From patchwork Tue Apr 18 11:49:11 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Guoshuai Li X-Patchwork-Id: 751813 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3w6k2B4CXLz9rxl for ; Tue, 18 Apr 2017 21:49:37 +1000 (AEST) Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by mail.linuxfoundation.org (Postfix) with ESMTP id 9BEF7BC4; Tue, 18 Apr 2017 11:49:35 +0000 (UTC) X-Original-To: ovs-dev@openvswitch.org Delivered-To: ovs-dev@mail.linuxfoundation.org Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id B05A1480 for ; Tue, 18 Apr 2017 11:49:34 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from smtp2203-239.mail.aliyun.com (smtp2203-239.mail.aliyun.com [121.197.203.239]) by smtp1.linuxfoundation.org (Postfix) with ESMTP id 4A791176 for ; Tue, 18 Apr 2017 11:49:27 +0000 (UTC) X-Alimail-AntiSpam: AC=CONTINUE; BC=0.0746224|-1; FP=0|0|0|0|0|-1|-1|-1; HT=e02c03290; MF=ligs@dtdream.com; NM=1; PH=DS; RN=3; RT=3; SR=0; TI=SMTPD_---.7yIuZoP_1492516162; Received: from localhost.localdomain(mailfrom:ligs@dtdream.com ip:111.198.29.132) by smtp.aliyun-inc.com(10.147.40.2); Tue, 18 Apr 2017 19:49:23 +0800 From: Guoshuai Li To: ovs-dev@openvswitch.org, mickeys.dev@gmail.com Date: Tue, 18 Apr 2017 19:49:11 +0800 Message-Id: <20170418114911.7832-1-ligs@dtdream.com> X-Mailer: git-send-email 2.10.1.windows.1 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [ovs-dev] [PATCH] system-ovn.at: Add test for ping other router's port on distributed router X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: ovs-dev-bounces@openvswitch.org Errors-To: ovs-dev-bounces@openvswitch.org Signed-off-by: Guoshuai Li --- tests/system-ovn.at | 101 ++++++++++++++++++++++++++++++++++++++++++++++++ tests/system-traffic.at | 20 ++++++++++ 2 files changed, 121 insertions(+) diff --git a/tests/system-ovn.at b/tests/system-ovn.at index dd62bd1..68da38a 100644 --- a/tests/system-ovn.at +++ b/tests/system-ovn.at @@ -1396,3 +1396,104 @@ as OVS_TRAFFIC_VSWITCHD_STOP(["/failed to query port patch-.*/d /connection dropped.*/d"]) AT_CLEANUP + +AT_SETUP([ovn -- ping other router port on distributed router]) +AT_KEYWORDS([ovnnat]) + +CHECK_CONNTRACK() +CHECK_CONNTRACK_NAT() +ovn_start +OVS_TRAFFIC_VSWITCHD_START() +ADD_BR([br-int]) + +# Set external-ids in br-int needed for ovn-controller +ovs-vsctl \ + -- set Open_vSwitch . external-ids:system-id=hv1 \ + -- set Open_vSwitch . external-ids:ovn-remote=unix:$ovs_base/ovn-sb/ovn-sb.sock \ + -- set Open_vSwitch . external-ids:ovn-encap-type=geneve \ + -- set Open_vSwitch . external-ids:ovn-encap-ip=169.0.0.1 \ + -- set bridge br-int fail-mode=secure other-config:disable-in-band=true + +# Start ovn-controller +start_daemon ovn-controller + +# Logical network: +# Two LRs - R1 and R2 that are connected to LS "join" (20.0.0.0/24). +# R1 has switchess foo (192.168.1.0/24). +# The port between R1/R2 and "join" is the router gateway port where +# the NAT rules are applied. +# +# foo -- R1 -- join -- R2 +# + +ovn-nbctl lr-add R1 +ovn-nbctl lr-add R2 + +ovn-nbctl ls-add foo +ovn-nbctl ls-add join + +ovn-nbctl lrp-add R1 foo 00:00:01:01:02:01 192.168.1.1/24 +ovn-nbctl lrp-add R1 join1 00:00:02:01:02:01 20.0.0.1/24 \ + -- set Logical_Router_Port join1 options:redirect-chassis=hv1 +ovn-nbctl lrp-add R2 join2 00:00:02:01:02:02 20.0.0.2/24 \ + -- set Logical_Router_Port join2 options:redirect-chassis=hv1 + +# Connect foo to R1 +ovn-nbctl lsp-add foo rp-foo -- set Logical_Switch_Port rp-foo \ + type=router options:router-port=foo \ + -- lsp-set-addresses rp-foo router + +# Connect join to R1 +ovn-nbctl lsp-add join rp-join1 -- set Logical_Switch_Port rp-join1 \ + type=router options:router-port=join1 \ + -- lsp-set-addresses rp-join1 router + +# Connect join to R2 +ovn-nbctl lsp-add join rp-join2 -- set Logical_Switch_Port rp-join2 \ + type=router options:router-port=join2 \ + -- lsp-set-addresses rp-join2 router + +# Logical port 'foo1' in switch 'foo'. +ADD_NAMESPACES(foo1) +ADD_VETH(foo1, foo1, br-int, "192.168.1.2/24", "f0:00:00:01:02:01", \ + "192.168.1.1") +ovn-nbctl lsp-add foo foo1 \ +-- lsp-set-addresses foo1 "f0:00:00:01:02:01 192.168.1.2" + +# Add SNAT rule +ovn-nbctl lr-nat-add R1 snat 20.0.0.1 192.168.1.0/24 + +ovn-nbctl --wait=hv sync + +echo "------ hv dump ------" +ovs-ofctl show br-int +ovs-ofctl dump-flows br-int +echo "---------------------" + +# East-West No NAT: 'foo1' pings 'R2' using 20.0.0.2 +NS_CHECK_EXEC([foo1], [ping -q -c 3 -i 0.3 -w 2 20.0.0.2 | FORMAT_PING], \ +[0], [dnl +3 packets transmitted, 3 received, 0% packet loss, time 0ms +]) + +# We verify that SNAT indeed happened via 'dump-conntrack' command. +AT_CHECK([ovs-appctl dpctl/dump-conntrack | FORMAT_CT(192.168.1.2) | \ +sed -e 's/zone=[[0-9]]*/zone=/'], [0], [dnl +icmp,orig=(src=192.168.1.2,dst=20.0.0.2,id=,type=8,code=0),reply=(src=20.0.0.2,dst=20.0.0.1,id=,type=0,code=0),zone= +]) + +OVS_APP_EXIT_AND_WAIT([ovn-controller]) + +as ovn-sb +OVS_APP_EXIT_AND_WAIT([ovsdb-server]) + +as ovn-nb +OVS_APP_EXIT_AND_WAIT([ovsdb-server]) + +as northd +OVS_APP_EXIT_AND_WAIT([ovn-northd]) + +as +OVS_TRAFFIC_VSWITCHD_STOP(["/failed to query port patch-.*/d +/connection dropped.*/d"]) +AT_CLEANUP diff --git a/tests/system-traffic.at b/tests/system-traffic.at index c042773..295e606 100644 --- a/tests/system-traffic.at +++ b/tests/system-traffic.at @@ -3678,3 +3678,23 @@ NS_CHECK_EXEC([at_ns0], [ping -q -c 1 -w 3 10.4.2.2], [1], [ignore]) OVS_TRAFFIC_VSWITCHD_STOP(["/dropping VLAN \(0\|300\) packet received on dot1q-tunnel port/d"]) AT_CLEANUP + +AT_SETUP([datapath - SNAT and UNSNAT]) +OVS_TRAFFIC_VSWITCHD_START() + +AT_CHECK([ovs-ofctl add-flow br0 "table=0, priority=100,in_port=1,ip,nw_dst=20.0.0.2 actions=dec_ttl(),mod_dl_src:00:00:02:01:02:01,mod_dl_dst:00:00:02:01:02:02,resubmit(,1)"]) +AT_CHECK([ovs-ofctl add-flow br0 "table=1, priority=100,ip,nw_src=192.168.1.2 actions=ct(commit,table=2,zone=6,nat(src=20.0.0.1))"]) +AT_CHECK([ovs-ofctl add-flow br0 "table=2, priority=100,icmp,nw_dst=20.0.0.2,icmp_type=8,icmp_code=0 actions=push:NXM_OF_IP_SRC[],push:NXM_OF_IP_DST[],pop:NXM_OF_IP_SRC[],pop:NXM_OF_IP_DST[],load:0xff->NXM_NX_IP_TTL[],load:0->NXM_OF_ICMP_TYPE[],dec_ttl(),mod_dl_src:00:00:02:01:02:02,mod_dl_dst:00:00:02:01:02:01,resubmit(,3)"]) +AT_CHECK([ovs-ofctl add-flow br0 "table=3, priority=100,ip,nw_dst=20.0.0.1 actions=ct(table=4,zone=6,nat)"]) +AT_CHECK([ovs-ofctl add-flow br0 "table=4, priority=100,ip,nw_dst=192.168.1.2 actions=dec_ttl(),mod_dl_src:00:00:01:01:02:01,mod_dl_dst:f0:00:00:01:02:01,load:0->NXM_OF_IN_PORT[],output:1"]) + +ADD_NAMESPACES(foo1) +ADD_VETH(foo1, foo1, br0, "192.168.1.2/24", "f0:00:00:01:02:01", "192.168.1.1") +NS_CHECK_EXEC([foo1], [arp -s 192.168.1.1 00:00:01:01:02:01]) + +NS_CHECK_EXEC([foo1], [ping -q -c 3 -i 0.3 -w 2 20.0.0.2 | FORMAT_PING], [0], [dnl +3 packets transmitted, 3 received, 0% packet loss, time 0ms +]) + +OVS_TRAFFIC_VSWITCHD_STOP +AT_CLEANUP