From patchwork Tue Jul 30 21:52:46 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
X-Patchwork-Id: 1966772
Return-Path: <ovs-dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
	dkim=fail reason="signature verification failed" (1024-bit key;
 unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256
 header.s=mimecast20190719 header.b=RD0gE0iN;
	dkim-atps=neutral
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org
 (client-ip=2605:bc80:3010::137; helo=smtp4.osuosl.org;
 envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org)
Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4WYTVv09Hxz1ybb
	for <incoming@patchwork.ozlabs.org>; Wed, 31 Jul 2024 07:53:11 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
	by smtp4.osuosl.org (Postfix) with ESMTP id 473914067C;
	Tue, 30 Jul 2024 21:53:09 +0000 (UTC)
X-Virus-Scanned: amavis at osuosl.org
Received: from smtp4.osuosl.org ([127.0.0.1])
 by localhost (smtp4.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP
 id hdP2EkvaaHFP; Tue, 30 Jul 2024 21:53:08 +0000 (UTC)
X-Comment: SPF check N/A for local connections -
 client-ip=2605:bc80:3010:104::8cd3:938; helo=lists.linuxfoundation.org;
 envelope-from=ovs-dev-bounces@openvswitch.org; receiver=<UNKNOWN>
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org EC4AF404A9
Authentication-Results: smtp4.osuosl.org;
	dkim=fail reason="signature verification failed" (1024-bit key)
 header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256
 header.s=mimecast20190719 header.b=RD0gE0iN
Received: from lists.linuxfoundation.org (lf-lists.osuosl.org
 [IPv6:2605:bc80:3010:104::8cd3:938])
	by smtp4.osuosl.org (Postfix) with ESMTPS id EC4AF404A9;
	Tue, 30 Jul 2024 21:53:07 +0000 (UTC)
Received: from lf-lists.osuosl.org (localhost [127.0.0.1])
	by lists.linuxfoundation.org (Postfix) with ESMTP id D3CAFC002B;
	Tue, 30 Jul 2024 21:53:07 +0000 (UTC)
X-Original-To: ovs-dev@openvswitch.org
Delivered-To: ovs-dev@lists.linuxfoundation.org
Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137])
 by lists.linuxfoundation.org (Postfix) with ESMTP id 6291EC002B
 for <ovs-dev@openvswitch.org>; Tue, 30 Jul 2024 21:53:06 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by smtp4.osuosl.org (Postfix) with ESMTP id 4326A40659
 for <ovs-dev@openvswitch.org>; Tue, 30 Jul 2024 21:53:06 +0000 (UTC)
X-Virus-Scanned: amavis at osuosl.org
Received: from smtp4.osuosl.org ([127.0.0.1])
 by localhost (smtp4.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP
 id bR5WpEbJwRot for <ovs-dev@openvswitch.org>;
 Tue, 30 Jul 2024 21:53:05 +0000 (UTC)
Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=170.10.133.124;
 helo=us-smtp-delivery-124.mimecast.com;
 envelope-from=lorenzo.bianconi@redhat.com; receiver=<UNKNOWN>
DMARC-Filter: OpenDMARC Filter v1.4.2 smtp4.osuosl.org 567D54035F
Authentication-Results: smtp4.osuosl.org;
 dmarc=pass (p=none dis=none) header.from=redhat.com
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 567D54035F
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124])
 by smtp4.osuosl.org (Postfix) with ESMTPS id 567D54035F
 for <ovs-dev@openvswitch.org>; Tue, 30 Jul 2024 21:53:04 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1722376383;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=o1O7OpPNcEd5nioD3nn/z8dffqCUSG9jec93qdm/rI4=;
 b=RD0gE0iNq1Glvg3Ly95zrbbFuP+pP5bTfj3+7onpP5bxOkNfsJMuhIf121oU/aOqc4D6Mq
 LvlkpgZ3/0bNeNpdk1NS5+7Uq8UwH6zQGtr1O3fZWn/tzn3l9UaUx0w1h5rxw9c8xXDNjx
 cUgHvaqN9Vhmeamz/OxsZAOgFY3kHmU=
Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com
 [209.85.128.72]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-488-_m-LxU0IObi_D7F1Fn9QqA-1; Tue, 30 Jul 2024 17:53:01 -0400
X-MC-Unique: _m-LxU0IObi_D7F1Fn9QqA-1
Received: by mail-wm1-f72.google.com with SMTP id
 5b1f17b1804b1-4281f8994adso18867405e9.0
 for <ovs-dev@openvswitch.org>; Tue, 30 Jul 2024 14:53:01 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1722376380; x=1722981180;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=lXF4crvljo4YeniMQ/ctwUzXATqIBVEBcu/NiD8TYNE=;
 b=T6PtD5ATJJ08lESzbzCYtiNh8uPQh9OzaJlrt5S4Xl0xu0IQ/0Irle7Kk57HkPHHoI
 CNTun0XnEyQ5RzllQlq/W9tm3fuQBt+i+4JheO03H9HbpbgghzwAz1OBveobOgFeRQtW
 kK9tzny3hjlSTDw7B9H2wfQYakKrWiWUwFmvtcrztz/OJKrIsPStlwWVCxv4sLe5xoEK
 1lr0V63f8XOWQq0y6uuBoWKjpo9giPyAFAu3muHme7Gbw1RwOunG1SSnk5twQnR7PTuo
 4o9SZG90AiN5Eja6KIQVBDbuAR6t4MAxPl8B4q/vlfnZPS9Z4ndDhJwagd3bEch6BMNB
 G+3g==
X-Gm-Message-State: AOJu0YwKu51p6V5Da9gt4VGq7ztQUgDS50kTqkMH0tUkJ/4QCHv7whF8
 AIJIebWcl4lFu+U7gcTBZOFFnzHwiUOB1EjW3c1QUw2OoTk8pAuCfbFK/2Yi4KuGmQ1rNhfdcrA
 ZqRclnPc8cby57Itmvvzf9BCjRypXX0gFhX22pcgGp9YZWpC7DAXAGx6Xc51/MUIFQbJGyH+aIC
 8uucJERGVCYP2TtknkT7Mmr1zIDjHXWbQqCZpiQbpNX1cVUXZi9A==
X-Received: by 2002:a05:600c:5492:b0:426:5dc8:6a6a with SMTP id
 5b1f17b1804b1-42811da0c16mr88487655e9.21.1722376380272;
 Tue, 30 Jul 2024 14:53:00 -0700 (PDT)
X-Google-Smtp-Source: 
 AGHT+IEw91vW37YkGGfajK2ZCenudIxwRUj7QjKF0JllL2u4binbj0ivfVlcs+ac6efzjnW6qxWu1g==
X-Received: by 2002:a05:600c:5492:b0:426:5dc8:6a6a with SMTP id
 5b1f17b1804b1-42811da0c16mr88487525e9.21.1722376379795;
 Tue, 30 Jul 2024 14:52:59 -0700 (PDT)
Received: from localhost (net-188-152-77-192.cust.dsl.teletu.it.
 [188.152.77.192]) by smtp.gmail.com with ESMTPSA id
 5b1f17b1804b1-428068cda0csm222349435e9.47.2024.07.30.14.52.59
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 30 Jul 2024 14:52:59 -0700 (PDT)
From: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
To: ovs-dev@openvswitch.org
Date: Tue, 30 Jul 2024 23:52:46 +0200
Message-ID: 
 <78706de65252c789ee546dc9db497b313d8087f7.1722376094.git.lorenzo.bianconi@redhat.com>
X-Mailer: git-send-email 2.45.2
In-Reply-To: <cover.1722376094.git.lorenzo.bianconi@redhat.com>
References: <cover.1722376094.git.lorenzo.bianconi@redhat.com>
MIME-Version: 1.0
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Subject: [ovs-dev] [PATCH v8 ovn 3/3] ofctrl: Introduce ecmp_nexthop_monitor.
X-BeenThere: ovs-dev@openvswitch.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: <ovs-dev.openvswitch.org>
List-Unsubscribe: <https://mail.openvswitch.org/mailman/options/ovs-dev>,
 <mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://mail.openvswitch.org/pipermail/ovs-dev/>
List-Post: <mailto:ovs-dev@openvswitch.org>
List-Help: <mailto:ovs-dev-request@openvswitch.org?subject=help>
List-Subscribe: <https://mail.openvswitch.org/mailman/listinfo/ovs-dev>,
 <mailto:ovs-dev-request@openvswitch.org?subject=subscribe>
Cc: dceara@redhat.com
Errors-To: ovs-dev-bounces@openvswitch.org
Sender: "dev" <ovs-dev-bounces@openvswitch.org>

Introduce ecmp_nexthop_monitor in ovn-controller in order to track and
flush ecmp-symmetric reply ct entires when requested by the CMS (e.g
removing the related static routes).

Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
---
 controller/ofctrl.c         | 54 +++++++++++++++++++++++++++++++++++++
 controller/ofctrl.h         |  2 ++
 controller/ovn-controller.c |  2 ++
 tests/system-ovn.at         |  8 ++++++
 4 files changed, 66 insertions(+)

diff --git a/controller/ofctrl.c b/controller/ofctrl.c
index f9387d375..3d450c0cd 100644
--- a/controller/ofctrl.c
+++ b/controller/ofctrl.c
@@ -389,9 +389,17 @@ struct meter_band_entry {
 
 static struct shash meter_bands;
 
+#define ECMP_NEXTHOP_IDS_LEN    65535
+static unsigned long *ecmp_nexthop_ids;
+
 static void ofctrl_meter_bands_destroy(void);
 static void ofctrl_meter_bands_clear(void);
 
+static void ecmp_nexthop_monitor_run(
+        const struct sbrec_ecmp_nexthop_table *enh_table,
+        struct ovs_list *msgs);
+
+
 /* MFF_* field ID for our Geneve option.  In S_TLV_TABLE_MOD_SENT, this is
  * the option we requested (we don't know whether we obtained it yet).  In
  * S_CLEAR_FLOWS or S_UPDATE_FLOWS, this is really the option we have. */
@@ -430,6 +438,7 @@ ofctrl_init(struct ovn_extend_table *group_table,
     groups = group_table;
     meters = meter_table;
     shash_init(&meter_bands);
+    ecmp_nexthop_ids = bitmap_allocate(ECMP_NEXTHOP_IDS_LEN);
 }
 
 /* S_NEW, for a new connection.
@@ -877,6 +886,7 @@ ofctrl_destroy(void)
     expr_symtab_destroy(&symtab);
     shash_destroy(&symtab);
     ofctrl_meter_bands_destroy();
+    bitmap_free(ecmp_nexthop_ids);
 }
 
 uint64_t
@@ -2306,6 +2316,47 @@ add_meter(struct ovn_extend_table_info *m_desired,
     ofctrl_meter_bands_alloc(sb_meter, m_desired, msgs);
 }
 
+static void
+ecmp_nexthop_monitor_flush_ct_entry(uint64_t id, struct ovs_list *msgs)
+{
+    ovs_u128 mask = {
+        /* ct_labels.label BITS[96-127] */
+        .u64.hi = 0xffffffff00000000,
+    };
+    ovs_u128 nexthop = {
+        .u64.hi = id << 32,
+    };
+    struct ofp_ct_match match = {
+        .labels = nexthop,
+        .labels_mask = mask,
+    };
+    struct ofpbuf *msg = ofp_ct_match_encode(&match, NULL,
+                                             rconn_get_version(swconn));
+    ovs_list_push_back(msgs, &msg->list_node);
+}
+
+static void
+ecmp_nexthop_monitor_run(const struct sbrec_ecmp_nexthop_table *enh_table,
+                         struct ovs_list *msgs)
+{
+    unsigned long *ids = bitmap_allocate(ECMP_NEXTHOP_IDS_LEN);
+
+    const struct sbrec_ecmp_nexthop *sbrec_ecmp_nexthop;
+    SBREC_ECMP_NEXTHOP_TABLE_FOR_EACH (sbrec_ecmp_nexthop, enh_table) {
+        bitmap_set1(ids, sbrec_ecmp_nexthop->id);
+    }
+
+    int id;
+    BITMAP_FOR_EACH_1 (id, ECMP_NEXTHOP_IDS_LEN, ecmp_nexthop_ids) {
+        if (!bitmap_is_set(ids, id)) {
+            ecmp_nexthop_monitor_flush_ct_entry(id, msgs);
+        }
+    }
+
+    bitmap_free(ecmp_nexthop_ids);
+    ecmp_nexthop_ids = ids;
+}
+
 static void
 installed_flow_add(struct ovn_flow *d,
                    struct ofputil_bundle_ctrl_msg *bc,
@@ -2664,6 +2715,7 @@ ofctrl_put(struct ovn_desired_flow_table *lflow_table,
            struct shash *pending_ct_zones,
            struct hmap *pending_lb_tuples,
            struct ovsdb_idl_index *sbrec_meter_by_name,
+           const struct sbrec_ecmp_nexthop_table *enh_table,
            uint64_t req_cfg,
            bool lflows_changed,
            bool pflows_changed)
@@ -2704,6 +2756,8 @@ ofctrl_put(struct ovn_desired_flow_table *lflow_table,
     /* OpenFlow messages to send to the switch to bring it up-to-date. */
     struct ovs_list msgs = OVS_LIST_INITIALIZER(&msgs);
 
+    ecmp_nexthop_monitor_run(enh_table, &msgs);
+
     /* Iterate through ct zones that need to be flushed. */
     struct shash_node *iter;
     SHASH_FOR_EACH(iter, pending_ct_zones) {
diff --git a/controller/ofctrl.h b/controller/ofctrl.h
index 129e3b6ad..33953a8a4 100644
--- a/controller/ofctrl.h
+++ b/controller/ofctrl.h
@@ -31,6 +31,7 @@ struct ofpbuf;
 struct ovsrec_bridge;
 struct ovsrec_open_vswitch_table;
 struct sbrec_meter_table;
+struct sbrec_ecmp_nexthop_table;
 struct shash;
 
 struct ovn_desired_flow_table {
@@ -59,6 +60,7 @@ void ofctrl_put(struct ovn_desired_flow_table *lflow_table,
                 struct shash *pending_ct_zones,
                 struct hmap *pending_lb_tuples,
                 struct ovsdb_idl_index *sbrec_meter_by_name,
+                const struct sbrec_ecmp_nexthop_table *enh_table,
                 uint64_t nb_cfg,
                 bool lflow_changed,
                 bool pflow_changed);
diff --git a/controller/ovn-controller.c b/controller/ovn-controller.c
index f5674184a..bbcaae4cb 100644
--- a/controller/ovn-controller.c
+++ b/controller/ovn-controller.c
@@ -5720,6 +5720,8 @@ main(int argc, char *argv[])
                                    &ct_zones_data->ctx.pending,
                                    &lb_data->removed_tuples,
                                    sbrec_meter_by_name,
+                                   sbrec_ecmp_nexthop_table_get(
+                                        ovnsb_idl_loop.idl),
                                    ofctrl_seqno_get_req_cfg(),
                                    engine_node_changed(&en_lflow_output),
                                    engine_node_changed(&en_pflow_output));
diff --git a/tests/system-ovn.at b/tests/system-ovn.at
index bb43f9ca3..d3294c71f 100644
--- a/tests/system-ovn.at
+++ b/tests/system-ovn.at
@@ -6248,6 +6248,10 @@ sed -e 's/labels=0x[[0-9]]/labels=0x?/' | sort], [0], [dnl
 tcp,orig=(src=172.16.0.1,dst=10.0.0.2,sport=<cleared>,dport=<cleared>),reply=(src=10.0.0.2,dst=172.16.0.1,sport=<cleared>,dport=<cleared>),zone=<cleared>,mark=<cleared>,labels=0x?000000000401020500000000,protoinfo=(state=<cleared>)
 ])
 
+# Flush connection tracking entries
+ovn-nbctl --wait=hv lr-route-del R1
+AT_CHECK([ovs-appctl dpctl/dump-conntrack | FORMAT_CT(172.16.0.1)])
+
 OVS_APP_EXIT_AND_WAIT([ovn-controller])
 
 as ovn-sb
@@ -6470,6 +6474,10 @@ sed -e 's/labels=0x[[0-9]]/labels=0x?/' | sort], [0], [dnl
 tcp,orig=(src=fd07::1,dst=fd01::2,sport=<cleared>,dport=<cleared>),reply=(src=fd01::2,dst=fd07::1,sport=<cleared>,dport=<cleared>),zone=<cleared>,mark=<cleared>,labels=0x?000000001001020400000000,protoinfo=(state=<cleared>)
 ])
 
+# Flush connection tracking entries
+check ovn-nbctl --wait=hv lr-route-del R1
+AT_CHECK([ovs-appctl dpctl/dump-conntrack | FORMAT_CT(fd01::2)])
+
 OVS_APP_EXIT_AND_WAIT([ovn-controller])
 
 as ovn-sb