From patchwork Tue Jun 29 16:08:49 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Numan Siddique <numans@ovn.org>
X-Patchwork-Id: 1498455
Return-Path: <ovs-dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org
 (client-ip=140.211.166.136; helo=smtp3.osuosl.org;
 envelope-from=ovs-dev-bounces@openvswitch.org; receiver=<UNKNOWN>)
Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
 SHA256)
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 4GDqD75hhCz9sW6
	for <incoming@patchwork.ozlabs.org>; Wed, 30 Jun 2021 02:09:11 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
	by smtp3.osuosl.org (Postfix) with ESMTP id C984E608AD;
	Tue, 29 Jun 2021 16:09:09 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from smtp3.osuosl.org ([127.0.0.1])
	by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id ccBDb8qtDlgq; Tue, 29 Jun 2021 16:09:08 +0000 (UTC)
Received: from lists.linuxfoundation.org (lf-lists.osuosl.org
 [IPv6:2605:bc80:3010:104::8cd3:938])
	by smtp3.osuosl.org (Postfix) with ESMTPS id E4EEA60828;
	Tue, 29 Jun 2021 16:09:07 +0000 (UTC)
Received: from lf-lists.osuosl.org (localhost [127.0.0.1])
	by lists.linuxfoundation.org (Postfix) with ESMTP id C5472C0010;
	Tue, 29 Jun 2021 16:09:07 +0000 (UTC)
X-Original-To: dev@openvswitch.org
Delivered-To: ovs-dev@lists.linuxfoundation.org
Received: from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136])
 by lists.linuxfoundation.org (Postfix) with ESMTP id 28CA2C000E
 for <dev@openvswitch.org>; Tue, 29 Jun 2021 16:09:06 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by smtp3.osuosl.org (Postfix) with ESMTP id 0A50C607EA
 for <dev@openvswitch.org>; Tue, 29 Jun 2021 16:09:06 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from smtp3.osuosl.org ([127.0.0.1])
 by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id jfJWwvdkTAt5 for <dev@openvswitch.org>;
 Tue, 29 Jun 2021 16:09:05 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0
Received: from relay8-d.mail.gandi.net (relay8-d.mail.gandi.net
 [217.70.183.201])
 by smtp3.osuosl.org (Postfix) with ESMTPS id CB7C4606E4
 for <dev@openvswitch.org>; Tue, 29 Jun 2021 16:09:04 +0000 (UTC)
Received: (Authenticated sender: numans@ovn.org)
 by relay8-d.mail.gandi.net (Postfix) with ESMTPSA id 0F8B61BF20C;
 Tue, 29 Jun 2021 16:09:00 +0000 (UTC)
From: numans@ovn.org
To: dev@openvswitch.org
Date: Tue, 29 Jun 2021 12:08:49 -0400
Message-Id: <20210629160849.4130753-1-numans@ovn.org>
X-Mailer: git-send-email 2.31.1
MIME-Version: 1.0
Subject: [ovs-dev] [PATCH ovn] northd-ddlog: Add proxy arp flows for
	configured addresses in lsp router port.
X-BeenThere: ovs-dev@openvswitch.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <ovs-dev.openvswitch.org>
List-Unsubscribe: <https://mail.openvswitch.org/mailman/options/ovs-dev>,
 <mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://mail.openvswitch.org/pipermail/ovs-dev/>
List-Post: <mailto:ovs-dev@openvswitch.org>
List-Help: <mailto:ovs-dev-request@openvswitch.org?subject=help>
List-Subscribe: <https://mail.openvswitch.org/mailman/listinfo/ovs-dev>,
 <mailto:ovs-dev-request@openvswitch.org?subject=subscribe>
Errors-To: ovs-dev-bounces@openvswitch.org
Sender: "dev" <ovs-dev-bounces@openvswitch.org>

From: Numan Siddique <numans@ovn.org>

The commit [1] didn't add the ddlog part.

[1] - 8087cbc7462("ovn-northd.c: Add proxy ARP support to OVN")

Signed-off-by: Numan Siddique <numans@ovn.org>
---
 northd/ovn.dl        |  1 +
 northd/ovn.rs        | 13 +++++++++++++
 northd/ovn_northd.dl | 38 ++++++++++++++++++++++++++++++++++++++
 tests/ovn.at         |  4 ++--
 4 files changed, 54 insertions(+), 2 deletions(-)

diff --git a/northd/ovn.dl b/northd/ovn.dl
index f23ea3b9e1..3c7a734ddb 100644
--- a/northd/ovn.dl
+++ b/northd/ovn.dl
@@ -364,6 +364,7 @@ extern function is_dynamic_lsp_address(addr: string): bool
 extern function extract_lsp_addresses(address: string): Option<lport_addresses>
 extern function extract_addresses(address: string): Option<lport_addresses>
 extern function extract_lrp_networks(mac: string, networks: Set<string>): Option<lport_addresses>
+extern function extract_ip_addresses(address: string): Option<lport_addresses>
 
 extern function split_addresses(addr: string): (Set<string>, Set<string>)
 
diff --git a/northd/ovn.rs b/northd/ovn.rs
index d44f83bc75..5f0939409c 100644
--- a/northd/ovn.rs
+++ b/northd/ovn.rs
@@ -184,6 +184,18 @@ pub fn extract_lrp_networks(mac: &String, networks: &ddlog_std::Set<String>) ->
     }
 }
 
+pub fn extract_ip_addresses(address: &String) -> ddlog_std::Option<lport_addresses> {
+    unsafe {
+        let mut laddrs: lport_addresses_c = Default::default();
+        if ovn_c::extract_ip_addresses(string2cstr(address).as_ptr(),
+                                       &mut laddrs as *mut lport_addresses_c) {
+            ddlog_std::Option::Some{x: laddrs.into_ddlog()}
+        } else {
+            ddlog_std::Option::None
+        }
+    }
+}
+
 pub fn ovn_internal_version() -> String {
     unsafe {
         let s = ovn_c::ovn_get_internal_version();
@@ -623,6 +635,7 @@ mod ovn_c {
         pub fn extract_addresses(address: *const raw::c_char, laddrs: *mut lport_addresses_c, ofs: *mut raw::c_int) -> bool;
         pub fn extract_lrp_networks__(mac: *const raw::c_char, networks: *const *const raw::c_char,
                                       n_networks: libc::size_t, laddrs: *mut lport_addresses_c) -> bool;
+        pub fn extract_ip_addresses(address: *const raw::c_char, laddrs: *mut lport_addresses_c) -> bool;
         pub fn destroy_lport_addresses(addrs: *mut lport_addresses_c);
         pub fn is_dynamic_lsp_address(address: *const raw::c_char) -> bool;
         pub fn split_addresses(addresses: *const raw::c_char, ip4_addrs: *mut ovs_svec, ipv6_addrs: *mut ovs_svec);
diff --git a/northd/ovn_northd.dl b/northd/ovn_northd.dl
index 52a6206a18..a7a327c7f0 100644
--- a/northd/ovn_northd.dl
+++ b/northd/ovn_northd.dl
@@ -3360,6 +3360,44 @@ for (CheckLspIsUp[check_lsp_is_up]) {
     }
 }
 
+Flow(.logical_datapath = sw._uuid,
+         .stage            = s_SWITCH_IN_ARP_ND_RSP(),
+         .priority         = 50,
+         .__match          = __match,
+         .actions          = __actions,
+         .external_ids     = stage_hint(sp.lsp._uuid)) :-
+
+    sp in &SwitchPort(.sw = sw, .peer = Some{rp}),
+    rp.is_enabled(),
+    var proxy_ips = {
+        match (sp.lsp.options.get("arp_proxy")) {
+            None -> "",
+            Some {addresses} -> {
+                match (extract_ip_addresses(addresses)) {
+                    None -> "",
+                    Some{addr} -> {
+                        var ip4_addrs = vec_empty();
+                        for (ip4 in addr.ipv4_addrs) {
+                            ip4_addrs.push("${ip4.addr}")
+                        };
+                        string_join(ip4_addrs, ",")
+                    }
+                }
+            }
+        }
+    },
+    proxy_ips != "",
+    var __match = "arp.op == 1 && arp.tpa == {" ++ proxy_ips ++ "}",
+    var __actions = "eth.dst = eth.src; "
+                    "eth.src = ${rp.networks.ea}; "
+                    "arp.op = 2; /* ARP reply */ "
+                    "arp.tha = arp.sha; "
+                    "arp.sha = %s; "
+                    "arp.tpa <-> arp.spa; "
+                    "outport = inport; "
+                    "flags.loopback = 1; "
+                    "output;".
+
 /* For ND solicitations, we need to listen for both the
  * unicast IPv6 address and its all-nodes multicast address,
  * but always respond with the unicast IPv6 address. */
diff --git a/tests/ovn.at b/tests/ovn.at
index db1a0a35c2..31f0b90996 100644
--- a/tests/ovn.at
+++ b/tests/ovn.at
@@ -26940,7 +26940,7 @@ ovs-vsctl -- add-port br-int vif1 -- \
 # And proxy ARP flows for 69.254.239.254 and 169.254.239.2
 # and check that SB flows have been added.
 ovn-nbctl --wait=hv add Logical_Switch_Port rp-ls1 \
-options arp_proxy='"169.254.239.254 169.254.239.2"'
+options arp_proxy='"169.254.239.254,169.254.239.2"'
 ovn-sbctl dump-flows > sbflows
 AT_CAPTURE_FILE([sbflows])
 
@@ -26957,7 +26957,7 @@ AT_CHECK([ovn-sbctl dump-flows | grep ls_in_arp_rsp | grep "169.254.239.2"], [1]
 
 # Add the flows back send arp request and check we see an ARP response
 ovn-nbctl --wait=hv add Logical_Switch_Port rp-ls1 \
-options arp_proxy='"169.254.239.254 169.254.239.2"'
+options arp_proxy='"169.254.239.254,169.254.239.2"'
 
 ls1_p1_mac=00:00:00:01:02:03
 ls1_p1_ip=192.16.1.6