From patchwork Wed Jun 2 16:02:09 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brendan Doyle X-Patchwork-Id: 1486787 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.133; helo=smtp2.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=oracle.com header.i=@oracle.com header.a=rsa-sha256 header.s=corp-2020-01-29 header.b=LyjH/gx4; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=oracle.onmicrosoft.com header.i=@oracle.onmicrosoft.com header.a=rsa-sha256 header.s=selector2-oracle-onmicrosoft-com header.b=iWu7FUHW; dkim-atps=neutral Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4FwDM73QWcz9sCD for ; Thu, 3 Jun 2021 02:02:43 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id C254740379; Wed, 2 Jun 2021 16:02:41 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id enIA3ZoR4j5R; Wed, 2 Jun 2021 16:02:40 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp2.osuosl.org (Postfix) with ESMTP id A4AC24011D; Wed, 2 Jun 2021 16:02:39 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 6F4CAC000D; Wed, 2 Jun 2021 16:02:39 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp2.osuosl.org (smtp2.osuosl.org [IPv6:2605:bc80:3010::133]) by lists.linuxfoundation.org (Postfix) with ESMTP id B5DD4C0001 for ; Wed, 2 Jun 2021 16:02:37 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 9F961402EF for ; Wed, 2 Jun 2021 16:02:37 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5NkWR2ew9I5K for ; Wed, 2 Jun 2021 16:02:36 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from userp2120.oracle.com (userp2120.oracle.com [156.151.31.85]) by smtp2.osuosl.org (Postfix) with ESMTPS id 4946D4025F for ; Wed, 2 Jun 2021 16:02:36 +0000 (UTC) Received: from pps.filterd (userp2120.oracle.com [127.0.0.1]) by userp2120.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 152Fxrsc156907 for ; Wed, 2 Jun 2021 16:02:35 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=to : from : subject : message-id : date : content-type : mime-version; s=corp-2020-01-29; bh=GXCjYLZMh375LhdNNFD8yNkKshFJe8nhgQMOleOhMfg=; b=LyjH/gx4BjFRO1eMRcB/Hiab2yH1a0kN96mgrv40QY0S6mAQBm3S3ebo2O77RlCMoSkq fNRhUSVG9KS6ImtCnnWIp43gdcyg7K1oSkN6jj/a0kS5ShRLlxWC9NEO7Ly2CroRj+dw Bp8izSsFM+yy8ehokY7HV3lbZ0p5IZclTRRR+S+XZ+Z3OPCsXW6cMzElVXHoTlXBiNpj 3pNDhoLRsRNVdsrm05To8P+vw0V4GiiFmVPKJMvKS+L9BROvPTIVeTj6naavwzg1ILxS QSXxFqM6rQFVankBuA1BykLvsjIWNmCLhIrPoAmsaZcigfnNv+aoCg5WzZMv6ljv+GfB Cg== Received: from aserp3020.oracle.com (aserp3020.oracle.com [141.146.126.70]) by userp2120.oracle.com with ESMTP id 38ue8ph0w0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Wed, 02 Jun 2021 16:02:34 +0000 Received: from pps.filterd (aserp3020.oracle.com [127.0.0.1]) by aserp3020.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 152G1QGn058958 for ; Wed, 2 Jun 2021 16:02:34 GMT Received: from nam11-co1-obe.outbound.protection.outlook.com (mail-co1nam11lp2171.outbound.protection.outlook.com [104.47.56.171]) by aserp3020.oracle.com with ESMTP id 38udecap2p-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Wed, 02 Jun 2021 16:02:33 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WLmf+YZJjqF1F9O/J7pH4RSN+JOBem6BORmhxoy7qaOgz72vqGfWkdzTHXmmXrpLT9ENCjYSsn7yRh5KOmQgMx2qe5/RcGQ+v+iufCzAnwreL81ke9dg+ncUVnGdObAwkaJCEFwreGA2Ms/tGLo43cIsS1uIaKoz794jZornk5Xbdz3bdIY/dsdAGyAIVZl9JNO+nv9yYc+K72HEb4X5gFYIOrrX7dmBbXuY2rJ4HULszQskxtNF/TMowZvIIbOWGbpgrmAhT8bypmLfX24m5rcHaUbMyhf8FZoL4w63ex4eaZ5BaLC0szOwazo6Ia2gLR+CmquGhEKC9SX1hnM3bw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GXCjYLZMh375LhdNNFD8yNkKshFJe8nhgQMOleOhMfg=; b=S2Lr+UpX2KCqmQcLJrYqMEylSfwmlCgmkn1xkxWkIrCDiJAGcfxTH8LjNyomn1t5BNeHBx2jlycDUCUBjpMV/zraMwDM6vPq/SYokXsaeXOWmKHnPtxNLTGzdkzyybplIEiT1QFbPK2TTajE37HahsW5Pcy34Ex0T3rsZLhKAXvrHx6Mf85WiSNDVcw9owtIX8QP4lIFPapPKZr/Xm44NEZniQQ7qTAj3jX2/XLjulp/Cuzj2MBUErsiN2C6VCkdhQ2CN9MEEjFEbVK4hN7r2pFUDfzV3xjzMOkVNxY31cV7F0mq/B4aQO0DD0xwIeMygaA1vKHWA0IOYvOw8S2Qgw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GXCjYLZMh375LhdNNFD8yNkKshFJe8nhgQMOleOhMfg=; b=iWu7FUHWy3xbgslyhTBJ6SmbQsR1WZyznfJxSnGl1bEAsDdRpgEX7lU3gC38JHiC48zN7BiAGfLOkM+Z1Acw/8GcyOuEfgv2OYpcyyhW/d8uI9kF2cmwVjYGed6TFGRj7IwL96+Mt5uTVyx/XjcE/i8/Fh+/JjvCsHqzIOBR3JA= Authentication-Results: openvswitch.org; dkim=none (message not signed) header.d=none; openvswitch.org; dmarc=none action=none header.from=oracle.com; Received: from CO1PR10MB4723.namprd10.prod.outlook.com (2603:10b6:303:9c::20) by MWHPR10MB1805.namprd10.prod.outlook.com (2603:10b6:300:112::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.24; Wed, 2 Jun 2021 16:02:15 +0000 Received: from CO1PR10MB4723.namprd10.prod.outlook.com ([fe80::c416:12b1:2617:fbe0]) by CO1PR10MB4723.namprd10.prod.outlook.com ([fe80::c416:12b1:2617:fbe0%6]) with mapi id 15.20.4173.030; Wed, 2 Jun 2021 16:02:15 +0000 To: dev@openvswitch.org From: Brendan Doyle Organization: Oracle Corporation Message-ID: Date: Wed, 2 Jun 2021 17:02:09 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.10.2 Content-Language: en-US X-Originating-IP: [138.3.204.10] X-ClientProxiedBy: LO4P123CA0291.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:196::8) To CO1PR10MB4723.namprd10.prod.outlook.com (2603:10b6:303:9c::20) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from [10.175.80.138] (138.3.204.10) by LO4P123CA0291.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:196::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4195.15 via Frontend Transport; Wed, 2 Jun 2021 16:02:14 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 7a36f905-ddae-4b49-cab5-08d925dfca3e X-MS-TrafficTypeDiagnostic: MWHPR10MB1805: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:5236; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 2wR9denusvWgQBO8G0SozfILBMsC7+9Nwo8j8caEcw6pc0Cp4DzeU5tTJ74PeB02JIwNX4yS/580VKRUH3BDnR365EwfkmvOrw5TjICjlXEVAicHMcyJmp5Km0JrZVz84YcALECvmHzkXpr96VV8mymXyJq4XdWoezJB1kpi7tfY+Np1dmdbzxAJ4CbiGUCtTl+WTZDnyah0EY51c4YxovP6r24HoiJs3F4i5o5QJBKhwS65V3tZMSJfQKkJEJk9HPC6Gsf8wrKxS8n4lNjsnoZ/m3RraDcUpfkaCbJbUvooO35Es2aXVAjg+I5rcP/VMO+e2Cow/4ETXwy8qcrydDEEYT7fDpbvkZGOkv5E46MhvcyUfqjEaCZv56jRqO8IoZUccDoMyceB9+lMu6HVhOC6f8cm4sO1gAPrIj62U7i2QlBKvL9k4Suxtl/721Fqq4Td4InUZ+L/hkVhue+rQS5kT8ZWvLI28gzkjKnwPcgXEh+LunXKP328MkxnZhouoQbRF1xng6EAkwKkwWMHNRkugVNRNjymOzyDRoKwrDd70g/+HD6D2uply6n3XlR+1rLmJkIxb8MMNIeNSn7i1nf/4+GP5ymAocnRv2/GBn4XRqXgqZxcOTHafjQmmZeFORn/vLBSOGm1kFwqdYzA8FJQ78AULBoL8gpzvxcg093oZhwXgj6ok3H8E33nvT5R X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO1PR10MB4723.namprd10.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(376002)(39860400002)(346002)(396003)(136003)(5660300002)(44832011)(36756003)(66556008)(26005)(6486002)(30864003)(6916009)(66476007)(8676002)(38100700002)(16526019)(33964004)(31696002)(36916002)(31686004)(86362001)(83380400001)(66574015)(2906002)(8936002)(16576012)(186003)(2616005)(316002)(956004)(6666004)(66946007)(478600001)(53546011)(45980500001)(43740500002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?utf-8?q?CtMKFSUjXJWgoWvSZpJCEeu85Li6R8?= =?utf-8?q?8UxBXnl0sTka6ffqu3LaPdWFOkLkNTH/BBBachrIC90KVc4zdFRcXDfuNWhialqN9?= =?utf-8?q?QymqwVzuA2KuWY0dSWAX6mxXN/JKcSAgoVSVSsbtdLy3dzOX9wM7lbjvrOvaDz5jx?= =?utf-8?q?sEwhwbnAW43w4mLnrIPJ6AORGkyPNmejE6iOMjfKi5IQ1XA21f8po5wUJ/Zm/jgO7?= =?utf-8?q?50Bmw6bXbBXMhwvG1js/sXEhX0/2InUMS+qZOmIsTwommlyvzKKQtiY30g8pjUSZf?= =?utf-8?q?HKhYaQbHycXWkZqhYBJbtfKHKdXpli4/LWeUaibE/KmHr45N24ha6q2R2hvXGK5Yr?= =?utf-8?q?AFMlhElTbg6j3QDwUzulJjzZ3fTL5WIkY2sgcHxEwXlOnntM+nbhAbBlRGNCAUXSs?= =?utf-8?q?edVBKvwKXAx/nPvh+77cLCKNh6PcwXBaSMNnosqbDY50rZYPA87yqVOsERWtFyDEr?= =?utf-8?q?ADZPx2a0mfm21iDOm5nKhy65b4paTT6sGExySAyguW4aJwu0wtm+rBhS53me3FZ+V?= =?utf-8?q?5HnvrQPgAY7nWR/xfn4r+hBypizFYQWEh0LlN0nQcnigyLtO1MiNfGHdJEOn3U4rs?= =?utf-8?q?j/adU7IelxluiE0SNmPDIcouNT3hq2eqL4f8oWy6e+ShqXpS2rpEUp3bO4yl7GR7t?= =?utf-8?q?qTwqSakXJ4uoMANnv1wBuwzEf3EOVwnyCU05eOiM7R8cODLJAKcN8rfxGIXG5MmAF?= =?utf-8?q?iN5r3srpWMs2Bpi77YuCQv7+7FU4P1KC6Tckq76bqC/CwAt+B0SoI4kpBSrQfM78d?= =?utf-8?q?nZcxEDr3Ijv9Z214pymgR8g5uONcZxSFF4hBKIURyNmwaCmrGeC0FJYsrSOpt74Np?= =?utf-8?q?+m0k0LfpcDWWAlLYlcgmkwHvlSSvxzLY3ExLKU2WbR5vUsB5IulFh2dUlQ9Yh82kT?= =?utf-8?q?WrC2QmFNqOrVbV/+8l7BwSSdU9I7DgQPCsmd4mFnHuTIfHJvgXqzOrT0VEaQ1v+DT?= =?utf-8?q?HwPNKq162ur9SU4V9N2lc87Xyejdc4jBZ4zS06bjJVI5n1O+hVE6HO6raCMNiyDmi?= =?utf-8?q?8+z+4R8WOuhbOdzGhZis8QGZJslph71LciqVLY/legiTWAuYmgNdkg1kBXpTV5w/Q?= =?utf-8?q?9tGHlFG3PNFtV+/FUy798eo8NdMBRq9bGst16CNPATU5OITt8IsYsDDUvX2rnbfs3?= =?utf-8?q?N7p6sqMHawENqKE/ZIHwuXzoVVMpLsp/9H8DfAry0CC4oQ6XAqwyiO/C3yCeC+k8w?= =?utf-8?q?F88nwdOaJyWCRwDFe1Hl2lZ1Rhl0V2MT3cTtPfqAFXeEzShjU22oXb0ahoNj32OwN?= =?utf-8?q?9BvCH8hQbOaWEZ?= X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: 7a36f905-ddae-4b49-cab5-08d925dfca3e X-MS-Exchange-CrossTenant-AuthSource: CO1PR10MB4723.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Jun 2021 16:02:15.1758 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: ZwSsgza0cb/542KDK05cqq8eEyvV4loQMRhpK33SlzsUBo37xLnsp7VQSfsYHvJu3Uun2Or28cdSqT0w80g6Pt751PgyygcfOArmnM7ZAtg= X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR10MB1805 X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=10003 signatures=668682 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 malwarescore=0 mlxscore=0 phishscore=0 suspectscore=0 spamscore=0 mlxlogscore=999 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104190000 definitions=main-2106020101 X-Proofpoint-GUID: E4wf3QicLoca2Ej5cwC1WGL_CLkHOeU5 X-Proofpoint-ORIG-GUID: E4wf3QicLoca2Ej5cwC1WGL_CLkHOeU5 X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=10003 signatures=668682 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxscore=0 impostorscore=0 malwarescore=0 adultscore=0 suspectscore=0 lowpriorityscore=0 spamscore=0 bulkscore=0 phishscore=0 priorityscore=1501 clxscore=1015 mlxlogscore=999 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104190000 definitions=main-2106020101 X-Content-Filtered-By: Mailman/MimeDel 2.1.15 Subject: [ovs-dev] [PATCH ovn] ovn-northd.c: Add proxy ARP support to OVN X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From a9d3140845175edb7644b2d0d82a95bd6cf94662 Mon Sep 17 00:00:00 2001 From: Brendan Doyle Date: Fri, 28 May 2021 10:01:17 -0700 Subject: [PATCH ovn] ovn-northd.c: Add proxy ARP support to OVN This patch provides the ability to configure proxy ARP IPs on a Logical Switch Router port. The IPs are added as Options for router ports. This provides a useful feature where traffic for a service must be sent to an address in a logical network address space, but the service is provided in a different network. For example an NFS service is provide to Logical networks at an address in their Logical network space, but the NFS server resides in a physical network. A Logical switch Router port can be configured to respond to ARP requests sent to the service "Logical address", the Logical Router/Gateway can then be configured to forward the traffic to the underlay/physical network. Signed-off-by: Brendan Doyle --- northd/ovn-northd.c | 38 +++++++++++++++++++ ovn-nb.xml | 9 +++++ tests/ovn.at | 103 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 150 insertions(+) -- 1.8.3.1 diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 0e5092a..a377e83 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -6943,6 +6943,7 @@ build_lswitch_arp_nd_responder_known_ips(struct ovn_port *op, struct ds *match) { if (op->nbsp) { + const char *arp_proxy; if (!strcmp(op->nbsp->type, "virtual")) { /* Handle * - GARPs for virtual ip which belongs to a logical port @@ -7096,6 +7097,43 @@ build_lswitch_arp_nd_responder_known_ips(struct ovn_port *op, } } } + + /* + * Add responses for ARP proxies. + */ + arp_proxy = smap_get(&op->nbsp->options,"arp_proxy"); + if (arp_proxy && op->peer) { + char *ips, *ip, *rest; + + ips = xstrdup(arp_proxy); + rest = ips; + + while ((ip = strtok_r(rest,",", &rest))) { + ds_clear(match); + ds_put_format(match, "arp.tpa == %s && arp.op == 1", ip); + + ds_clear(actions); + ds_put_format(actions, + "eth.dst = eth.src; " + "eth.src = %s; " + "arp.op = 2; /* ARP reply */ " + "arp.tha = arp.sha; " + "arp.sha = %s; " + "arp.tpa = arp.spa; " + "arp.spa = %s; " + "outport = inport; " + "flags.loopback = 1; " + "output;", + op->peer->lrp_networks.ea_s, + op->peer->lrp_networks.ea_s, + ip); + + ovn_lflow_add_with_hint(lflows, op->od, S_SWITCH_IN_ARP_ND_RSP, + 50, ds_cstr(match), ds_cstr(actions), + &op->nbsp->header_); + } + free(ips); + } } } diff --git a/ovn-nb.xml b/ovn-nb.xml index 02fd216..4b6c183 100644 --- a/ovn-nb.xml +++ b/ovn-nb.xml @@ -848,6 +848,15 @@ + + + Optional. A comma separated list IPv4 addresses that this + logical switch router port will reply to ARP requests. + Example: 169.254.239.254,169.254.239.2. The + 's logical router should + have a route to forward packets sent to configured proxy ARP IPs to + an appropriate destination. + diff --git a/tests/ovn.at b/tests/ovn.at index 2c3c36d..c675cc9 100644 --- a/tests/ovn.at +++ b/tests/ovn.at @@ -26527,3 +26527,106 @@ AT_CHECK([test $(ovn-appctl -t ovn-controller coverage/read-counter lflow_run) = OVN_CLEANUP([hv1]) AT_CLEANUP ]) + +OVN_FOR_EACH_NORTHD([ +AT_SETUP([ovn -- proxy-arp: 1 HVs, 1 LSs, 1 lport/LS, 1 LR]) +AT_KEYWORDS([proxy-arp]) +ovn_start + +# Logical network: +# One LR - lr1 has switch ls1 (192.16.1.0/24) connected to it, +# and and one HV with IP 192.16.1.6. + +ovn-nbctl lr-add lr1 +ovn-nbctl ls-add ls1 + +# Connect ls1 to lr1 +ovn-nbctl lrp-add lr1 ls1 00:00:00:01:02:f1 192.16.1.1/24 +ovn-nbctl lsp-add ls1 rp-ls1 -- set Logical_Switch_Port rp-ls1 \ + type=router options:router-port=ls1 addresses=\"00:00:00:01:02:f1\" + +# Create logical port ls1-lp1 in ls1 +ovn-nbctl lsp-add ls1 ls1-lp1 \ +-- lsp-set-addresses ls1-lp1 "00:00:00:01:02:03 192.16.1.6" + + +# Create one hypervisor and create OVS ports corresponding to logical ports. +net_add n1 + +sim_add pa-hv +as pa-hv +ovs-vsctl add-br br-phys +ovn_attach n1 br-phys 192.16.0.1 + +# Note: tx/rx are with respect to the LS port, so +# tx on switch port is HV rx, etc. +ovs-vsctl -- add-port br-int vif1 -- \ + set interface vif1 external-ids:iface-id=ls1-lp1 \ + options:tx_pcap=pa-hv/vif1-tx.pcap \ + options:rxq_pcap=pa-hv/vif1-rx.pcap \ + ofport-request=1 + +# And proxy ARP flows for 69.254.239.254 and 169.254.239.2 +# and check that SB flows have been added. +ovn-nbctl --wait=hv add Logical_Switch_Port rp-ls1 \ +options arp_proxy='"169.254.239.254,169.254.239.2"' +ovn-sbctl dump-flows > sbflows +AT_CAPTURE_FILE([sbflows]) + +AT_CHECK([ovn-sbctl dump-flows | grep ls_in_arp_rsp | grep "169.254.239.2" | wc -l], [0], [dnl +2 +]) + +# Remove and check that the flows have been removed +ovn-nbctl --wait=hv remove Logical_Switch_Port rp-ls1 options arp_proxy='"169.254.239.254,169.254.239.2"' + +AT_CHECK([ovn-sbctl dump-flows | grep ls_in_arp_rsp | grep "169.254.239.2" | wc -l], [0], [dnl +0 +]) + +# Add the flows back send arp request and check we see an ARP response +ovn-nbctl --wait=hv add Logical_Switch_Port rp-ls1 \ +options arp_proxy='"169.254.239.254,169.254.239.2"' + +ls1_p1_mac=00:00:00:01:02:03 +ls1_p1_ip=192.16.1.6 + +ls1_ro_mac=00:00:00:01:02:f1 +ls1_ro_ip=192.168.1.1 + +proxy_ip1=169.254.239.254 +proxy_ip2=169.254.239.2 + +bcast_mac=ff:ff:ff:ff:ff:ff + +# Send ARP request for 169.254.239.254 +packet="inport==\"ls1-lp1\" && eth.src==$ls1_p1_mac && eth.dst==$bcast_mac && + arp.op==1 && arp.sha==$ls1_p1_mac && arp.spa==$ls1_p1_ip && + arp.tha==$bcast_mac && arp.tpa==$proxy_ip1" + +as pa-hv ovs-appctl -t ovn-controller inject-pkt "$packet" + +ovs-ofctl dump-flows br-int| grep 169.254.239.254 | grep priority=50 > debug1 +AT_CAPTURE_FILE([debug1]) + + +# Check if packet hit the ARP reply ovs flow +AT_CHECK([ovs-ofctl dump-flows br-int | \ + grep "169.254.239.254" | \ + grep "priority=50" | \ + grep "arp_op=1" | \ + grep "n_packets=1" | wc -l], [0], [dnl +1 +]) + +# Check that the HV gets an ARP reply +expected="eth.src==$ls1_ro_mac && eth.dst==$ls1_p1_mac && + arp.op==2 && arp.sha==$ls1_ro_mac && arp.spa==$proxy_ip1 && + arp.tha==$ls1_p1_mac && arp.tpa==$ls1_p1_ip" +echo $expected | ovstest test-ovn expr-to-packets > expected + +OVN_CHECK_PACKETS([pa-hv/vif1-tx.pcap], [expected]) + +OVN_CLEANUP([pa-hv]) +AT_CLEANUP +])