From patchwork Fri May 16 12:46:45 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Dumitru Ceara X-Patchwork-Id: 2086730 X-Patchwork-Delegate: amusil@redhat.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=Vkbq9ye7; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.133; helo=smtp2.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org) Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4ZzS181BP4z1yXB for ; Fri, 16 May 2025 23:02:51 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 5950240C53; Fri, 16 May 2025 13:03:05 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id Mc9huJhTA08S; Fri, 16 May 2025 13:03:04 +0000 (UTC) X-Comment: SPF check N/A for local connections - client-ip=140.211.9.56; helo=lists.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver= DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 5DC164044F Authentication-Results: smtp2.osuosl.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=Vkbq9ye7 Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp2.osuosl.org (Postfix) with ESMTPS id 5DC164044F; Fri, 16 May 2025 13:03:04 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 4F6A2C007B; Fri, 16 May 2025 13:03:04 +0000 (UTC) X-Original-To: ovs-dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138]) by lists.linuxfoundation.org (Postfix) with ESMTP id 41CE8C0009 for ; Fri, 16 May 2025 13:03:03 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 2855483CEC for ; Fri, 16 May 2025 13:03:03 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id KuBKhAeuiWqF for ; Fri, 16 May 2025 13:03:02 +0000 (UTC) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=170.10.129.124; helo=us-smtp-delivery-124.mimecast.com; envelope-from=dceara@redhat.com; receiver= DMARC-Filter: OpenDMARC Filter v1.4.2 smtp1.osuosl.org 1132D8145D Authentication-Results: smtp1.osuosl.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org 1132D8145D Authentication-Results: smtp1.osuosl.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=Vkbq9ye7 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by smtp1.osuosl.org (Postfix) with ESMTPS id 1132D8145D for ; Fri, 16 May 2025 13:03:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1747400580; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=UkbD76yI8AmLxBXcvp1q5K+83DkLarbCvr8RVJzagvU=; b=Vkbq9ye7Z6p4Ym6aQnliJvPrDs2z7SGIvBtS8aaZRyUTuuM02XJLvgpBJXTbSIgP/86spe lKSbiPPJ9D6Hze7bh6fHfYY7pE3aBvKwxcECZ6B4AzCQ0gnZXyStfHd8mhUOYKezEb6gd6 VdSPssBOETUnMTVGhdMARLyfIILfc0I= Received: from mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-677-0swN-0NsNcK0Jo_DCSi8zw-1; Fri, 16 May 2025 09:02:56 -0400 X-MC-Unique: 0swN-0NsNcK0Jo_DCSi8zw-1 X-Mimecast-MFC-AGG-ID: 0swN-0NsNcK0Jo_DCSi8zw_1747400575 Received: from mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.111]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id BCD1319560A5; Fri, 16 May 2025 13:02:55 +0000 (UTC) Received: from cecil-rh.redhat.com (unknown [10.44.33.106]) by mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 4A488180047F; Fri, 16 May 2025 13:02:53 +0000 (UTC) To: ovs-dev@openvswitch.org Date: Fri, 16 May 2025 14:46:45 +0200 Message-ID: <20250516124645.196384-1-dceara@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.111 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: Wi1YCwGRtCyOjTJ7LmrKjw6bnYx4WI1LN9HYewQtTfY_1747400575 X-Mimecast-Originator: redhat.com Subject: [ovs-dev] [PATCH ovn] northd: Sample_Collector.set_ids can actually be 32-bit values. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Dumitru Ceara via dev From: Dumitru Ceara Reply-To: Dumitru Ceara Cc: trantrongdat7900@gmail.com Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" These get matched against OVS Flow_Sample_Collector.ID which is a 32-bit value. OVN doesn't store the set_id anywhere (in conntrack) so there's no reason to artificially limit this. Also update the documentation of the NB.Sample_Collector.set_id field. Reported-at: https://mail.openvswitch.org/pipermail/ovs-discuss/2025-May/053640.html Reported-by: Trọng Đạt Trần Fixes: d15b12da6fe6 ("northd: Add ACL Sampling.") Signed-off-by: Dumitru Ceara --- northd/northd.c | 12 ++++++------ ovn-nb.xml | 2 +- tests/system-ovn.at | 16 ++++++++-------- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/northd/northd.c b/northd/northd.c index 7b05147b41..486da8c3e1 100644 --- a/northd/northd.c +++ b/northd/northd.c @@ -6798,11 +6798,11 @@ build_acl_sample_action(struct ds *actions, const struct nbrec_acl *acl, for (size_t i = 0; i < sample->n_collectors; i++) { ds_put_format(actions, "sample(probability=%"PRIu16"," - "collector_set=%"PRIu8"," + "collector_set=%"PRIu32"," "obs_domain=%"PRIu32"," "obs_point=%"PRIu32");", (uint16_t) sample->collectors[i]->probability, - (uint8_t) sample->collectors[i]->set_id, + (uint32_t) sample->collectors[i]->set_id, domain_id, point_id); } ds_put_cstr(actions, " next;"); @@ -7066,12 +7066,12 @@ build_acl_sample_generic_new_flows(const struct ovn_datapath *od, (uint8_t) obs_stage); ds_put_format(actions, "sample(probability=%"PRIu16"," - "collector_set=%"PRIu8"," + "collector_set=%"PRIu32"," "obs_domain=%"PRIu32"," "obs_point="REG_OBS_POINT_ID_NEW");" " next;", (uint16_t) coll->probability, - (uint8_t) coll->set_id, + (uint32_t) coll->set_id, sample_domain_id); ovn_lflow_add(lflows, od, stage, stateful ? 1000 : 900, ds_cstr(match), @@ -7105,12 +7105,12 @@ build_acl_sample_generic_est_flows(const struct ovn_datapath *od, (uint8_t) obs_stage); ds_put_format(actions, "sample(probability=%"PRIu16"," - "collector_set=%"PRIu8"," + "collector_set=%"PRIu32"," "obs_domain=%"PRIu32"," "obs_point=ct_label.obs_point_id);" " next;", (uint16_t) coll->probability, - (uint8_t) coll->set_id, + (uint32_t) coll->set_id, sample_domain_id); ovn_lflow_add(lflows, od, stage, 1000, ds_cstr(match), diff --git a/ovn-nb.xml b/ovn-nb.xml index 4396023a4b..b846d21fbe 100644 --- a/ovn-nb.xml +++ b/ovn-nb.xml @@ -553,7 +553,7 @@ sampled while a value of 65535 corresponds to all packets being sampled. - The 8-bit integer identifier of the set of of collectors to send + The 32-bit integer identifier of the set of of collectors to send packets to. See Flow_Sample_Collector_Set Table in ovs-vswitchd's database schema. diff --git a/tests/system-ovn.at b/tests/system-ovn.at index 1dccefb094..59f16ec22f 100644 --- a/tests/system-ovn.at +++ b/tests/system-ovn.at @@ -13413,7 +13413,7 @@ ADD_VETH(vm1, vm1, br-int, "42.42.42.2/24", "00:00:00:00:00:01", "42.42.42.1") ADD_NAMESPACES(vm2) ADD_VETH(vm2, vm2, br-int, "42.42.42.3/24", "00:00:00:00:00:02", "42.42.42.1") -collector1=$(ovn-nbctl create Sample_Collector id=1 name=c1 probability=65535 set_id=100) +collector1=$(ovn-nbctl create Sample_Collector id=1 name=c1 probability=65535 set_id=4294967295) collector2=$(ovn-nbctl create Sample_Collector id=2 name=c2 probability=65535 set_id=200) check_row_count nb:Sample_Collector 2 @@ -13479,7 +13479,7 @@ OVS_WAIT_UNTIL([grep -q 'Startup nfcapd.' collector.err]) dnl Configure the OVS flow sample collector. ovs-vsctl --id=@br get Bridge br-int \ -- --id=@ipfix create IPFIX targets=\"127.0.0.1:4242\" template_interval=1 \ - -- --id=@cs create Flow_Sample_Collector_Set id=100 bridge=@br ipfix=@ipfix + -- --id=@cs create Flow_Sample_Collector_Set id=4294967295 bridge=@br ipfix=@ipfix check ovn-nbctl --wait=hv sync dnl And wait for it to be up and running. @@ -13610,7 +13610,7 @@ ADD_VETH(vm1, vm1, br-int, "42.42.42.2/24", "00:00:00:00:00:01", "42.42.42.1") ADD_NAMESPACES(vm2) ADD_VETH(vm2, vm2, br-int, "42.42.42.3/24", "00:00:00:00:00:02", "42.42.42.1") -collector1=$(ovn-nbctl create Sample_Collector id=1 name=c1 probability=65535 set_id=100) +collector1=$(ovn-nbctl create Sample_Collector id=1 name=c1 probability=65535 set_id=4294967295) check_row_count nb:Sample_Collector 1 check_uuid ovn-nbctl create Sampling_App type="acl-new" id="42" @@ -13648,7 +13648,7 @@ OVS_WAIT_UNTIL([grep -q 'Startup nfcapd.' collector.err]) dnl Configure the OVS flow sample collector. ovs-vsctl --id=@br get Bridge br-int \ -- --id=@ipfix create IPFIX targets=\"127.0.0.1:4242\" template_interval=1 \ - -- --id=@cs create Flow_Sample_Collector_Set id=100 bridge=@br ipfix=@ipfix + -- --id=@cs create Flow_Sample_Collector_Set id=4294967295 bridge=@br ipfix=@ipfix check ovn-nbctl --wait=hv sync dnl And wait for it to be up and running. @@ -13737,7 +13737,7 @@ ADD_VETH(vm1, vm1, br-int, "42.42.42.2/24", "00:00:00:00:00:01", "42.42.42.1") ADD_NAMESPACES(vm2) ADD_VETH(vm2, vm2, br-int, "42.42.42.3/24", "00:00:00:00:00:02", "42.42.42.1") -collector1=$(ovn-nbctl create Sample_Collector id=1 name=c1 probability=65535 set_id=100) +collector1=$(ovn-nbctl create Sample_Collector id=1 name=c1 probability=65535 set_id=4294967295) check_row_count nb:Sample_Collector 1 check_uuid ovn-nbctl create Sampling_App type="acl-new" id="42" @@ -13773,7 +13773,7 @@ OVS_WAIT_UNTIL([grep -q 'Startup nfcapd.' collector.err]) dnl Configure the OVS flow sample collector. ovs-vsctl --id=@br get Bridge br-int \ -- --id=@ipfix create IPFIX targets=\"127.0.0.1:4242\" template_interval=1 \ - -- --id=@cs create Flow_Sample_Collector_Set id=100 bridge=@br ipfix=@ipfix + -- --id=@cs create Flow_Sample_Collector_Set id=4294967295 bridge=@br ipfix=@ipfix check ovn-nbctl --wait=hv sync dnl And wait for it to be up and running. @@ -13867,7 +13867,7 @@ check ovn-nbctl --wait=sb sync ADD_NAMESPACES(vm1) ADD_VETH(vm1, vm1, br-int, "42.42.42.2/24", "00:00:00:00:00:01", "42.42.42.1") -collector1=$(ovn-nbctl create Sample_Collector id=1 name=c1 probability=65535 set_id=100) +collector1=$(ovn-nbctl create Sample_Collector id=1 name=c1 probability=65535 set_id=4294967295) collector2=$(ovn-nbctl create Sample_Collector id=2 name=c2 probability=65535 set_id=200) check_row_count nb:Sample_Collector 2 @@ -13902,7 +13902,7 @@ OVS_WAIT_UNTIL([grep -q 'Startup nfcapd.' collector.err]) dnl Configure the OVS flow sample collector. ovs-vsctl --id=@br get Bridge br-int \ -- --id=@ipfix create IPFIX targets=\"127.0.0.1:4242\" template_interval=1 \ - -- --id=@cs create Flow_Sample_Collector_Set id=100 bridge=@br ipfix=@ipfix + -- --id=@cs create Flow_Sample_Collector_Set id=4294967295 bridge=@br ipfix=@ipfix check ovn-nbctl --wait=hv sync dnl And wait for it to be up and running.