From patchwork Tue Oct 5 20:24:42 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vladislav Odintsov X-Patchwork-Id: 1536917 X-Patchwork-Delegate: zhouhan@gmail.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=WKdJ9NlB; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::133; helo=smtp2.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Received: from smtp2.osuosl.org (smtp2.osuosl.org [IPv6:2605:bc80:3010::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HP8Jf4KVnz9sPB for ; Wed, 6 Oct 2021 07:27:14 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 1811D4085C; Tue, 5 Oct 2021 20:27:12 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7ulrmhGyfNUb; Tue, 5 Oct 2021 20:27:11 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp2.osuosl.org (Postfix) with ESMTPS id 06259407C7; Tue, 5 Oct 2021 20:27:09 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id CE23AC0011; Tue, 5 Oct 2021 20:27:09 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137]) by lists.linuxfoundation.org (Postfix) with ESMTP id B921BC000D for ; Tue, 5 Oct 2021 20:27:08 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id A93F8408B8 for ; Tue, 5 Oct 2021 20:27:08 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp4.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vJ9FkHjEdIOg for ; Tue, 5 Oct 2021 20:27:05 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 Received: from mail-lf1-x135.google.com (mail-lf1-x135.google.com [IPv6:2a00:1450:4864:20::135]) by smtp4.osuosl.org (Postfix) with ESMTPS id AA2FC4089A for ; Tue, 5 Oct 2021 20:27:05 +0000 (UTC) Received: by mail-lf1-x135.google.com with SMTP id y26so890726lfa.11 for ; Tue, 05 Oct 2021 13:27:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=MAewSbmzfvuXaXytFBWFdpnxcEi9xm0TYn7cob+M5Jw=; b=WKdJ9NlBdai7zS4Z+ivBIrQb5MMO+qYiLUHSui2zNDSYw0i6+iZmyrYr//cOrPSlhE 2VaTFIYtfnI3eQQ+WRRL5V2etMUfIGbwFqnr11GqUT98rDNCusnVBCOpxPm8xhfEzYmb sV3ffXSajZyK1N/IblKssGJQs3V9RPZwPg41CENnA5A32D+bATz02at7g9pwAaWJX15D jcQUo4Wu6YJH5tIbkUuXTG/w18BSJGT7XQaJYAwQ0RmhW2rPKYQiZ8s6i6DZnCbLByEI YtH/op8xcbKaForf22HP5qdlh+5yYGvWt+0rvoPuErQMkSbjA+iKTF6r1aNU3+S4Si7U rQtA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=MAewSbmzfvuXaXytFBWFdpnxcEi9xm0TYn7cob+M5Jw=; b=F8cpzn+zyl+uEMmd/EcXxOtscERLWn0NPOCr80W+yieAvfLbOCjG2MjnKnZ1BkTPMk YAxmnfiKi8jyruVK5whSJOz4IztkryvRgd+8ckU/b7KLDlH7cVxBKLOkkhCKYGAQx5Aj Bv2vyn2N/K2vQBeQWTNkHyp5GstG70g5asK6wojqYKQZUzOWQPvdSAHYoSHfhiSeyBf9 Q6G0kR42bnqrTp6YlOXGGNeWGm4nFQgcdJKoKt46uPhOvVBuABs8WBAt4RYDKdRRpP6n 2EbQjfEo/BYCuEFmD7wbVXA1cNFbDLoq64RFfX04sr+oLjr+YrVylKB6ndIrJkN7uAzJ dvRg== X-Gm-Message-State: AOAM533x1SaB474ESpXEcbE9WglO7PNGFkWerEjcLulz5qLbfSh+BCZ/ hTZQ/sKmNmxHsLOrPW5gTD9H4GWBaEtNUQ== X-Google-Smtp-Source: ABdhPJyD+8D+gmt0yYCvzJymCtNLliyajKmhbSoQXgffi/zujoYbhJH2kNChZooY1YhA5GY9jPKtdA== X-Received: by 2002:a2e:743:: with SMTP id i3mr23778357ljd.250.1633465623551; Tue, 05 Oct 2021 13:27:03 -0700 (PDT) Received: from localhost.localdomain (109-252-131-59.dynamic.spd-mgts.ru. [109.252.131.59]) by smtp.gmail.com with ESMTPSA id 12sm2058870lfz.259.2021.10.05.13.27.03 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 05 Oct 2021 13:27:03 -0700 (PDT) From: Vladislav Odintsov To: dev@openvswitch.org Date: Tue, 5 Oct 2021 23:24:42 +0300 Message-Id: <20211005202442.85322-5-odivlad@gmail.com> X-Mailer: git-send-email 2.30.0 In-Reply-To: <20211005202442.85322-1-odivlad@gmail.com> References: <20211005202442.85322-1-odivlad@gmail.com> MIME-Version: 1.0 Cc: Vladislav Odintsov Subject: [ovs-dev] [PATCH ovn v6 4/4] ic: don't learn routes which have local GW X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" In case we have ovn-ic-interconnected Logical_Routers and install same ip_prefix route with GW in local AZ in each LR in each AZ, this route would be learned in other AZs and L3 loop is possible. There could be next routes output: [az1 ~]$ ovn-nbctl lr-route-list lr0 IPv4 Routes Route Table global: 128.0.0.0/1 169.254.1.1 dst-ip ecmp 128.0.0.0/1 169.254.100.2 dst-ip (learned) ecmp [az2 ~]$ ovn-nbctl lr-route-list lr0 IPv4 Routes Route Table global: 128.0.0.0/1 169.254.2.1 dst-ip ecmp 128.0.0.0/1 169.254.100.1 dst-ip (learned) ecmp So, there is a possible routing loop. Packets going to 128.0.0.0/1 could go from AZ1 to AZ2 and on AZ2 they can be routed back. This commit adds check for installed local (non-learned) routes. If OVN IC route's ip_prefix, route_table are the same with already installed non-learned NB route, such route wouldn't be learned. Signed-off-by: Vladislav Odintsov --- ic/ovn-ic.c | 30 ++++++++++++++++++++++++-- tests/ovn-ic.at | 49 +++++++++++++++++++++++++++++++++++++++++++ utilities/ovn-nbctl.c | 4 +++- 3 files changed, 80 insertions(+), 3 deletions(-) diff --git a/ic/ovn-ic.c b/ic/ovn-ic.c index 02bd28b2b..5b37bb718 100644 --- a/ic/ovn-ic.c +++ b/ic/ovn-ic.c @@ -1197,7 +1197,25 @@ add_network_to_routes_ad(struct hmap *routes_ad, const char *network, } static bool -route_need_learn(struct in6_addr *prefix, unsigned int plen, +route_has_local_gw(const struct nbrec_logical_router *lr, + const char *route_table, const char *ip_prefix) { + + const struct nbrec_logical_router_static_route *route; + for (int i = 0; i < lr->n_static_routes; i++) { + route = lr->static_routes[i]; + if (!smap_get(&route->external_ids, "ic-learned-route") && + !strcmp(route->route_table, route_table) && + !strcmp(route->ip_prefix, ip_prefix)) { + return true; + } + } + return false; +} + +static bool +route_need_learn(const struct nbrec_logical_router *lr, + const struct icsbrec_route *isb_route, + struct in6_addr *prefix, unsigned int plen, const struct smap *nb_options) { if (!smap_get_bool(nb_options, "ic-route-learn", false)) { @@ -1217,6 +1235,12 @@ route_need_learn(struct in6_addr *prefix, unsigned int plen, return false; } + if (route_has_local_gw(lr, isb_route->route_table, isb_route->ip_prefix)) { + VLOG_DBG("Skip learning %s (rtb:%s) route, as we've got one with " + "local GW", isb_route->ip_prefix, isb_route->route_table); + return false; + } + return true; } @@ -1321,9 +1345,11 @@ sync_learned_routes(struct ic_context *ctx, isb_route->nexthop); continue; } - if (!route_need_learn(&prefix, plen, &nb_global->options)) { + if (!route_need_learn(ic_lr->lr, isb_route, &prefix, plen, + &nb_global->options)) { continue; } + struct ic_route_info *route_learned = ic_route_find(&ic_lr->routes_learned, &prefix, plen, &nexthop, isb_route->route_table); diff --git a/tests/ovn-ic.at b/tests/ovn-ic.at index 5803f76e9..15560334d 100644 --- a/tests/ovn-ic.at +++ b/tests/ovn-ic.at @@ -870,3 +870,52 @@ OVN_CLEANUP_IC([az1], [az2]) AT_CLEANUP ]) + +OVN_FOR_EACH_NORTHD([ +AT_SETUP([ovn-ic -- same routes destination]) + +ovn_init_ic_db +ovn-ic-nbctl ts-add ts1 + +for i in 1 2; do + ovn_start az$i + ovn_as az$i + + # Enable route learning at AZ level + ovn-nbctl set nb_global . options:ic-route-learn=true + ovn-nbctl set nb_global . options:ic-route-learn-default=true + # Enable route advertising at AZ level + ovn-nbctl set nb_global . options:ic-route-adv=true + ovn-nbctl set nb_global . options:ic-route-adv-default=true + + lr=lr1$i + ovn-nbctl lr-add $lr + + lrp=lrp-$lr-ts1 + lsp=lsp-ts1-$lr + # Create LRP and connect to TS + ovn-nbctl lrp-add $lr $lrp aa:aa:aa:aa:aa:0$i 169.254.100.$i/24 + ovn-nbctl lsp-add ts1 $lsp \ + -- lsp-set-addresses $lsp router \ + -- lsp-set-type $lsp router \ + -- lsp-set-options $lsp router-port=$lrp + ovn-nbctl lrp-add $lr lrp-local-subnet 00:00:00:00:00:0$i 192.168.$i.1/24 + ovn-nbctl list logical-router-static-route + check ovn-nbctl lr-route-add $lr 10.0.0.0/24 192.168.$i.10 + check ovn-nbctl lr-route-add $lr 0.0.0.0/0 192.168.$i.11 +done + +AT_CHECK([ovn_as az1 ovn-nbctl lr-route-list lr11 | grep dst-ip | sort], [0], [dnl + 0.0.0.0/0 192.168.1.11 dst-ip + 10.0.0.0/24 192.168.1.10 dst-ip + 192.168.2.0/24 169.254.100.2 dst-ip (learned) +]) + +AT_CHECK([ovn_as az2 ovn-nbctl lr-route-list lr12 | grep dst-ip | sort], [0], [dnl + 0.0.0.0/0 192.168.2.11 dst-ip + 10.0.0.0/24 192.168.2.10 dst-ip + 192.168.1.0/24 169.254.100.1 dst-ip (learned) +]) + +AT_CLEANUP +]) diff --git a/utilities/ovn-nbctl.c b/utilities/ovn-nbctl.c index 0ff10618b..2c4ddd25f 100644 --- a/utilities/ovn-nbctl.c +++ b/utilities/ovn-nbctl.c @@ -4084,6 +4084,8 @@ nbctl_pre_lr_route_add(struct ctl_context *ctx) &nbrec_logical_router_static_route_col_options); ovsdb_idl_add_column(ctx->idl, &nbrec_logical_router_static_route_col_route_table); + ovsdb_idl_add_column(ctx->idl, + &nbrec_logical_router_static_route_col_external_ids); } static char * OVS_WARN_UNUSED_RESULT @@ -4213,7 +4215,7 @@ nbctl_lr_route_add(struct ctl_context *ctx) } if (!ecmp) { - if (route) { + if (route && !smap_get(&route->external_ids, "ic-learned-route")) { if (!may_exist) { ctl_error(ctx, "duplicate prefix: %s (policy: %s). Use option" " --ecmp to allow this for ECMP routing.",