From patchwork Fri Nov 19 16:07:21 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vladislav Odintsov X-Patchwork-Id: 1557236 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=ag12Mq8n; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::133; helo=smtp2.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Received: from smtp2.osuosl.org (smtp2.osuosl.org [IPv6:2605:bc80:3010::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HwhQV1nZ0z9sWJ for ; Sat, 20 Nov 2021 03:07:46 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id A9D394097F; Fri, 19 Nov 2021 16:07:43 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HN8OGvARcqlY; Fri, 19 Nov 2021 16:07:41 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp2.osuosl.org (Postfix) with ESMTPS id 5425840970; Fri, 19 Nov 2021 16:07:40 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 9116FC0045; Fri, 19 Nov 2021 16:07:38 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id 9C1E6C003E for ; Fri, 19 Nov 2021 16:07:37 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 86DDC41BEE for ; Fri, 19 Nov 2021 16:07:37 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp4.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HbM7qBU7iFss for ; Fri, 19 Nov 2021 16:07:36 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 Received: from mail-ed1-x529.google.com (mail-ed1-x529.google.com [IPv6:2a00:1450:4864:20::529]) by smtp4.osuosl.org (Postfix) with ESMTPS id 2666E41BDF for ; Fri, 19 Nov 2021 16:07:36 +0000 (UTC) Received: by mail-ed1-x529.google.com with SMTP id x6so32963484edr.5 for ; Fri, 19 Nov 2021 08:07:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=i1gx8wOaeZTs93WZnqMQemfvUcONIdoYyo/GqAo8UA0=; b=ag12Mq8n6OAtBbodNHPQvpVjnN4bq745vKZYOUI4HmuUUjnLEtxdLUj8bWaNyuehZG dMikxYEnkuml+ORtddAhpvBBa05yGtTm0wouMFHkTcRZyammvZpVscWU82N7jOi+bCRJ bbXsUphAs98xEuMOHe+P+9OwzDNm0DSl1tvrNBsdmcl4+fvLwk2h8L/hnNr0/TeA2Kok JHS6f9/O8TWLxL8kuGprW2UOG2r7D5kMiJRUJyax1JX0vY5zz6yiyWwaA2gYgHJf8ILc 8ZpWFpBF7evn+nb+PfGj/+MZeQnIhsuyzEOh30jqaON2iK1vZQJD2cSTOMGHlfZ+w4iH wrkQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=i1gx8wOaeZTs93WZnqMQemfvUcONIdoYyo/GqAo8UA0=; b=OcI/H1iCQFifaTxpWRoRXJhjOdKrIp8w0A6cODC71luBym36tAZlF92hbKrcWfjrdu qXzSWK2U/EXiS7ysKlY0KISBjLKkEslrLPIrPDc/u0XOIGuNc0H5+dPuhKx4ZfdXqzYE Q1TZhzalpqU8u/iDVpSujCD46QfT7QyMyg2w2TfACdizoEnQJ9QvjoGH85MFqReLagcm cRlamWztMzwzCjeIn2MR91laUhFQpv4hopUOrB8JK877bImH1lECK9GvWk+TZ1IsYDVM X2e713duwv49FvgndpKaTKRKPEkZOOMn/m3rx6fqeGRbd4k49CkYWg5SWc7IDBNyXwdB /u9g== X-Gm-Message-State: AOAM532Z958+Pi6td1D7huyvm9yLwpiV0w4+1uiv1phDRci2AFWzYG3A a6N2xD+eI+Rhsrgpt+5lw3Ij5LAY+cIE2w== X-Google-Smtp-Source: ABdhPJy/k+fPQXwvytPVYVBIMVa1I1pJG3P0wogKcXGUozNF7Ha08MQqL2vYLPfVhuhBbydU7fbPPA== X-Received: by 2002:a05:6402:26c8:: with SMTP id x8mr26000488edd.156.1637338054080; Fri, 19 Nov 2021 08:07:34 -0800 (PST) Received: from localhost.localdomain (109-252-131-59.dynamic.spd-mgts.ru. [109.252.131.59]) by smtp.gmail.com with ESMTPSA id z6sm121427edc.76.2021.11.19.08.07.33 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 19 Nov 2021 08:07:33 -0800 (PST) From: Vladislav Odintsov To: dev@openvswitch.org Date: Fri, 19 Nov 2021 19:07:21 +0300 Message-Id: <20211119160721.60612-7-odivlad@gmail.com> X-Mailer: git-send-email 2.30.0 In-Reply-To: <20211119160721.60612-1-odivlad@gmail.com> References: <20211119160721.60612-1-odivlad@gmail.com> MIME-Version: 1.0 Cc: Vladislav Odintsov Subject: [ovs-dev] [PATCH ovn v9 6/6] ic: don't learn routes which have local GW X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" In case we have ovn-ic-interconnected Logical_Routers and install same ip_prefix route with GW in local AZ in each LR in each AZ, this route would be learned in other AZs and L3 loop is possible. There could be next routes output: [az1 ~]$ ovn-nbctl lr-route-list lr0 IPv4 Routes Route Table global: 128.0.0.0/1 169.254.1.1 dst-ip ecmp 128.0.0.0/1 169.254.100.2 dst-ip (learned) ecmp [az2 ~]$ ovn-nbctl lr-route-list lr0 IPv4 Routes Route Table global: 128.0.0.0/1 169.254.2.1 dst-ip ecmp 128.0.0.0/1 169.254.100.1 dst-ip (learned) ecmp So, there is a possible routing loop. Packets going to 128.0.0.0/1 could go from AZ1 to AZ2 and on AZ2 they can be routed back. This commit adds check for installed local (non-learned) routes. If OVN IC route's ip_prefix, route_table are the same with already installed non-learned NB route, such route wouldn't be learned. Signed-off-by: Vladislav Odintsov --- ic/ovn-ic.c | 30 ++++++++++++++++++++++++-- tests/ovn-ic.at | 49 +++++++++++++++++++++++++++++++++++++++++++ utilities/ovn-nbctl.c | 4 +++- 3 files changed, 80 insertions(+), 3 deletions(-) diff --git a/ic/ovn-ic.c b/ic/ovn-ic.c index f40468e92..a9b797af2 100644 --- a/ic/ovn-ic.c +++ b/ic/ovn-ic.c @@ -1209,7 +1209,25 @@ add_network_to_routes_ad(struct hmap *routes_ad, const char *network, } static bool -route_need_learn(struct in6_addr *prefix, unsigned int plen, +route_has_local_gw(const struct nbrec_logical_router *lr, + const char *route_table, const char *ip_prefix) { + + const struct nbrec_logical_router_static_route *route; + for (int i = 0; i < lr->n_static_routes; i++) { + route = lr->static_routes[i]; + if (!smap_get(&route->external_ids, "ic-learned-route") && + !strcmp(route->route_table, route_table) && + !strcmp(route->ip_prefix, ip_prefix)) { + return true; + } + } + return false; +} + +static bool +route_need_learn(const struct nbrec_logical_router *lr, + const struct icsbrec_route *isb_route, + struct in6_addr *prefix, unsigned int plen, const struct smap *nb_options) { if (!smap_get_bool(nb_options, "ic-route-learn", false)) { @@ -1229,6 +1247,12 @@ route_need_learn(struct in6_addr *prefix, unsigned int plen, return false; } + if (route_has_local_gw(lr, isb_route->route_table, isb_route->ip_prefix)) { + VLOG_DBG("Skip learning %s (rtb:%s) route, as we've got one with " + "local GW", isb_route->ip_prefix, isb_route->route_table); + return false; + } + return true; } @@ -1333,9 +1357,11 @@ sync_learned_routes(struct ic_context *ctx, isb_route->nexthop); continue; } - if (!route_need_learn(&prefix, plen, &nb_global->options)) { + if (!route_need_learn(ic_lr->lr, isb_route, &prefix, plen, + &nb_global->options)) { continue; } + struct ic_route_info *route_learned = ic_route_find(&ic_lr->routes_learned, &prefix, plen, &nexthop, isb_route->origin, diff --git a/tests/ovn-ic.at b/tests/ovn-ic.at index 1340874d5..a189a8fed 100644 --- a/tests/ovn-ic.at +++ b/tests/ovn-ic.at @@ -928,3 +928,52 @@ OVN_CLEANUP_IC([az1], [az2]) AT_CLEANUP ]) + +OVN_FOR_EACH_NORTHD([ +AT_SETUP([ovn-ic -- same routes destination]) + +ovn_init_ic_db +ovn-ic-nbctl ts-add ts1 + +for i in 1 2; do + ovn_start az$i + ovn_as az$i + + # Enable route learning at AZ level + ovn-nbctl set nb_global . options:ic-route-learn=true + ovn-nbctl set nb_global . options:ic-route-learn-default=true + # Enable route advertising at AZ level + ovn-nbctl set nb_global . options:ic-route-adv=true + ovn-nbctl set nb_global . options:ic-route-adv-default=true + + lr=lr1$i + ovn-nbctl lr-add $lr + + lrp=lrp-$lr-ts1 + lsp=lsp-ts1-$lr + # Create LRP and connect to TS + ovn-nbctl lrp-add $lr $lrp aa:aa:aa:aa:aa:0$i 169.254.100.$i/24 + ovn-nbctl lsp-add ts1 $lsp \ + -- lsp-set-addresses $lsp router \ + -- lsp-set-type $lsp router \ + -- lsp-set-options $lsp router-port=$lrp + ovn-nbctl lrp-add $lr lrp-local-subnet 00:00:00:00:00:0$i 192.168.$i.1/24 + ovn-nbctl list logical-router-static-route + check ovn-nbctl lr-route-add $lr 10.0.0.0/24 192.168.$i.10 + check ovn-nbctl lr-route-add $lr 0.0.0.0/0 192.168.$i.11 +done + +AT_CHECK([ovn_as az1 ovn-nbctl lr-route-list lr11 | grep dst-ip | sort], [0], [dnl + 0.0.0.0/0 192.168.1.11 dst-ip + 10.0.0.0/24 192.168.1.10 dst-ip + 192.168.2.0/24 169.254.100.2 dst-ip (learned) +]) + +AT_CHECK([ovn_as az2 ovn-nbctl lr-route-list lr12 | grep dst-ip | sort], [0], [dnl + 0.0.0.0/0 192.168.2.11 dst-ip + 10.0.0.0/24 192.168.2.10 dst-ip + 192.168.1.0/24 169.254.100.1 dst-ip (learned) +]) + +AT_CLEANUP +]) diff --git a/utilities/ovn-nbctl.c b/utilities/ovn-nbctl.c index 9006c956e..dc89771c0 100644 --- a/utilities/ovn-nbctl.c +++ b/utilities/ovn-nbctl.c @@ -4104,6 +4104,8 @@ nbctl_pre_lr_route_add(struct ctl_context *ctx) &nbrec_logical_router_static_route_col_options); ovsdb_idl_add_column(ctx->idl, &nbrec_logical_router_static_route_col_route_table); + ovsdb_idl_add_column(ctx->idl, + &nbrec_logical_router_static_route_col_external_ids); } static char * OVS_WARN_UNUSED_RESULT @@ -4233,7 +4235,7 @@ nbctl_lr_route_add(struct ctl_context *ctx) } if (!ecmp) { - if (route) { + if (route && !smap_get(&route->external_ids, "ic-learned-route")) { if (!may_exist) { ctl_error(ctx, "duplicate prefix: %s (policy: %s). Use option" " --ecmp to allow this for ECMP routing.",