size_t i = 0; i < op->od->n_localnet_ports; i++) { + build_drop_arp_nd_flows_for_unbound_router_ports( + op, op->od->localnet_ports[i], lflows); + } +} + static void build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, struct hmap *port_groups, struct hmap *lflows, @@ -6931,18 +6949,7 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, } HMAP_FOR_EACH (op, key_node, ports) { - if (!op->nbsp || !lsp_is_external(op->nbsp)) { - continue; - } - - /* Table 18: External port. Drop ARP request for router ips from - * external ports on chassis not binding those ports. - * This makes the router pipeline to be run only on the chassis - * binding the external ports. */ - for (size_t i = 0; i < op->od->n_localnet_ports; i++) { - build_drop_arp_nd_flows_for_unbound_router_ports( - op, op->od->localnet_ports[i], lflows); - } + build_lswitch_flows_step_90_op(op, lflows); } char *svc_check_match = xasprintf("eth.dst == %s", svc_monitor_mac); From patchwork Thu Jul 16 13:19:20 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330287 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.133; helo=hemlock.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6wQf5Rznz9sTR for ; Thu, 16 Jul 2020 23:41:46 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 046688A32D; Thu, 16 Jul 2020 13:41:45 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GW75J9yU7Bi4; Thu, 16 Jul 2020 13:41:42 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by hemlock.osuosl.org (Postfix) with ESMTP id C1C4889541; Thu, 16 Jul 2020 13:41:34 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id A9D00C0733; Thu, 16 Jul 2020 13:41:34 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id 39CE9C0893 for ; Thu, 16 Jul 2020 13:41:32 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 1A7B78910C for ; Thu, 16 Jul 2020 13:41:32 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RUkCQyoZVolH for ; Thu, 16 Jul 2020 13:41:25 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by fraxinus.osuosl.org (Postfix) with ESMTPS id 4E632890EE for ; Thu, 16 Jul 2020 13:41:23 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw48X-0002Cw-Qb for dev@openvswitch.org; Thu, 16 Jul 2020 13:41:22 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3o1-0001Hz-4P; Thu, 16 Jul 2020 14:20:10 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:20 +0100 Message-Id: <20200716131927.3943-23-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 22/29] Pull out Destination lookup, broadcast and multicast handling X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Pulls out Destination lookup, broadcast and multicast handling into a separate function Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 160 ++++++++++++++++++++++++-------------------- 1 file changed, 86 insertions(+), 74 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index e2060e8ac..e215bcd63 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -6883,83 +6883,16 @@ build_lswitch_flows_step_90_op( } static void -build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, - struct hmap *port_groups, struct hmap *lflows, - struct hmap *mcgroups, struct hmap *igmp_groups, - struct shash *meter_groups, - struct hmap *lbs) +build_lswitch_flows_step_100_od( + struct ovn_datapath *od, struct hmap *lflows) { - /* This flow table structure is documented in ovn-northd(8), so please - * update ovn-northd.8.xml if you change anything. */ - - struct ds match = DS_EMPTY_INITIALIZER; - struct ds actions = DS_EMPTY_INITIALIZER; - - struct ovn_datapath *od; - struct ovn_port *op; - struct ovn_lb *lb; - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lswitch_flows_step_0_od( - od, lflows, meter_groups, lbs, port_groups); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lswitch_flows_step_10_od(od, lflows); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lswitch_flows_step_20_od(od, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lswitch_flows_step_30_op(op, lflows); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lswitch_flows_step_30_od(od, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lswitch_flows_step_40_op(op, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lswitch_flows_step_50_op(op, lflows, ports); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lswitch_flows_step_50_od(od, lflows); - } - - HMAP_FOR_EACH (lb, hmap_node, lbs) { - build_lswitch_flows_step_50_lb(lb, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lswitch_flows_step_60_op(op, lflows); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lswitch_flows_step_70_od(od, lflows); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lswitch_flows_step_80_od(od, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lswitch_flows_step_90_op(op, lflows); - } - - char *svc_check_match = xasprintf("eth.dst == %s", svc_monitor_mac); /* Ingress table 19: Destination lookup, broadcast and multicast handling * (priority 70 - 100). */ - HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbs) { - continue; - } + if (od->nbs) { + struct ds actions = DS_EMPTY_INITIALIZER; + struct ds match = DS_EMPTY_INITIALIZER; + char *svc_check_match = xasprintf("eth.dst == %s", svc_monitor_mac); ovn_lflow_add(lflows, od, S_SWITCH_IN_L2_LKUP, 110, svc_check_match, "handle_svc_check(inport);"); @@ -7032,8 +6965,87 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, ovn_lflow_add(lflows, od, S_SWITCH_IN_L2_LKUP, 70, "eth.mcast", "outport = \""MC_FLOOD"\"; output;"); + free(svc_check_match); + + ds_destroy(&actions); + ds_destroy(&match); } - free(svc_check_match); +} + +static void +build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, + struct hmap *port_groups, struct hmap *lflows, + struct hmap *mcgroups, struct hmap *igmp_groups, + struct shash *meter_groups, + struct hmap *lbs) +{ + /* This flow table structure is documented in ovn-northd(8), so please + * update ovn-northd.8.xml if you change anything. */ + + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; + + struct ovn_datapath *od; + struct ovn_port *op; + struct ovn_lb *lb; + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lswitch_flows_step_0_od( + od, lflows, meter_groups, lbs, port_groups); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lswitch_flows_step_10_od(od, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lswitch_flows_step_20_od(od, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lswitch_flows_step_30_op(op, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lswitch_flows_step_30_od(od, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lswitch_flows_step_40_op(op, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lswitch_flows_step_50_op(op, lflows, ports); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lswitch_flows_step_50_od(od, lflows); + } + + HMAP_FOR_EACH (lb, hmap_node, lbs) { + build_lswitch_flows_step_50_lb(lb, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lswitch_flows_step_60_op(op, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lswitch_flows_step_70_od(od, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lswitch_flows_step_80_od(od, lflows); + } + + HMAP_FOR_EACH (op, key_node, ports) { + build_lswitch_flows_step_90_op(op, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lswitch_flows_step_100_od(od, lflows); + } + /* Ingress table 19: Add IP multicast flows learnt from IGMP/MLD * (priority 90). */ From patchwork Thu Jul 16 13:19:21 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330297 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.138; helo=whitealder.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6wRw2MvKz9sTR for ; Thu, 16 Jul 2020 23:42:52 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 9A53D8B1B2; Thu, 16 Jul 2020 13:42:50 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2D7c4PzFhZuE; Thu, 16 Jul 2020 13:42:40 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by whitealder.osuosl.org (Postfix) with ESMTP id 409CD8B214; Thu, 16 Jul 2020 13:42:01 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 1CDF8C1818; Thu, 16 Jul 2020 13:42:01 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 2F9B6C1798 for ; Thu, 16 Jul 2020 13:41:59 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id F19902D9A3 for ; Thu, 16 Jul 2020 13:41:58 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QiY3RPgfdATt for ; Thu, 16 Jul 2020 13:41:46 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by silver.osuosl.org (Postfix) with ESMTPS id 17263262FC for ; Thu, 16 Jul 2020 13:41:17 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw48R-0002Cc-Ai for dev@openvswitch.org; Thu, 16 Jul 2020 13:41:15 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3o2-0001Hz-Sv; Thu, 16 Jul 2020 14:20:12 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:21 +0100 Message-Id: <20200716131927.3943-24-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 23/29] Move destination lookup, unicast out of into a function X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 427 +++++++++++++++++++++++--------------------- 1 file changed, 227 insertions(+), 200 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index e215bcd63..c49d72462 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -6972,6 +6972,230 @@ build_lswitch_flows_step_100_od( } } +static void +build_lswitch_flows_step_110_igmp( + struct ovn_igmp_group *igmp_group, struct hmap *lflows) +{ + /* Ingress table 19: Add IP multicast flows learnt from IGMP/MLD + * (priority 90). */ + + if (igmp_group->datapath) { + + struct ds actions = DS_EMPTY_INITIALIZER; + struct ds match = DS_EMPTY_INITIALIZER; + + struct mcast_switch_info *mcast_sw_info = + &igmp_group->datapath->mcast_info.sw; + + if (IN6_IS_ADDR_V4MAPPED(&igmp_group->address)) { + /* RFC 4541, section 2.1.2, item 2: Skip groups in the 224.0.0.X + * range. + */ + ovs_be32 group_address = + in6_addr_get_mapped_ipv4(&igmp_group->address); + if (ip_is_local_multicast(group_address)) { + ds_destroy(&actions); + ds_destroy(&match); + return; + } + + if (mcast_sw_info->active_v4_flows >= mcast_sw_info->table_size) { + ds_destroy(&actions); + ds_destroy(&match); + return; + } + mcast_sw_info->active_v4_flows++; + ds_put_format(&match, "eth.mcast && ip4 && ip4.dst == %s ", + igmp_group->mcgroup.name); + } else { + /* RFC 4291, section 2.7.1: Skip groups that correspond to all + * hosts. + */ + if (ipv6_is_all_hosts(&igmp_group->address)) { + ds_destroy(&actions); + ds_destroy(&match); + return; + } + if (mcast_sw_info->active_v6_flows >= mcast_sw_info->table_size) { + ds_destroy(&actions); + ds_destroy(&match); + return; + } + mcast_sw_info->active_v6_flows++; + ds_put_format(&match, "eth.mcast && ip6 && ip6.dst == %s ", + igmp_group->mcgroup.name); + } + + /* Also flood traffic to all multicast routers with relay enabled. */ + if (mcast_sw_info->flood_relay) { + ds_put_cstr(&actions, + "clone { " + "outport = \""MC_MROUTER_FLOOD "\"; " + "output; " + "};"); + } + if (mcast_sw_info->flood_static) { + ds_put_cstr(&actions, + "clone { " + "outport =\""MC_STATIC"\"; " + "output; " + "};"); + } + ds_put_format(&actions, "outport = \"%s\"; output; ", + igmp_group->mcgroup.name); + + ovn_lflow_add(lflows, igmp_group->datapath, S_SWITCH_IN_L2_LKUP, 90, + ds_cstr(&match), ds_cstr(&actions)); + ds_destroy(&actions); + ds_destroy(&match); + } +} + +static void +build_lswitch_flows_step_120_op( + struct ovn_port *op, struct hmap *lflows, struct hmap *mcgroups) +{ + /* Ingress table 19: Destination lookup, unicast handling (priority 50), */ + + if (!op->nbsp || lsp_is_external(op->nbsp)) { + return; + } + + struct ds actions = DS_EMPTY_INITIALIZER; + struct ds match = DS_EMPTY_INITIALIZER; + + /* For ports connected to logical routers add flows to bypass the + * broadcast flooding of ARP/ND requests in table 19. We direct the + * requests only to the router port that owns the IP address. + */ + if (!strcmp(op->nbsp->type, "router")) { + build_lswitch_rport_arp_req_flows(op->peer, op->od, op, lflows, + &op->nbsp->header_); + } + + for (size_t i = 0; i < op->nbsp->n_addresses; i++) { + /* Addresses are owned by the logical port. + * Ethernet address followed by zero or more IPv4 + * or IPv6 addresses (or both). */ + struct eth_addr mac; + if (ovs_scan(op->nbsp->addresses[i], + ETH_ADDR_SCAN_FMT, ETH_ADDR_SCAN_ARGS(mac))) { + ds_clear(&match); + ds_put_format(&match, "eth.dst == "ETH_ADDR_FMT, + ETH_ADDR_ARGS(mac)); + + ds_clear(&actions); + ds_put_format(&actions, "outport = %s; output;", op->json_key); + ovn_lflow_add_with_hint(lflows, op->od, S_SWITCH_IN_L2_LKUP, + 50, ds_cstr(&match), + ds_cstr(&actions), + &op->nbsp->header_); + } else if (!strcmp(op->nbsp->addresses[i], "unknown")) { + if (lsp_is_enabled(op->nbsp)) { + ovn_multicast_add(mcgroups, &mc_unknown, op); + op->od->has_unknown = true; + } + } else if (is_dynamic_lsp_address(op->nbsp->addresses[i])) { + if (!op->nbsp->dynamic_addresses + || !ovs_scan(op->nbsp->dynamic_addresses, + ETH_ADDR_SCAN_FMT, ETH_ADDR_SCAN_ARGS(mac))) { + continue; + } + ds_clear(&match); + ds_put_format(&match, "eth.dst == "ETH_ADDR_FMT, + ETH_ADDR_ARGS(mac)); + + ds_clear(&actions); + ds_put_format(&actions, "outport = %s; output;", op->json_key); + ovn_lflow_add_with_hint(lflows, op->od, S_SWITCH_IN_L2_LKUP, + 50, ds_cstr(&match), + ds_cstr(&actions), + &op->nbsp->header_); + } else if (!strcmp(op->nbsp->addresses[i], "router")) { + if (!op->peer || !op->peer->nbrp + || !ovs_scan(op->peer->nbrp->mac, + ETH_ADDR_SCAN_FMT, ETH_ADDR_SCAN_ARGS(mac))) { + continue; + } + ds_clear(&match); + ds_put_format(&match, "eth.dst == "ETH_ADDR_FMT, + ETH_ADDR_ARGS(mac)); + if (op->peer->od->l3dgw_port + && op->peer->od->l3redirect_port + && op->od->n_localnet_ports) { + bool add_chassis_resident_check = false; + if (op->peer == op->peer->od->l3dgw_port) { + /* The peer of this port represents a distributed + * gateway port. The destination lookup flow for the + * router's distributed gateway port MAC address should + * only be programmed on the "redirect-chassis". */ + add_chassis_resident_check = true; + } else { + /* Check if the option 'reside-on-redirect-chassis' + * is set to true on the peer port. If set to true + * and if the logical switch has a localnet port, it + * means the router pipeline for the packets from + * this logical switch should be run on the chassis + * hosting the gateway port. + */ + add_chassis_resident_check = smap_get_bool( + &op->peer->nbrp->options, + "reside-on-redirect-chassis", false); + } + + if (add_chassis_resident_check) { + ds_put_format(&match, " && is_chassis_resident(%s)", + op->peer->od->l3redirect_port->json_key); + } + } + + ds_clear(&actions); + ds_put_format(&actions, "outport = %s; output;", op->json_key); + ovn_lflow_add_with_hint(lflows, op->od, + S_SWITCH_IN_L2_LKUP, 50, + ds_cstr(&match), ds_cstr(&actions), + &op->nbsp->header_); + + /* Add ethernet addresses specified in NAT rules on + * distributed logical routers. */ + if (op->peer->od->l3dgw_port + && op->peer == op->peer->od->l3dgw_port) { + for (int j = 0; j < op->peer->od->nbr->n_nat; j++) { + const struct nbrec_nat *nat + = op->peer->od->nbr->nat[j]; + if (!strcmp(nat->type, "dnat_and_snat") + && nat->logical_port && nat->external_mac + && eth_addr_from_string(nat->external_mac, &mac)) { + + ds_clear(&match); + ds_put_format(&match, "eth.dst == "ETH_ADDR_FMT + " && is_chassis_resident(\"%s\")", + ETH_ADDR_ARGS(mac), + nat->logical_port); + + ds_clear(&actions); + ds_put_format(&actions, "outport = %s; output;", + op->json_key); + ovn_lflow_add_with_hint(lflows, op->od, + S_SWITCH_IN_L2_LKUP, 50, + ds_cstr(&match), + ds_cstr(&actions), + &op->nbsp->header_); + } + } + } + } else { + static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1); + + VLOG_INFO_RL(&rl, + "%s: invalid syntax '%s' in addresses column", + op->nbsp->name, op->nbsp->addresses[i]); + } + } + ds_destroy(&actions); + ds_destroy(&match); +} + static void build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, struct hmap *port_groups, struct hmap *lflows, @@ -6988,6 +7212,7 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, struct ovn_datapath *od; struct ovn_port *op; struct ovn_lb *lb; + struct ovn_igmp_group *igmp_group; HMAP_FOR_EACH (od, key_node, datapaths) { build_lswitch_flows_step_0_od( @@ -7046,209 +7271,12 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, build_lswitch_flows_step_100_od(od, lflows); } - - /* Ingress table 19: Add IP multicast flows learnt from IGMP/MLD - * (priority 90). */ - struct ovn_igmp_group *igmp_group; - HMAP_FOR_EACH (igmp_group, hmap_node, igmp_groups) { - if (!igmp_group->datapath) { - continue; - } - - ds_clear(&match); - ds_clear(&actions); - - struct mcast_switch_info *mcast_sw_info = - &igmp_group->datapath->mcast_info.sw; - - if (IN6_IS_ADDR_V4MAPPED(&igmp_group->address)) { - /* RFC 4541, section 2.1.2, item 2: Skip groups in the 224.0.0.X - * range. - */ - ovs_be32 group_address = - in6_addr_get_mapped_ipv4(&igmp_group->address); - if (ip_is_local_multicast(group_address)) { - continue; - } - - if (mcast_sw_info->active_v4_flows >= mcast_sw_info->table_size) { - continue; - } - mcast_sw_info->active_v4_flows++; - ds_put_format(&match, "eth.mcast && ip4 && ip4.dst == %s ", - igmp_group->mcgroup.name); - } else { - /* RFC 4291, section 2.7.1: Skip groups that correspond to all - * hosts. - */ - if (ipv6_is_all_hosts(&igmp_group->address)) { - continue; - } - if (mcast_sw_info->active_v6_flows >= mcast_sw_info->table_size) { - continue; - } - mcast_sw_info->active_v6_flows++; - ds_put_format(&match, "eth.mcast && ip6 && ip6.dst == %s ", - igmp_group->mcgroup.name); - } - - /* Also flood traffic to all multicast routers with relay enabled. */ - if (mcast_sw_info->flood_relay) { - ds_put_cstr(&actions, - "clone { " - "outport = \""MC_MROUTER_FLOOD "\"; " - "output; " - "};"); - } - if (mcast_sw_info->flood_static) { - ds_put_cstr(&actions, - "clone { " - "outport =\""MC_STATIC"\"; " - "output; " - "};"); - } - ds_put_format(&actions, "outport = \"%s\"; output; ", - igmp_group->mcgroup.name); - - ovn_lflow_add(lflows, igmp_group->datapath, S_SWITCH_IN_L2_LKUP, 90, - ds_cstr(&match), ds_cstr(&actions)); + build_lswitch_flows_step_110_igmp(igmp_group, lflows); } - /* Ingress table 19: Destination lookup, unicast handling (priority 50), */ HMAP_FOR_EACH (op, key_node, ports) { - if (!op->nbsp || lsp_is_external(op->nbsp)) { - continue; - } - - /* For ports connected to logical routers add flows to bypass the - * broadcast flooding of ARP/ND requests in table 19. We direct the - * requests only to the router port that owns the IP address. - */ - if (!strcmp(op->nbsp->type, "router")) { - build_lswitch_rport_arp_req_flows(op->peer, op->od, op, lflows, - &op->nbsp->header_); - } - - for (size_t i = 0; i < op->nbsp->n_addresses; i++) { - /* Addresses are owned by the logical port. - * Ethernet address followed by zero or more IPv4 - * or IPv6 addresses (or both). */ - struct eth_addr mac; - if (ovs_scan(op->nbsp->addresses[i], - ETH_ADDR_SCAN_FMT, ETH_ADDR_SCAN_ARGS(mac))) { - ds_clear(&match); - ds_put_format(&match, "eth.dst == "ETH_ADDR_FMT, - ETH_ADDR_ARGS(mac)); - - ds_clear(&actions); - ds_put_format(&actions, "outport = %s; output;", op->json_key); - ovn_lflow_add_with_hint(lflows, op->od, S_SWITCH_IN_L2_LKUP, - 50, ds_cstr(&match), - ds_cstr(&actions), - &op->nbsp->header_); - } else if (!strcmp(op->nbsp->addresses[i], "unknown")) { - if (lsp_is_enabled(op->nbsp)) { - ovn_multicast_add(mcgroups, &mc_unknown, op); - op->od->has_unknown = true; - } - } else if (is_dynamic_lsp_address(op->nbsp->addresses[i])) { - if (!op->nbsp->dynamic_addresses - || !ovs_scan(op->nbsp->dynamic_addresses, - ETH_ADDR_SCAN_FMT, ETH_ADDR_SCAN_ARGS(mac))) { - continue; - } - ds_clear(&match); - ds_put_format(&match, "eth.dst == "ETH_ADDR_FMT, - ETH_ADDR_ARGS(mac)); - - ds_clear(&actions); - ds_put_format(&actions, "outport = %s; output;", op->json_key); - ovn_lflow_add_with_hint(lflows, op->od, S_SWITCH_IN_L2_LKUP, - 50, ds_cstr(&match), - ds_cstr(&actions), - &op->nbsp->header_); - } else if (!strcmp(op->nbsp->addresses[i], "router")) { - if (!op->peer || !op->peer->nbrp - || !ovs_scan(op->peer->nbrp->mac, - ETH_ADDR_SCAN_FMT, ETH_ADDR_SCAN_ARGS(mac))) { - continue; - } - ds_clear(&match); - ds_put_format(&match, "eth.dst == "ETH_ADDR_FMT, - ETH_ADDR_ARGS(mac)); - if (op->peer->od->l3dgw_port - && op->peer->od->l3redirect_port - && op->od->n_localnet_ports) { - bool add_chassis_resident_check = false; - if (op->peer == op->peer->od->l3dgw_port) { - /* The peer of this port represents a distributed - * gateway port. The destination lookup flow for the - * router's distributed gateway port MAC address should - * only be programmed on the "redirect-chassis". */ - add_chassis_resident_check = true; - } else { - /* Check if the option 'reside-on-redirect-chassis' - * is set to true on the peer port. If set to true - * and if the logical switch has a localnet port, it - * means the router pipeline for the packets from - * this logical switch should be run on the chassis - * hosting the gateway port. - */ - add_chassis_resident_check = smap_get_bool( - &op->peer->nbrp->options, - "reside-on-redirect-chassis", false); - } - - if (add_chassis_resident_check) { - ds_put_format(&match, " && is_chassis_resident(%s)", - op->peer->od->l3redirect_port->json_key); - } - } - - ds_clear(&actions); - ds_put_format(&actions, "outport = %s; output;", op->json_key); - ovn_lflow_add_with_hint(lflows, op->od, - S_SWITCH_IN_L2_LKUP, 50, - ds_cstr(&match), ds_cstr(&actions), - &op->nbsp->header_); - - /* Add ethernet addresses specified in NAT rules on - * distributed logical routers. */ - if (op->peer->od->l3dgw_port - && op->peer == op->peer->od->l3dgw_port) { - for (int j = 0; j < op->peer->od->nbr->n_nat; j++) { - const struct nbrec_nat *nat - = op->peer->od->nbr->nat[j]; - if (!strcmp(nat->type, "dnat_and_snat") - && nat->logical_port && nat->external_mac - && eth_addr_from_string(nat->external_mac, &mac)) { - - ds_clear(&match); - ds_put_format(&match, "eth.dst == "ETH_ADDR_FMT - " && is_chassis_resident(\"%s\")", - ETH_ADDR_ARGS(mac), - nat->logical_port); - - ds_clear(&actions); - ds_put_format(&actions, "outport = %s; output;", - op->json_key); - ovn_lflow_add_with_hint(lflows, op->od, - S_SWITCH_IN_L2_LKUP, 50, - ds_cstr(&match), - ds_cstr(&actions), - &op->nbsp->header_); - } - } - } - } else { - static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1); - - VLOG_INFO_RL(&rl, - "%s: invalid syntax '%s' in addresses column", - op->nbsp->name, op->nbsp->addresses[i]); - } - } + build_lswitch_flows_step_120_op(op, lflows, mcgroups); } /* Ingress table 19: Destination lookup for unknown MACs (priority 0). */ @@ -7256,7 +7284,6 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, if (!od->nbs) { continue; } - if (od->has_unknown) { ovn_lflow_add(lflows, od, S_SWITCH_IN_L2_LKUP, 0, "1", "outport = \""MC_UNKNOWN"\"; output;"); From patchwork Thu Jul 16 13:19:22 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330279 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6wQB6jgYz9sDX for ; Thu, 16 Jul 2020 23:41:22 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 1F61E8906B; Thu, 16 Jul 2020 13:41:21 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lhLGQb5HKBIZ; Thu, 16 Jul 2020 13:41:18 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by fraxinus.osuosl.org (Postfix) with ESMTP id C3D0E88FF7; Thu, 16 Jul 2020 13:41:17 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id A6986C0893; Thu, 16 Jul 2020 13:41:17 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id D827BC1797 for ; Thu, 16 Jul 2020 13:41:14 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id C69E688F6D for ; Thu, 16 Jul 2020 13:41:14 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KqyTk9GGpZGl for ; Thu, 16 Jul 2020 13:41:14 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by fraxinus.osuosl.org (Postfix) with ESMTPS id 20CF988F82 for ; Thu, 16 Jul 2020 13:41:14 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw48O-0002CT-Nb for dev@openvswitch.org; Thu, 16 Jul 2020 13:41:12 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3o4-0001Hz-Rg; Thu, 16 Jul 2020 14:20:14 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:22 +0100 Message-Id: <20200716131927.3943-25-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 24/29] Mark the has unknown portion as "leave as is" X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index c49d72462..783a4137f 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -7284,6 +7284,8 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, if (!od->nbs) { continue; } + /* Has unknown is modified earlier, this canot be parallelized + * so leaving it in the main function body */ if (od->has_unknown) { ovn_lflow_add(lflows, od, S_SWITCH_IN_L2_LKUP, 0, "1", "outport = \""MC_UNKNOWN"\"; output;"); From patchwork Thu Jul 16 13:19:23 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330283 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.136; helo=silver.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6wQY3c0qz9sDX for ; Thu, 16 Jul 2020 23:41:41 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id AF2E92CED2; Thu, 16 Jul 2020 13:41:39 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kt70sQ4oYJVj; Thu, 16 Jul 2020 13:41:31 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by silver.osuosl.org (Postfix) with ESMTP id F12B425D1F; Thu, 16 Jul 2020 13:41:12 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id D3D53C0893; Thu, 16 Jul 2020 13:41:12 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by lists.linuxfoundation.org (Postfix) with ESMTP id 89F79C0893 for ; Thu, 16 Jul 2020 13:41:11 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 71EA88B12F for ; Thu, 16 Jul 2020 13:41:11 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SvrbCyFJzlCH for ; Thu, 16 Jul 2020 13:41:08 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by whitealder.osuosl.org (Postfix) with ESMTPS id 0178F8B12C for ; Thu, 16 Jul 2020 13:41:07 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw48I-0002C9-Hf for dev@openvswitch.org; Thu, 16 Jul 2020 13:41:06 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3o6-0001Hz-If; Thu, 16 Jul 2020 14:20:16 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:23 +0100 Message-Id: <20200716131927.3943-26-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 25/29] Split and reorganize build_output_port_security X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Split and reorganize into iterator functions build_output_port_security Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 82 ++++++++++++++++++++++----------------------- 1 file changed, 40 insertions(+), 42 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 783a4137f..16c7d62ba 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -4776,12 +4776,11 @@ build_lswitch_input_port_sec_od(struct ovn_datapath *od, } static void -build_lswitch_output_port_sec(struct hmap *ports, struct hmap *datapaths, - struct hmap *lflows) +build_lswitch_output_port_sec_op( + struct ovn_port *op, struct hmap *lflows) { struct ds actions = DS_EMPTY_INITIALIZER; struct ds match = DS_EMPTY_INITIALIZER; - struct ovn_port *op; /* Egress table 8: Egress port security - IP (priorities 90 and 80) * if port security enabled. @@ -4793,59 +4792,52 @@ build_lswitch_output_port_sec(struct hmap *ports, struct hmap *datapaths, * Priority 150 rules drop packets to disabled logical ports, so that * they don't even receive multicast or broadcast packets. */ - HMAP_FOR_EACH (op, key_node, ports) { - if (!op->nbsp || lsp_is_external(op->nbsp)) { - continue; - } - - ds_clear(&actions); - ds_clear(&match); + if (!op->nbsp || lsp_is_external(op->nbsp)) { + return; + } - ds_put_format(&match, "outport == %s", op->json_key); - if (lsp_is_enabled(op->nbsp)) { - build_port_security_l2("eth.dst", op->ps_addrs, op->n_ps_addrs, - &match); + ds_put_format(&match, "outport == %s", op->json_key); + if (lsp_is_enabled(op->nbsp)) { + build_port_security_l2("eth.dst", op->ps_addrs, op->n_ps_addrs, + &match); - if (!strcmp(op->nbsp->type, "localnet")) { - const char *queue_id = smap_get(&op->sb->options, - "qdisc_queue_id"); - if (queue_id) { - ds_put_format(&actions, "set_queue(%s); ", queue_id); - } + if (!strcmp(op->nbsp->type, "localnet")) { + const char *queue_id = smap_get(&op->sb->options, + "qdisc_queue_id"); + if (queue_id) { + ds_put_format(&actions, "set_queue(%s); ", queue_id); } - ds_put_cstr(&actions, "output;"); - ovn_lflow_add_with_hint(lflows, op->od, S_SWITCH_OUT_PORT_SEC_L2, - 50, ds_cstr(&match), ds_cstr(&actions), - &op->nbsp->header_); - } else { - ovn_lflow_add_with_hint(lflows, op->od, S_SWITCH_OUT_PORT_SEC_L2, - 150, ds_cstr(&match), "drop;", - &op->nbsp->header_); } + ds_put_cstr(&actions, "output;"); + ovn_lflow_add_with_hint(lflows, op->od, S_SWITCH_OUT_PORT_SEC_L2, + 50, ds_cstr(&match), ds_cstr(&actions), + &op->nbsp->header_); + } else { + ovn_lflow_add_with_hint(lflows, op->od, S_SWITCH_OUT_PORT_SEC_L2, + 150, ds_cstr(&match), "drop;", + &op->nbsp->header_); + } - if (op->nbsp->n_port_security) { - build_port_security_ip(P_OUT, op, lflows, &op->nbsp->header_); - } + if (op->nbsp->n_port_security) { + build_port_security_ip(P_OUT, op, lflows, &op->nbsp->header_); } + ds_destroy(&match); + ds_destroy(&actions); +} +static void +build_lswitch_output_port_sec_od( + struct ovn_datapath *od, struct hmap *lflows) +{ /* Egress tables 8: Egress port security - IP (priority 0) * Egress table 9: Egress port security L2 - multicast/broadcast * (priority 100). */ - struct ovn_datapath *od; - HMAP_FOR_EACH (od, key_node, datapaths) { - if (!od->nbs) { - continue; - } - + if (od->nbs) { ovn_lflow_add(lflows, od, S_SWITCH_OUT_PORT_SEC_IP, 0, "1", "next;"); ovn_lflow_add(lflows, od, S_SWITCH_OUT_PORT_SEC_L2, 100, "eth.mcast", "output;"); } - - ds_destroy(&match); - ds_destroy(&actions); } - static void build_pre_acl_flows(struct ovn_datapath *od, struct ovn_port *op, struct hmap *lflows) @@ -7292,7 +7284,13 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, } } - build_lswitch_output_port_sec(ports, datapaths, lflows); + HMAP_FOR_EACH (op, key_node, ports) { + build_lswitch_output_port_sec_op(op, lflows); + } + + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lswitch_output_port_sec_od(od, lflows); + } ds_destroy(&match); ds_destroy(&actions); From patchwork Thu Jul 16 13:19:24 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330277 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6wQ55W7pz9sDX for ; Thu, 16 Jul 2020 23:41:16 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 1B64088F82; Thu, 16 Jul 2020 13:41:15 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P6madMCOHUiI; Thu, 16 Jul 2020 13:41:09 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by fraxinus.osuosl.org (Postfix) with ESMTP id 0D16F88F16; Thu, 16 Jul 2020 13:41:09 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id E2A4DC1798; Thu, 16 Jul 2020 13:41:08 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by lists.linuxfoundation.org (Postfix) with ESMTP id 034C4C0733 for ; Thu, 16 Jul 2020 13:41:07 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id E77768B120 for ; Thu, 16 Jul 2020 13:41:06 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wbTvKo3b+jnX for ; Thu, 16 Jul 2020 13:41:05 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by whitealder.osuosl.org (Postfix) with ESMTPS id 6E4F28B0FE for ; Thu, 16 Jul 2020 13:41:05 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw48F-0002Bz-Rt for dev@openvswitch.org; Thu, 16 Jul 2020 13:41:04 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3o8-0001Hz-Ag; Thu, 16 Jul 2020 14:20:18 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:24 +0100 Message-Id: <20200716131927.3943-27-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 26/29] Pallelise lrouter flow generation X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Generate lrouter flows in parallel, set threshold to switch between parallel and single threaded to always-parallel for temporary debugging purposes Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 252 ++++++++++++++++++++++++++++++-------------- 1 file changed, 171 insertions(+), 81 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 16c7d62ba..b64c0c1a0 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -47,6 +47,7 @@ #include "unixctl.h" #include "util.h" #include "uuid.h" +#include "fasthmap.h" #include "openvswitch/vlog.h" VLOG_DEFINE_THIS_MODULE(ovn_northd); @@ -4109,7 +4110,7 @@ ovn_lflow_add_at(struct hmap *lflow_map, struct ovn_datapath *od, ovn_lflow_init(lflow, od, stage, priority, xstrdup(match), xstrdup(actions), ovn_lflow_hint(stage_hint), where); - hmap_insert(lflow_map, &lflow->hmap_node, ovn_lflow_hash(lflow)); + hmap_insert_fast(lflow_map, &lflow->hmap_node, ovn_lflow_hash(lflow)); } /* Adds a row with the specified contents to the Logical_Flow table. */ @@ -10754,104 +10755,187 @@ build_lrouter_flows_step_170_op( ds_destroy(&actions); } -static void -build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, - struct hmap *lflows, struct shash *meter_groups, - struct hmap *lbs) -{ - /* This flow table structure is documented in ovn-northd(8), so please - * update ovn-northd.8.xml if you change anything. */ - - struct ovn_datapath *od; - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_0_od(od, lflows); - } - - struct ovn_port *op; - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_0_op(op, lflows); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_10_od(od, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_10_op(op, lflows); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_20_od(od, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_20_op(op, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_30_op(op, lflows); - } - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_40_op(op, lflows); - } +struct lrouter_flow_build_info { + struct hmap *datapaths; + struct hmap *ports; + struct hmap *lflows; + struct shash *meter_groups; + struct hmap *lbs; +}; - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_50_od(od, lflows, lbs, meter_groups); - } - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_50_op(op, lflows); - } +struct lrouter_thread_pool { + struct worker_pool *pool; +}; - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_60_od(od, lflows); - } +static void build_router_flows_od_helper( + struct ovn_datapath *od, + struct hmap *lflows, + struct hmap *lbs, + struct hmap *ports, + struct shash *meter_groups) +{ + build_lrouter_flows_step_0_od(od, lflows); + build_lrouter_flows_step_10_od(od, lflows); + build_lrouter_flows_step_20_od(od, lflows); + build_lrouter_flows_step_50_od(od, lflows, lbs, meter_groups); + build_lrouter_flows_step_60_od(od, lflows); + build_lrouter_flows_step_80_od(od, lflows, ports); + build_lrouter_flows_step_90_od(od, lflows); + build_lrouter_flows_step_100_od(od, lflows, ports); + build_lrouter_flows_step_110_od(od, lflows); + build_lrouter_flows_step_130_od(od, lflows); + build_lrouter_flows_step_140_od(od, lflows, ports); + build_lrouter_flows_step_150_od(od, lflows); + build_lrouter_flows_step_160_od(od, lflows); +} + +static void build_router_flows_op_helper( + struct ovn_port *op, struct hmap *lflows, struct hmap *ports) +{ + build_lrouter_flows_step_0_op(op, lflows); + build_lrouter_flows_step_10_op(op, lflows); + build_lrouter_flows_step_20_op(op, lflows); + build_lrouter_flows_step_30_op(op, lflows); + build_lrouter_flows_step_40_op(op, lflows); + build_lrouter_flows_step_50_op(op, lflows); + build_lrouter_flows_step_70_op(op, lflows); + build_lrouter_flows_step_120_op(op, lflows, ports); + build_lrouter_flows_step_170_op(op, lflows); +} + +static void *build_lrouter_flows_thread(void *arg) { + struct worker_control *control = (struct worker_control *) arg; + struct lrouter_thread_pool *workload; + struct lrouter_flow_build_info *lfbi; + struct ovn_datapath *od; + struct ovn_port *op; + int bnum; + + while (!seize_fire()) { + sem_wait(&control->fire); + workload = (struct lrouter_thread_pool *) control->workload; + lfbi = (struct lrouter_flow_build_info *) control->data; + if (lfbi && workload) { + for (bnum = control->id; + bnum <= lfbi->datapaths->mask; + bnum += workload->pool->size) + { + HMAP_FOR_EACH_IN_PARALLEL ( + od, key_node, bnum, lfbi->datapaths) { + if (seize_fire()) { + return NULL; + } + build_router_flows_od_helper( + od, + lfbi->lflows, + lfbi->lbs, + lfbi->ports, + lfbi->meter_groups); + } + } + for (bnum = control->id; + bnum <= lfbi->ports->mask; + bnum += workload->pool->size) + { + HMAP_FOR_EACH_IN_PARALLEL ( + op, key_node, bnum, lfbi->ports) { + if (seize_fire()) { + return NULL; + } - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_70_op(op, lflows); + build_router_flows_op_helper( + op, + lfbi->lflows, + lfbi->ports); + } + } + atomic_store_relaxed(&control->finished, true); + atomic_thread_fence(memory_order_release); + } + sem_post(control->done); } + return NULL; +} - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_80_od(od, lflows, ports); - } - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_90_od(od, lflows); - } +static struct lrouter_thread_pool *lrouter_pool = NULL; - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_100_od(od, lflows, ports); - } +static void init_lrouter_thread_pool(void) { - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_110_od(od, lflows); - } + int index; - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_120_op(op, lflows, ports); - } + if (!lrouter_pool) { + lrouter_pool = + xmalloc(sizeof(struct lrouter_thread_pool)); + lrouter_pool->pool = + add_worker_pool(build_lrouter_flows_thread); - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_130_od(od, lflows); + for (index = 0; index < lrouter_pool->pool->size; index++) { + lrouter_pool->pool->controls[index].workload = + lrouter_pool; + } } +} - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_140_od(od, lflows, ports); - } +#define OD_CUTOFF 1 +#define OP_CUTOFF 1 - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_150_od(od, lflows); - } +static void +build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, + struct hmap *lflows, struct shash *meter_groups, + struct hmap *lbs) +{ + /* This flow table structure is documented in ovn-northd(8), so please + * update ovn-northd.8.xml if you change anything. */ - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lrouter_flows_step_160_od(od, lflows); - } + if (hmap_count(datapaths) > OD_CUTOFF || hmap_count(ports) > OP_CUTOFF) { + struct hmap *lflow_segs; + struct lrouter_flow_build_info *lfbi; + int index; + init_lrouter_thread_pool(); + + lfbi = xmalloc( + sizeof(struct lrouter_flow_build_info) * lrouter_pool->pool->size); + lflow_segs = xmalloc( + sizeof(struct hmap) * lrouter_pool->pool->size); + + for (index = 0; index < lrouter_pool->pool->size; index++) { + lfbi[index].datapaths = datapaths; + lfbi[index].ports = ports; + lfbi[index].meter_groups = meter_groups; + lfbi[index].lbs = lbs; + fast_hmap_init(&lflow_segs[index], lflows->mask); + lfbi[index].lflows = &lflow_segs[index]; + lrouter_pool->pool->controls[index].data = &lfbi[index]; + } + run_pool_hash(lrouter_pool->pool, lflows, lflow_segs); + free(lflow_segs); + free(lfbi); + } else { + struct ovn_datapath *od; + struct ovn_port *op; - HMAP_FOR_EACH (op, key_node, ports) { - build_lrouter_flows_step_170_op(op, lflows); + HMAP_FOR_EACH (od, key_node, datapaths) { + build_router_flows_od_helper( + od, + lflows, + lbs, + ports, + meter_groups); + } + HMAP_FOR_EACH (op, key_node, ports) { + build_router_flows_op_helper( + op, + lflows, + ports); + } } + } + +static ssize_t max_seen_lflow_size = 128; /* Updates the Logical_Flow and Multicast_Group tables in the OVN_SB database, * constructing their contents based on the OVN_NB database. */ @@ -10862,12 +10946,18 @@ build_lflows(struct northd_context *ctx, struct hmap *datapaths, struct shash *meter_groups, struct hmap *lbs) { - struct hmap lflows = HMAP_INITIALIZER(&lflows); + struct hmap lflows; + + fast_hmap_size_for(&lflows, max_seen_lflow_size); build_lswitch_flows(datapaths, ports, port_groups, &lflows, mcgroups, igmp_groups, meter_groups, lbs); build_lrouter_flows(datapaths, ports, &lflows, meter_groups, lbs); + if (hmap_count(&lflows) > max_seen_lflow_size) { + max_seen_lflow_size = hmap_count(&lflows); + } + /* Push changes to the Logical_Flow table to database. */ const struct sbrec_logical_flow *sbflow, *next_sbflow; SBREC_LOGICAL_FLOW_FOR_EACH_SAFE (sbflow, next_sbflow, ctx->ovnsb_idl) { From patchwork Thu Jul 16 13:19:25 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330288 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6wQh3BLVz9sTS for ; Thu, 16 Jul 2020 23:41:48 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 94DFC8901E; Thu, 16 Jul 2020 13:41:46 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BoVxJe0MxGhd; Thu, 16 Jul 2020 13:41:45 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by fraxinus.osuosl.org (Postfix) with ESMTP id 69514891B7; Thu, 16 Jul 2020 13:41:36 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 1802BC1AE2; Thu, 16 Jul 2020 13:41:36 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id 2CF77C0893 for ; Thu, 16 Jul 2020 13:41:35 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 157EB88EEB for ; Thu, 16 Jul 2020 13:41:35 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SsNxXEj65xNa for ; Thu, 16 Jul 2020 13:41:31 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by fraxinus.osuosl.org (Postfix) with ESMTPS id 1DDBA88F0B for ; Thu, 16 Jul 2020 13:41:27 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw48b-0002D8-FU for dev@openvswitch.org; Thu, 16 Jul 2020 13:41:25 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3oA-0001Hz-5n; Thu, 16 Jul 2020 14:20:20 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:25 +0100 Message-Id: <20200716131927.3943-28-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 27/29] Parallelise lswitch lflow generation X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 285 ++++++++++++++++++++++++++++++++------------ 1 file changed, 211 insertions(+), 74 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index b64c0c1a0..a53b31906 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -7044,6 +7044,8 @@ build_lswitch_flows_step_110_igmp( } } +static struct ovs_mutex mcgroups_lock = OVS_MUTEX_INITIALIZER; + static void build_lswitch_flows_step_120_op( struct ovn_port *op, struct hmap *lflows, struct hmap *mcgroups) @@ -7085,7 +7087,9 @@ build_lswitch_flows_step_120_op( &op->nbsp->header_); } else if (!strcmp(op->nbsp->addresses[i], "unknown")) { if (lsp_is_enabled(op->nbsp)) { + ovs_mutex_lock(&mcgroups_lock); ovn_multicast_add(mcgroups, &mc_unknown, op); + ovs_mutex_unlock(&mcgroups_lock); op->od->has_unknown = true; } } else if (is_dynamic_lsp_address(op->nbsp->addresses[i])) { @@ -7189,87 +7193,234 @@ build_lswitch_flows_step_120_op( ds_destroy(&match); } -static void -build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, - struct hmap *port_groups, struct hmap *lflows, - struct hmap *mcgroups, struct hmap *igmp_groups, - struct shash *meter_groups, - struct hmap *lbs) +#define OD_CUTOFF 1 +#define OP_CUTOFF 1 + +struct lswitch_flow_build_info { + struct hmap *datapaths; + struct hmap *ports; + struct hmap *port_groups; + struct hmap *lflows; + struct hmap *mcgroups; + struct hmap *igmp_groups; + struct shash *meter_groups; + struct hmap *lbs; +}; + +struct lswitch_thread_pool { + struct worker_pool *pool; +}; + +static void build_lswitch_od_helper( + struct ovn_datapath *od, + struct hmap *lflows, + struct hmap *port_groups, + struct shash *meter_groups, + struct hmap *lbs) +{ + build_lswitch_flows_step_0_od( + od, lflows, meter_groups, lbs, port_groups); + build_lswitch_flows_step_10_od(od, lflows); + build_lswitch_flows_step_20_od(od, lflows); + build_lswitch_flows_step_30_od(od, lflows); + build_lswitch_flows_step_50_od(od, lflows); + build_lswitch_flows_step_70_od(od, lflows); + build_lswitch_flows_step_80_od(od, lflows); + build_lswitch_flows_step_100_od(od, lflows); + build_lswitch_output_port_sec_od(od, lflows); +} + +static void build_lswitch_op_helper( + struct ovn_port *op, + struct hmap *lflows, + struct hmap *ports, + struct hmap *mcgroups) { - /* This flow table structure is documented in ovn-northd(8), so please - * update ovn-northd.8.xml if you change anything. */ + build_lswitch_flows_step_30_op(op, lflows); + build_lswitch_flows_step_40_op(op, lflows); + build_lswitch_flows_step_50_op(op, lflows, ports); + build_lswitch_flows_step_60_op(op, lflows); + build_lswitch_flows_step_90_op(op, lflows); + build_lswitch_flows_step_120_op(op, lflows, mcgroups); + build_lswitch_output_port_sec_op(op, lflows); +} - struct ds match = DS_EMPTY_INITIALIZER; - struct ds actions = DS_EMPTY_INITIALIZER; +static void build_lswitch_lb_helper( + struct ovn_lb *lb, + struct hmap *lflows) +{ + build_lswitch_flows_step_50_lb(lb, lflows); +} +static void build_lswitch_igmp_helper( + struct ovn_igmp_group *igmp_group, + struct hmap *lflows) +{ + build_lswitch_flows_step_110_igmp(igmp_group, lflows); +} + +static void *build_lswitch_flows_thread(void *arg) { + struct worker_control *control = (struct worker_control *) arg; + struct lswitch_thread_pool *workload; + struct lswitch_flow_build_info *lsi; struct ovn_datapath *od; struct ovn_port *op; struct ovn_lb *lb; struct ovn_igmp_group *igmp_group; + int bnum; - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lswitch_flows_step_0_od( - od, lflows, meter_groups, lbs, port_groups); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lswitch_flows_step_10_od(od, lflows); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lswitch_flows_step_20_od(od, lflows); - } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lswitch_flows_step_30_op(op, lflows); + while (!seize_fire()) { + sem_wait(&control->fire); + workload = (struct lswitch_thread_pool *) control->workload; + lsi = (struct lswitch_flow_build_info *) control->data; + if (lsi && workload) { + for (bnum = control->id; + bnum <= lsi->datapaths->mask; + bnum += workload->pool->size) + { + HMAP_FOR_EACH_IN_PARALLEL ( + od, key_node, bnum, lsi->datapaths) { + if (seize_fire()) { + return NULL; + } + build_lswitch_od_helper( + od, + lsi->lflows, + lsi->port_groups, + lsi->meter_groups, + lsi->lbs); + } + } + for (bnum = control->id; + bnum <= lsi->ports->mask; + bnum += workload->pool->size) + { + HMAP_FOR_EACH_IN_PARALLEL ( + op, key_node, bnum, lsi->ports) { + if (seize_fire()) { + return NULL; + } + build_lswitch_op_helper(op, + lsi->lflows, + lsi->ports, + lsi->mcgroups); + } + } + for (bnum = control->id; + bnum <= lsi->igmp_groups->mask; + bnum += workload->pool->size) + { + HMAP_FOR_EACH_IN_PARALLEL ( + igmp_group, hmap_node, bnum, lsi->igmp_groups) { + if (seize_fire()) { + return NULL; + } + build_lswitch_igmp_helper(igmp_group, lsi->lflows); + } + } + for (bnum = control->id; + bnum <= lsi->lbs->mask; + bnum += workload->pool->size) + { + HMAP_FOR_EACH_IN_PARALLEL ( + lb, hmap_node, bnum, lsi->lbs) { + if (seize_fire()) { + return NULL; + } + build_lswitch_lb_helper(lb, lsi->lflows); + } + } + atomic_store_relaxed(&control->finished, true); + atomic_thread_fence(memory_order_release); + } + sem_post(control->done); } + return NULL; +} - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lswitch_flows_step_30_od(od, lflows); - } +static struct lswitch_thread_pool *lswitch_pool = NULL; - HMAP_FOR_EACH (op, key_node, ports) { - build_lswitch_flows_step_40_op(op, lflows); - } +static void init_lswitch_pool(void) { - HMAP_FOR_EACH (op, key_node, ports) { - build_lswitch_flows_step_50_op(op, lflows, ports); - } + int index; - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lswitch_flows_step_50_od(od, lflows); - } + if (!lswitch_pool) { + lswitch_pool = + xmalloc(sizeof(struct lswitch_thread_pool)); + lswitch_pool->pool = + add_worker_pool(build_lswitch_flows_thread); - HMAP_FOR_EACH (lb, hmap_node, lbs) { - build_lswitch_flows_step_50_lb(lb, lflows); - } + for (index = 0; index < lswitch_pool->pool->size; index++) { + lswitch_pool->pool->controls[index].workload = + lswitch_pool; + } + } +} - HMAP_FOR_EACH (op, key_node, ports) { - build_lswitch_flows_step_60_op(op, lflows); - } +static void +build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, + struct hmap *port_groups, struct hmap *lflows, + struct hmap *mcgroups, struct hmap *igmp_groups, + struct shash *meter_groups, + struct hmap *lbs) +{ + /* This flow table structure is documented in ovn-northd(8), so please + * update ovn-northd.8.xml if you change anything. */ - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lswitch_flows_step_70_od(od, lflows); - } + struct ovn_datapath *od; - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lswitch_flows_step_80_od(od, lflows); - } + if (hmap_count(datapaths) > OD_CUTOFF || hmap_count(ports) > OP_CUTOFF) { + init_lswitch_pool(); + int index; + struct lswitch_flow_build_info *lsi = xmalloc( + sizeof(struct lswitch_flow_build_info) * + lswitch_pool->pool->size); + struct hmap *lflow_segs = xmalloc( + sizeof(struct hmap) * lswitch_pool->pool->size); + + for (index = 0; index < lswitch_pool->pool->size; index++) { + lsi[index].datapaths = datapaths; + lsi[index].ports = ports; + lsi[index].port_groups = port_groups; + lsi[index].mcgroups = mcgroups; + lsi[index].igmp_groups = igmp_groups; + lsi[index].meter_groups = meter_groups; + lsi[index].lbs = lbs; + fast_hmap_init(&lflow_segs[index], lflows->mask); + lsi[index].lflows = &lflow_segs[index]; + lswitch_pool->pool->controls[index].data = &lsi[index]; + } + run_pool_hash(lswitch_pool->pool, lflows, lflow_segs); + free(lflow_segs); + free(lsi); + } else { + struct ovn_port *op; + struct ovn_lb *lb; + struct ovn_igmp_group *igmp_group; - HMAP_FOR_EACH (op, key_node, ports) { - build_lswitch_flows_step_90_op(op, lflows); - } + HMAP_FOR_EACH (od, key_node, datapaths) { + build_lswitch_od_helper( + od, + lflows, + port_groups, + meter_groups, + lbs); + } - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lswitch_flows_step_100_od(od, lflows); - } + HMAP_FOR_EACH (op, key_node, ports) { + build_lswitch_op_helper(op, + lflows, + ports, + mcgroups); + } - HMAP_FOR_EACH (igmp_group, hmap_node, igmp_groups) { - build_lswitch_flows_step_110_igmp(igmp_group, lflows); - } + HMAP_FOR_EACH (lb, hmap_node, lbs) { + build_lswitch_flows_step_50_lb(lb, lflows); + } - HMAP_FOR_EACH (op, key_node, ports) { - build_lswitch_flows_step_120_op(op, lflows, mcgroups); + HMAP_FOR_EACH (igmp_group, hmap_node, igmp_groups) { + build_lswitch_flows_step_110_igmp(igmp_group, lflows); + } } /* Ingress table 19: Destination lookup for unknown MACs (priority 0). */ @@ -7284,17 +7435,6 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, "outport = \""MC_UNKNOWN"\"; output;"); } } - - HMAP_FOR_EACH (op, key_node, ports) { - build_lswitch_output_port_sec_op(op, lflows); - } - - HMAP_FOR_EACH (od, key_node, datapaths) { - build_lswitch_output_port_sec_od(od, lflows); - } - - ds_destroy(&match); - ds_destroy(&actions); } /* Returns a string of the IP address of the router port 'op' that @@ -10879,9 +11019,6 @@ static void init_lrouter_thread_pool(void) { } } -#define OD_CUTOFF 1 -#define OP_CUTOFF 1 - static void build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, struct hmap *lflows, struct shash *meter_groups, From patchwork Thu Jul 16 13:19:26 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330282 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.133; helo=hemlock.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6wQG5fMTz9sTZ for ; Thu, 16 Jul 2020 23:41:26 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 23887894EC; Thu, 16 Jul 2020 13:41:25 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xsw9A2FXdhzt; Thu, 16 Jul 2020 13:41:22 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by hemlock.osuosl.org (Postfix) with ESMTP id 2119988A74; Thu, 16 Jul 2020 13:41:21 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id E3E07C1818; Thu, 16 Jul 2020 13:41:20 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 5DA08C0893 for ; Thu, 16 Jul 2020 13:41:17 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 5905888B83 for ; Thu, 16 Jul 2020 13:41:17 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bd+TBNoLpQBK for ; Thu, 16 Jul 2020 13:41:13 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by hemlock.osuosl.org (Postfix) with ESMTPS id 10FFB8853B for ; Thu, 16 Jul 2020 13:41:13 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw48N-0002CP-Eu for dev@openvswitch.org; Thu, 16 Jul 2020 13:41:11 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3oC-0001Hz-0x; Thu, 16 Jul 2020 14:20:21 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:26 +0100 Message-Id: <20200716131927.3943-29-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 28/29] Parallel reconciliation of southdb flows X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 196 ++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 178 insertions(+), 18 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index a53b31906..ef188fb88 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -4146,7 +4146,9 @@ static void ovn_lflow_destroy(struct hmap *lflows, struct ovn_lflow *lflow) { if (lflow) { - hmap_remove(lflows, &lflow->hmap_node); + if (lflows) { + hmap_remove(lflows, &lflow->hmap_node); + } free(lflow->match); free(lflow->actions); free(lflow->stage_hint); @@ -11071,6 +11073,120 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports, } } + +struct sbrec_result { + struct ovs_list list_node; + const struct sbrec_logical_flow *sbflow; + struct ovn_lflow *lflow; + ssize_t lflow_hash; +}; + +struct reconcile_info { + struct northd_context *ctx; + struct hmap *lflows; + struct hmap *datapaths; + struct ovs_list results; +}; + +struct lflow_reconciliation_pool { + struct worker_pool *pool; +}; + +static void *reconciliation_thread(void *arg) { + struct worker_control *control = (struct worker_control *) arg; + struct lflow_reconciliation_pool *workload; + struct reconcile_info *ri; + struct sbrec_result *res; + + while (!seize_fire()) { + sem_wait(&control->fire); + workload = (struct lflow_reconciliation_pool *) control->workload; + ri = (struct reconcile_info *) control->data; + if (ri && workload) { + /* Push changes to the Logical_Flow table to database. */ + const struct sbrec_logical_flow *sbflow; + SBREC_LOGICAL_FLOW_PARALLEL_FOR_EACH(sbflow, ri->ctx->ovnsb_idl, control->id, workload->pool->size) { + struct ovn_datapath *od + = ovn_datapath_from_sbrec(ri->datapaths, sbflow->logical_datapath); + res = xmalloc(sizeof(struct sbrec_result)); + + if (!od || ovn_datapath_is_stale(od)) { + res->sbflow = sbflow; + res->lflow = NULL; + ovs_list_push_back(&ri->results, &res->list_node); + continue; + } + + enum ovn_datapath_type dp_type = od->nbs ? DP_SWITCH : DP_ROUTER; + enum ovn_pipeline pipeline + = !strcmp(sbflow->pipeline, "ingress") ? P_IN : P_OUT; + struct ovn_lflow *lflow = ovn_lflow_find( + ri->lflows, od, ovn_stage_build(dp_type, pipeline, sbflow->table_id), + sbflow->priority, sbflow->match, sbflow->actions, sbflow->hash); + if (lflow) { + res->lflow = lflow; + res->sbflow = sbflow; + res->lflow_hash = lflow->hmap_node.hash; + } else { + res->sbflow = sbflow; + res->lflow = NULL; + } + ovs_list_push_back(&ri->results, &res->list_node); + } + atomic_store_relaxed(&control->finished, true); + atomic_thread_fence(memory_order_release); + } + sem_post(control->done); + } + return NULL; +} + +static struct lflow_reconciliation_pool *reconcile_pool = NULL; + +static void init_reconciliation_pool(void) { + + int index; + + if (!reconcile_pool) { + reconcile_pool = + xmalloc(sizeof(struct lflow_reconciliation_pool)); + reconcile_pool->pool = + add_worker_pool(reconciliation_thread); + + for (index = 0; index < reconcile_pool->pool->size; index++) { + reconcile_pool->pool->controls[index].workload = + reconcile_pool; + } + } +} + +/* Removes 'node' from 'hmap' if present. Does not shrink the hash table; call + * hmap_shrink() directly if desired. + * Returns true if the node was found and removed, false otherwise. + * It needs both a node and a hash in order to function even if the node + * has already been freed. + */ +static bool +hmap_safe_remove(struct hmap *hmap, struct hmap_node *node, size_t hash) +{ + struct hmap_node **bucket = &hmap->buckets[hash & hmap->mask]; + + if (!node) { + return false; + } + + while ((*bucket) && (*bucket != node)) { + bucket = &(*bucket)->next; + } + if (*bucket) { + *bucket = node->next; + hmap->n--; + return true; + } + return false; +} + +#define RECONCILE_CUTOFF 1 static ssize_t max_seen_lflow_size = 128; @@ -11084,6 +11200,7 @@ build_lflows(struct northd_context *ctx, struct hmap *datapaths, struct hmap *lbs) { struct hmap lflows; + const struct sbrec_logical_flow *sbflow; fast_hmap_size_for(&lflows, max_seen_lflow_size); @@ -11096,27 +11213,70 @@ build_lflows(struct northd_context *ctx, struct hmap *datapaths, } /* Push changes to the Logical_Flow table to database. */ - const struct sbrec_logical_flow *sbflow, *next_sbflow; - SBREC_LOGICAL_FLOW_FOR_EACH_SAFE (sbflow, next_sbflow, ctx->ovnsb_idl) { - struct ovn_datapath *od - = ovn_datapath_from_sbrec(datapaths, sbflow->logical_datapath); - if (!od || ovn_datapath_is_stale(od)) { - sbrec_logical_flow_delete(sbflow); - continue; + if (hmap_count(&lflows) < RECONCILE_CUTOFF) { + /* Push changes to the Logical_Flow table to database. */ + const struct sbrec_logical_flow *next_sbflow; + SBREC_LOGICAL_FLOW_FOR_EACH_SAFE (sbflow, next_sbflow, ctx->ovnsb_idl) { + struct ovn_datapath *od + = ovn_datapath_from_sbrec(datapaths, sbflow->logical_datapath); + if (!od || ovn_datapath_is_stale(od)) { + sbrec_logical_flow_delete(sbflow); + continue; + } + + enum ovn_datapath_type dp_type = od->nbs ? DP_SWITCH : DP_ROUTER; + enum ovn_pipeline pipeline + = !strcmp(sbflow->pipeline, "ingress") ? P_IN : P_OUT; + struct ovn_lflow *lflow = ovn_lflow_find( + &lflows, od, ovn_stage_build(dp_type, pipeline, sbflow->table_id), + sbflow->priority, sbflow->match, sbflow->actions, sbflow->hash); + if (lflow) { + ovn_lflow_destroy(&lflows, lflow); + } else { + sbrec_logical_flow_delete(sbflow); + } } + } else { + struct reconcile_info *ri; + struct ovs_list *combined_result = NULL; + struct ovs_list **results = NULL; + int index; + init_reconciliation_pool(); - enum ovn_datapath_type dp_type = od->nbs ? DP_SWITCH : DP_ROUTER; - enum ovn_pipeline pipeline - = !strcmp(sbflow->pipeline, "ingress") ? P_IN : P_OUT; - struct ovn_lflow *lflow = ovn_lflow_find( - &lflows, od, ovn_stage_build(dp_type, pipeline, sbflow->table_id), - sbflow->priority, sbflow->match, sbflow->actions, sbflow->hash); - if (lflow) { - ovn_lflow_destroy(&lflows, lflow); - } else { - sbrec_logical_flow_delete(sbflow); + ri = xmalloc(sizeof(struct reconcile_info) * + reconcile_pool->pool->size); + results = xmalloc(sizeof(struct ovs_list *) * + reconcile_pool->pool->size); + + for (index = 0; + index < reconcile_pool->pool->size; index++) { + + ri[index].lflows = &lflows; + ri[index].datapaths = datapaths; + ri[index].ctx = ctx; + ovs_list_init(&ri[index].results); + results[index] = &ri[index].results; + reconcile_pool->pool->controls[index].data = &ri[index]; } + + run_pool_list( + reconcile_pool->pool, + &combined_result, + results); + + struct sbrec_result *res; + LIST_FOR_EACH_POP (res, list_node, combined_result) { + if (hmap_safe_remove(&lflows, &res->lflow->hmap_node, res->lflow_hash)) { + ovn_lflow_destroy(NULL, res->lflow); + } else { + sbrec_logical_flow_delete(res->sbflow); + } + free(res); + } + free(results); + free(ri); + } struct ovn_lflow *lflow, *next_lflow; HMAP_FOR_EACH_SAFE (lflow, next_lflow, hmap_node, &lflows) { From patchwork Thu Jul 16 13:19:27 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Ivanov X-Patchwork-Id: 1330293 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.133; helo=hemlock.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cambridgegreys.com Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B6wRB56GLz9sDX for ; Thu, 16 Jul 2020 23:42:14 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 054A88A697; Thu, 16 Jul 2020 13:42:13 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aUI0+1ZxZhkO; Thu, 16 Jul 2020 13:42:11 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by hemlock.osuosl.org (Postfix) with ESMTP id D664D8A549; Thu, 16 Jul 2020 13:42:03 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id B0ABEC1DA2; Thu, 16 Jul 2020 13:42:03 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 63950C1797 for ; Thu, 16 Jul 2020 13:42:00 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id 46DAD204FA for ; Thu, 16 Jul 2020 13:42:00 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oymav39jHA9Y for ; Thu, 16 Jul 2020 13:41:56 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.kot-begemot.co.uk (ivanoab7.miniserver.com [37.128.132.42]) by silver.osuosl.org (Postfix) with ESMTPS id 26713265AD for ; Thu, 16 Jul 2020 13:41:18 +0000 (UTC) Received: from tun252.jain.kot-begemot.co.uk ([192.168.18.6] helo=jain.kot-begemot.co.uk) by www.kot-begemot.co.uk with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jw48S-0002Cg-P0 for dev@openvswitch.org; Thu, 16 Jul 2020 13:41:16 +0000 Received: from jain.kot-begemot.co.uk ([192.168.3.3]) by jain.kot-begemot.co.uk with esmtp (Exim 4.92) (envelope-from ) id 1jw3oD-0001Hz-QQ; Thu, 16 Jul 2020 14:20:23 +0100 From: anton.ivanov@cambridgegreys.com To: dev@openvswitch.org Date: Thu, 16 Jul 2020 14:19:27 +0100 Message-Id: <20200716131927.3943-30-anton.ivanov@cambridgegreys.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> References: <20200716131927.3943-1-anton.ivanov@cambridgegreys.com> MIME-Version: 1.0 X-Clacks-Overhead: GNU Terry Pratchett Cc: Anton Ivanov Subject: [ovs-dev] [PATCH ovn RFC v3 29/29] Set cut-off values to best guesstimates X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Anton Ivanov This sets the cut-off values for switching between parallel and sequential processing to a reasonable guesstimate. Signed-off-by: Anton Ivanov --- northd/ovn-northd.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index ef188fb88..4d61cdbba 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -7195,8 +7195,8 @@ build_lswitch_flows_step_120_op( ds_destroy(&match); } -#define OD_CUTOFF 1 -#define OP_CUTOFF 1 +#define OD_CUTOFF 64 +#define OP_CUTOFF 4 struct lswitch_flow_build_info { struct hmap *datapaths; @@ -11186,7 +11186,7 @@ hmap_safe_remove(struct hmap *hmap, struct hmap_node *node, size_t hash) return false; } -#define RECONCILE_CUTOFF 1 +#define RECONCILE_CUTOFF 1024 static ssize_t max_seen_lflow_size = 128;