@@ -2291,27 +2291,31 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
free(match);
free(actions);
- /* ARP handling for external IP addresses.
- *
- * DNAT IP addresses are external IP addresses that need ARP
- * handling. */
+ bool snat_ip_is_router_ip = false;
for (int i = 0; i < op->od->nbr->n_nat; i++) {
const struct nbrec_nat *nat;
nat = op->od->nbr->nat[i];
- if(!strcmp(nat->type, "snat")) {
- continue;
- }
-
ovs_be32 ip;
if (!ip_parse(nat->external_ip, &ip) || !ip) {
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(5, 1);
- VLOG_WARN_RL(&rl, "bad ip address %s in dnat configuration "
+ VLOG_WARN_RL(&rl, "bad ip address %s in nat configuration "
"for router %s", nat->external_ip, op->key);
continue;
}
+ if (!strcmp(nat->type, "snat")) {
+ if (ip == op->ip) {
+ snat_ip_is_router_ip = true;
+ }
+ continue;
+ }
+
+ /* ARP handling for external IP addresses.
+ *
+ * DNAT IP addresses are external IP addresses that need ARP
+ * handling. */
match = xasprintf(
"inport == %s && arp.tpa == "IP_FMT" && arp.op == 1",
op->json_key, IP_ARGS(ip));
@@ -2338,29 +2342,6 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
/* Drop IP traffic to this router, unless the router ip is used as
* SNAT ip. */
- bool snat_ip_is_router_ip = false;
- for (int i = 0; i < op->od->nbr->n_nat; i++) {
- const struct nbrec_nat *nat;
- ovs_be32 ip;
-
- nat = op->od->nbr->nat[i];
- if (strcmp(nat->type, "snat")) {
- continue;
- }
-
- if (!ip_parse(nat->external_ip, &ip) || !ip) {
- static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(5, 1);
- VLOG_WARN_RL(&rl, "bad ip address %s in snat configuration "
- "for router %s", nat->external_ip, op->key);
- continue;
- }
-
- if (ip == op->ip) {
- snat_ip_is_router_ip = true;
- break;
- }
- }
-
if (!snat_ip_is_router_ip) {
match = xasprintf("ip4.dst == "IP_FMT, IP_ARGS(op->ip));
ovn_lflow_add(lflows, op->od, S_ROUTER_IN_IP_INPUT, 60, match,
It is wasteful to have two loops that go through all the NAT entries. Signed-off-by: Gurucharan Shetty <guru@ovn.org> --- ovn/northd/ovn-northd.c | 45 +++++++++++++-------------------------------- 1 file changed, 13 insertions(+), 32 deletions(-)